Explorer Problem

**Royalott** · 15-05-2007

For some reason Internet Explorer locks up my machin. It starts opening and then I get an error and a box comes up asking me if I wish to report it to Microsoft, which I do.

The Error Signature is-----AppName: iexplore.exe AppVer: 7.0.6000.16441 ModName: unknown
ModVer: 0.0.0.0 Offset: 009e481d

I have no clue what that is telling me. I have reloaded Explorer 7 with the same results. I contacted Microsoft but since it came with my machine they will not help.

I have no idea where to turn now.

**spud** · 15-05-2007

hi there are you using adobe flash player if so uninstall then reinstall the latest version

if you need more help please get back to me

hope this helps

**Royalott** · 15-05-2007

I uninstalled Flash and reloaded it and there is no change

---AppName: iexplore.exe AppVer: 7.0.6000.16441 ModName: unknown
ModVer: 0.0.0.0 Offset: 009e48ac

Thanks for responding to my problem

**spud** · 15-05-2007

hi again iam going to move this to the spyware section
have a look at the stickies and follow the instruction please
run a new log, and post it in the HJT forum, here. Do not fix anything, yet.
A member, of the HJT Team, will help you out.
Please, be patient, these people are volunteers. They will help you out, as soon as possible.

sorry i cant be more help but they are the best on the net

**Royalott** · 17-05-2007

I am sorry. I just figured out what I was suppse to do next. I hope

There is my log file--

Logfile of HijackThis v1.99.1
Scan saved at 4:58:18 PM, on 5/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ClipCache\clipc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\VSTASCAN\vsaccess.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Adobe\Photoshop CS\Photoshop.exe
C:\DOCUME~1\Royal\LOCALS~1\Temp\~e5d141.tmp
C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\DOCUME~1\Royal\LOCALS~1\Temp\~e5d141.tmp
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
C:\Documents and Settings\Royal\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.incredimail.com/page.asp?...on=IncrediMail
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb103\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\sw g.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb103\Dealio.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\RunOnce: [GrpConv] grpconv.exe -o
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ClipCache] C:\Program Files\ClipCache\clipc.exe /wait 3
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - Startup: UMAX VistaAccess.lnk = C:\VSTASCAN\vsaccess.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb103\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: bw+0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Nv042rvb - NVIDIA Corporation - (no file)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe

Any help is appreciated

**Neal** · 18-05-2007

Welcome,

Not seeing anything in your log.

1. Download this file - COMBOFIX
2. Double click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Post that log in your next reply plus a new hijackthis log.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

**Royalott** · 18-05-2007

I can not get COMBOFIX to download. I click on it and the box comes up but the save to button does not darken so I can click on it and select a place to save it.

**Royalott** · 18-05-2007

I finally got it to download

"Royal" - 2007-05-18 8

16 Service Pack 2
ComboFix 07-05.17.6.V - Running from: "C:\PROGRA~1\MOZILL~1\"

((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-18 ))))))))))))))))))))))))))))))))))

2007-05-15 14:34 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\vsosdk
2007-05-11 07:12 <DIR> d--h----- C:\WINDOWS\msdownld.tmp
2007-05-10 22:25 <DIR> d-------- C:\Program Files\Virtual Earth 3D
2007-05-10 20:52 <DIR> d-------- C:\Garmin
2007-05-09 14:38 <DIR> d-------- C:\Program Files\Smoky City Design
2007-05-08 16:42 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-05-08 06:35 73,928 --a------ C:\WINDOWS\system32\drivers\AnyDVD.sys
2007-05-07 11:53 <DIR> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Talkback
2007-04-18 16:34 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elaborate Bytes
2007-04-18 15:51 <DIR> d-------- C:\CloneDVDTemp
2007-04-18 15:46 <DIR> d-------- C:\Program Files\Elaborate Bytes

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )))

2007-05-18 12:12:08 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\Skype
2007-05-16 23:02:19 -------- d-----w C:\Program Files\TubeSucker
2007-05-15 20:53:39 -------- d-----w C:\Program Files\FlashGet
2007-05-15 20:38:40 1,805 ----a-w C:\WINDOWS\mozver.dat
2007-05-15 18:22:15 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\Vso
2007-05-14 20:15:55 -------- d-----w C:\Program Files\nbpro
2007-05-14 15:55:25 -------- d-----w C:\Program Files\Google
2007-05-08 22:11:00 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\Image Zone Express
2007-04-18 22:02:08 -------- d-----w C:\Program Files\SlySoft
2007-04-17 21:40:01 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\Printer Info Cache
2007-04-17 21:39:52 -------- d-----w C:\Program Files\Common Files\HP
2007-04-17 21:39:51 -------- d-----w C:\Program Files\HP
2007-04-17 16:49:45 -------- d-----w C:\Program Files\Deskshare
2007-04-16 14:20:13 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\U3
2007-04-16 09:02:08 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\BitTorrent
2007-04-16 01:45:10 -------- d-----w C:\Program Files\FLVPlayer
2007-04-15 18

10 -------- d-----w C:\Program Files\Common Files\SWF Studio
2007-04-15 03:08:16 -------- d-----w C:\Program Files\XP Repair Pro 2007
2007-04-15 02:52:13 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-04-15 02:52:08 -------- d-----w C:\Program Files\Musicmatch
2007-04-15 02:52:01 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\Musicmatch
2007-04-14 23:53:43 -------- d-----w C:\Program Files\Space Plasma 3D Screensaver
2007-04-14 23:52:45 -------- d-----w C:\Program Files\3D Space Tour
2007-04-14 23:44:56 -------- d-----w C:\Program Files\3Planesoft Screensaver Manager
2007-04-14 23:44:54 -------- d-----w C:\Program Files\Lagoon 3D Screensaver
2007-04-14 22:22:15 -------- d-----w C:\Program Files\MSN Messenger
2007-04-14 22:13:23 4,563,968 ----a-w C:\WINDOWS\system32\Ocean.scr
2007-04-14 19:03:38 -------- d-----w C:\Program Files\change7
2007-04-14 16:05:57 -------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2007-04-14 00:26:40 -------- d-----w C:\Program Files\Yahoo!
2007-04-14 00:10:14 -------- d-----w C:\Program Files\illiminable
2007-04-13 23:59:32 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\LimeWire
2007-04-13 23:58:31 -------- d-----w C:\Program Files\Incomplete
2007-04-13 23:58:25 -------- d-----w C:\Program Files\LimeWire
2007-04-13 23:47:21 -------- d-----w C:\Program Files\Ares Ultra
2007-04-13 10:40:06 -------- d-----w C:\Program Files\Dealio
2007-04-13 03:02:41 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2007-04-12 21:50:16 2,783,048 ----a-w C:\WINDOWS\system32\GPhotos.scr
2007-04-12 20:54:48 -------- d-----w C:\Program Files\hp photosmart
2007-04-11 20:05:17 -------- d-----w C:\Program Files\AviSynth 2.5
2007-04-11 20:02:18 -------- d-----w C:\Program Files\eRightSoft
2007-04-11 01:24:19 -------- d-----w C:\Program Files\Diskeeper Corporation
2007-04-10 23:31:04 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\NewsBin
2007-04-10 23:24:58 -------- d-----w C:\Program Files\NewsBin
2007-04-10 23:11:16 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\Reallusion
2007-04-10 23:10:50 -------- d-----w C:\Program Files\Reallusion
2007-04-10 13:38:57 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\Ahead
2007-04-10 13:15:16 -------- d-----w C:\Program Files\Common Files\Ahead
2007-04-10 13:13:37 -------- d-----w C:\Program Files\Nero
2007-04-10 02:26:37 -------- d-----w C:\Program Files\IconSaver
2007-04-10 02:20:15 -------- d-----w C:\Program Files\BitTorrent
2007-04-10 02:12:32 -------- d-----w C:\Program Files\QuickPar
2007-04-09 21:19:47 -------- d-----w C:\Program Files\Axara
2007-04-09 21:18:14 -------- d-----w C:\Program Files\Common Files\Axara
2007-04-09 15:53:16 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\Apple Computer
2007-04-09 15:53:10 -------- d-----w C:\Program Files\iTunes
2007-04-09 15:53:03 -------- d-----w C:\Program Files\iPod
2007-04-09 15:52:43 -------- d-----w C:\Program Files\QuickTime
2007-04-09 15:51:57 -------- d-----w C:\Program Files\Apple Software Update
2007-04-06 21:57:15 -------- d-----w C:\Program Files\Windows Defender
2007-04-06 19:52:38 -------- d-----w C:\Program Files\TechSmith
2007-04-06 19:49:11 -------- d-----w C:\Program Files\Atomic Clock Sync
2007-04-06 18:53:06 -------- d-----w C:\Program Files\DAP
2007-04-06 17:06:34 -------- d-----w C:\Program Files\SereneScreen
2007-04-06 16:42:29 12,499 ----a-w C:\WINDOWS\system32\Seagate.bin
2007-04-06 16:28:19 -------- d-----w C:\Program Files\HighCriteria
2007-04-06 16:20:44 -------- d-----w C:\Program Files\FairUse Wizard 2
2007-04-06 12:31:40 -------- d-----w C:\Program Files\MSXML 4.0
2007-04-06 11

37 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\Morpheus Software
2007-04-06 11:20:58 -------- d-----w C:\Program Files\Morpheus Photo Animation Suite
2007-04-06 10

08 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\Lavasoft
2007-04-06 10:55:33 -------- d-----w C:\Program Files\Lavasoft
2007-04-06 00:39:32 -------- d-----w C:\Program Files\Morpheus Photo Compressor
2007-04-06 00:31:33 4,608 ----a-w C:\WINDOWS\system32\w95inf32.dll
2007-04-06 00:31:33 2,272 ----a-w C:\WINDOWS\system32\w95inf16.dll
2007-04-06 00:30:12 -------- d-----w C:\Program Files\Ulead Systems
2007-04-06 00:25:53 -------- d-----w C:\Program Files\ClipCache
2007-04-06 00:25:27 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\SlySoft
2007-04-05 23:59:46 87,608 ----a-w C:\DOCUME~1\Royal\APPLIC~1\ezpinst.exe
2007-04-05 23:59:46 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys
2007-04-05 23:59:46 47,360 ----a-w C:\DOCUME~1\Royal\APPLIC~1\pcouffin.sys
2007-04-05 23:59:39 -------- d-----w C:\Program Files\LG Software Innovations
2007-04-05 23:39:12 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\Google
2007-04-05 23:37:03 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\Help
2007-04-05 21:40:30 -------- d-----w C:\Program Files\Messenger
2007-04-05 21:28:56 -------- d-----w C:\Program Files\Common Files\FotoWire
2007-04-05 21:28:56 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\FotoWire
2007-04-05 21:28:55 -------- d-----w C:\Program Files\Logitech
2007-04-05 21:17:49 -------- d-----w C:\Program Files\Common Files\Logitech
2007-04-05 21:16:17 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2007-04-05 21:14:54 -------- d-----w C:\Program Files\Common Files\InstallShield
2007-04-05 19:58:44 -------- d-----w C:\Program Files\WIDCOMM
2007-04-05 19:12:00 -------- d-----w C:\Program Files\Creative
2007-04-05 18:47:39 -------- d-----w C:\Program Files\Movie Maker
2007-04-05 18:45:04 -------- d-----w C:\Program Files\Windows NT
2007-04-05 17:49:17 -------- d-----w C:\Program Files\Skype
2007-04-05 17:49:17 -------- d-----w C:\Program Files\Common Files\Skype
2007-04-05 17:29:36 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\Talkback
2007-04-05 17:29:23 0 ----a-w C:\WINDOWS\nsreg.dat
2007-04-05 17:22:33 -------- d-----w C:\DOCUME~1\Royal\APPLIC~1\MSN6
2007-04-05 17:16:38 512,096 ----a-w C:\WINDOWS\system32\drivers\amon.sys
2007-04-05 17:16:38 298,104 ----a-w C:\WINDOWS\system32\imon.dll
2007-04-05 17:16:38 15,424 ----a-w C:\WINDOWS\system32\drivers\nod32drv.sys
2007-04-05 16:47:18 -------- d-----w C:\Program Files\IncrediMail
2007-04-05 16:46:40 -------- d--h--w C:\Program Files\WindowsUpdate
2007-04-05 16:02:43 -------- d-----w C:\Program Files\CyberLink
2007-04-05 15:23:07 -------- d-----w C:\Program Files\microsoft frontpage
2007-04-05 15:22:57 0 --sha-r C:\MSDOS.SYS
2007-04-05 15:22:57 0 --sha-r C:\IO.SYS
2007-04-05 15:22:57 0 ----a-w C:\CONFIG.SYS
2007-04-05 15:22:57 0 ----a-w C:\AUTOEXEC.BAT
2007-04-05 15

10 -------- d-----w C:\Program Files\Common Files\MSSoap
2007-04-05 15:20:51 21,640 ----a-w C:\WINDOWS\system32\emptyregdb.dat
2007-04-05 15:20:10 -------- d-----w C:\Program Files\Online Services
2007-04-05 15:20:02 -------- d-----w C:\Program Files\MSN Gaming Zone
2007-04-05 09:14:15 -------- d-----w C:\Program Files\Common Files\ODBC
2007-04-05 09:14:12 -------- d-----w C:\Program Files\Common Files\SpeechEngines
2007-04-01 12:34:21 86,016 ----a-w C:\WINDOWS\system32\ElbyCDIO.dll
2007-03-17 13:43:01 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
2007-03-15 12

52 627,840 ----a-w C:\WINDOWS\system32\drivers\Envy24HF.sys
2007-03-14 23:27:58 972,336 ----a-w C:\WINDOWS\UNRecode.exe
2007-03-14 23:20:38 133,168 ----a-w C:\WINDOWS\system32\drivers\imagesrv.sys
2007-03-14 23:20:36 11,568 ----a-w C:\WINDOWS\system32\drivers\imagedrv.sys
2007-03-14 23:19:56 95,864 ----a-w C:\WINDOWS\system32\NeroCo.dll
2007-03-14 23:19:26 972,336 ----a-w C:\WINDOWS\UNNeroBackItUp.exe
2007-03-12 17:51:08 972,336 ----a-w C:\WINDOWS\UNNeroMediaHome.exe
2007-03-08 15:36:28 577,536 ----a-w C:\WINDOWS\system32\user32.dll
2007-03-08 15:36:28 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
2007-03-08 15:36:28 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-03-08 13:47:48 1,843,584 ----a-w C:\WINDOWS\system32\win32k.sys
2007-03-01 00:53:50 972,336 ----a-w C:\WINDOWS\UNNeroVision.exe
2007-02-28 19:41:02 972,336 ----a-w C:\WINDOWS\UNNeroShowTime.exe
2007-02-05 20:17:02 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects]
{00C6482D-C502-44C8-8409-FCE54AD9C208}=C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll [2006-06-20 08:10]
{53707962-6F74-2D53-2644-206D7942484F}=C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2005-05-31 01:04]
{6A87B991-A31F-4130-AE72-6D0C294BF082}=C:\Program Files\Dealio\kb103\Dealio.dll [2007-02-06 19:31]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 20:33]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar2.dll [2007-01-19 23:55]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\sw g.dll [2007-04-11 09:04]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-07-08 08:42]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-04-05 13:16]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-28 13:30]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-06-01 11:09]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2007-03-25 19:16]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-03-30 13:34]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-06-01 06:46]
"ClipCache"="C:\Program Files\ClipCache\clipc.exe" [2000-12-08 21:50]
"NvMediaCenter"="C:\WINDOWS\System32\NVMCTRAY.DLL, NvTaskbarInit" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-05-08 15:41]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\runonce]
"GrpConv"="grpconv.exe -o"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~4\GOEC62~ 1.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Authentication Packages msv1_0
Security Packages kerberos msv1_0 schannel wdigest
Notification Packages scecli

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Active Web Reader]
C:\Program Files\Deskshare\Active Web Reader\Active Web Reader.exe -background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
"C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EssSpkPhone]
essspk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService Alerter WebClient LmHosts RemoteRegistry upnphost SSDPSRV
NetworkService DnsCache
rpcss RpcSs
imgsvc StiSvc
termsvcs TermService
HTTPFilter HTTPFilter
DcomLaunch DcomLaunch TermService

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{172d8817-e38f-11db-8a42-0007e9572759}]
Shell\AutoRun\command G:\LaunchU3.exe -a

[HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{172d8822-e38f-11db-8a42-0007e9572759}]
Shell\AutoRun\command F:\passwords.exe
Shell\open\command F:\passwords.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2\{172d8825-e38f-11db-8a42-0007e9572759}]
Shell\AutoRun\command H:\passwords.exe
Shell\open\command H:\passwords.exe

*newlycreated* -PROCEXP90

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

************************************************** ******************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-18 08:22:58
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ******************

Completion time: 2007-05-18 8:23:42
C:\ComboFix-quarantined-files.txt ... 2007-05-18 08:23

--- E O F ---
Logfile of HijackThis v1.99.1
Scan saved at 8:40:18 AM, on 5/18/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ClipCache\clipc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\VSTASCAN\vsaccess.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Royal\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.incredimail.com/page.asp?...on=IncrediMail
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb103\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\sw g.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb103\Dealio.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\RunOnce: [GrpConv] grpconv.exe -o
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [ClipCache] C:\Program Files\ClipCache\clipc.exe /wait 3
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - Startup: UMAX VistaAccess.lnk = C:\VSTASCAN\vsaccess.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb103\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: bw+0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {CD64E2ED-6B01-4EA9-B624-3CC72B2C864E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Nv042rvb - NVIDIA Corporation - (no file)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe

**Neal** · 18-05-2007

Don't see a thing.

Have you scanned with Nod32 you have?

This may not be a virus issue and if the next scan doesn't show something I suggest you go "back" to the other side of this forum for help as malware issues is all I deal with.

Do an online scan (scan only tool) with Kaspersky WebScanner
[Internet Explorer required]

Click on Kaspersky Online Scanner

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.

The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT
Now click on Scan Settings
In the scan settings make sure that the following are selected:
- Scan using the following Anti-Virus database:
  - Extended (if available otherwise Standard)
- Scan Options:
  - Scan Archives
  - Scan Mail Bases
Click OK
Now under select a target to scan:
- Select My Computer
This program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
- Now click on the Save as Text button:
Save the file to your desktop.

Post the results of the scan back here please and a new hijackthis log.

**Royalott** · 18-05-2007

I clicked on the link and the box came up asking me if I except their rules. I clicked Accept and nothing happens. I have tried it a number of times.

It tells me that it will only work with Explorer 5 or above and I use Mozilla. I can not use my Microsoft Explorer. That is what my original problem was. Explorer will not open.

I can not download this program with Mozilla it seems

Explorer Problem

Explorer Problem

Similar Threads

explorer.exe problem

explorer.exe problem

explorer.exe problem

explorer problem