Hi. I had cyberlog-x on my computer. I did a hijack this log and fix. This removed the popup and the icon on my toolbar. I was told to run combofix or dss. I am unable to open any page that has the downloads. My browser either takes me to an advertising page or just won't open the page. This also happens when trying to access some other tech forums. Can anyone help?
kalynn0225 0 Newbie Poster
crunchie 990 Most Valuable Poster Team Colleague Featured Poster
Hi and welcome to the Daniweb forums :).
==========
Post your hijackthis log. Let me know what you fixed with hijackthis and what files you deleted.
kalynn0225 0 Newbie Poster
Hi and welcome to the Daniweb forums :).
==========
Post your hijackthis log. Let me know what you fixed with hijackthis and what files you deleted.
Here is my recent hijackthis log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:55:08 AM, on 6/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\AOL\1116264636\ee\AOLSoftware.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\system32\ctfmon.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Yahoo!\browser\ybrowser.exe
C:\PROGRA~1\McAfee\MWL\MwlGui.exe
C:\PROGRA~1\McAfee\MWL\MwlSvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
O1 - Hosts: 205.238.40.51 www.winmx.com err.winmx.com
O1 - Hosts: 205.238.40.2 test3201.winmx.com test3205.winmx.com
O1 - Hosts: 205.238.40.2 test3202.winmx.com test3206.winmx.com
O1 - Hosts: 205.238.40.1 test3203.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3204.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1116264636\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [MWLExe] C:\PROGRA~1\McAfee\MWL\MwlGui.exe /Start
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr_.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSzed068JIUS_ZSYYYYYYYYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: Yahoo! Gin - http://download.games.yahoo.com/games/clients/y/nt1_x.cab
O16 - DPF: Yahoo! Hearts - http://download.games.yahoo.com/games/clients/y/ht1_x.cab
O16 - DPF: Yahoo! Literati - http://download2.games.yahoo.com/games/clients/y/tt5_x.cab
O16 - DPF: Yahoo! Word Racer - http://origin.games.yahoo.net/games/clients/y/wt1_x.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Wireless Security Service (MwlSvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MWL\MwlSvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE
--
End of file - 26963 bytes
Here is what I deleted prior:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\system32\spywarewarning.mht
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [IEUpdate] C:\WINDOWS\system32\1025m.exe
O4 - HKLM\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1025m.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [IEUpdate] C:\WINDOWS\system32\1025m.exe
O4 - HKCU\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1025m.exe
O4 - HKUS\S-1-5-18\..\Run: [IEUpdate] C:\WINDOWS\system32\1025m.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1025m.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [IEUpdate] C:\WINDOWS\system32\1025m.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1025m.exe (User 'Default user')
As I said I cannot download combofix or dss.exe also I cannot access other tech forums. My browser will not open the pages. Thank you for any help.
kalynn0225 0 Newbie Poster
Ok I got dss through a flash drive here are the logs
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:09:02 PM, on 6/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Common Files\AOL\1116264636\ee\AOLSoftware.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\system32\ctfmon.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee\MWL\MwlGui.exe
C:\PROGRA~1\McAfee\MWL\MwlSvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe
F:\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Kathy.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
O1 - Hosts: 205.238.40.51 www.winmx.com err.winmx.com
O1 - Hosts: 205.238.40.2 test3201.winmx.com test3205.winmx.com
O1 - Hosts: 205.238.40.2 test3202.winmx.com test3206.winmx.com
O1 - Hosts: 205.238.40.1 test3203.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3204.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1116264636\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [MWLExe] C:\PROGRA~1\McAfee\MWL\MwlGui.exe /Start
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr_.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSzed068JIUS_ZSYYYYYYYYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: Yahoo! Gin - http://download.games.yahoo.com/games/clients/y/nt1_x.cab
O16 - DPF: Yahoo! Hearts - http://download.games.yahoo.com/games/clients/y/ht1_x.cab
O16 - DPF: Yahoo! Literati - http://download2.games.yahoo.com/games/clients/y/tt5_x.cab
O16 - DPF: Yahoo! Word Racer - http://origin.games.yahoo.net/games/clients/y/wt1_x.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Wireless Security Service (MwlSvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MWL\MwlSvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE
--
End of file - 26449 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20080625-163243-678 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\system32\spywarewarning.mht
backup-20080626-090035-147 O4 - HKUS\.DEFAULT\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1025m.exe (User 'Default user')
backup-20080626-090035-314 O4 - HKCU\..\Run: [IEUpdate] C:\WINDOWS\system32\1025m.exe
backup-20080626-090035-415 O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
backup-20080626-090035-450 O4 - HKUS\S-1-5-18\..\Run: [IEUpdate] C:\WINDOWS\system32\1025m.exe (User 'SYSTEM')
backup-20080626-090035-489 R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
backup-20080626-090035-559 O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
backup-20080626-090035-572 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\system32\spywarewarning.mht
backup-20080626-090035-681 O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
backup-20080626-090035-691 O4 - HKLM\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1025m.exe
backup-20080626-090035-731 O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
backup-20080626-090035-755 O4 - HKUS\S-1-5-18\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1025m.exe (User 'SYSTEM')
backup-20080626-090035-823 O4 - HKLM\..\Run: [IEUpdate] C:\WINDOWS\system32\1025m.exe
backup-20080626-090035-926 O4 - HKCU\..\RunServices: [IEUpdate] C:\WINDOWS\system32\1025m.exe
backup-20080626-090035-996 O4 - HKUS\.DEFAULT\..\Run: [IEUpdate] C:\WINDOWS\system32\1025m.exe (User 'Default user')
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 agp440 (Intel AGP Bus Filter) - c:\windows\\systemroot\system32\drivers\agp440.sys (file missing)
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R2 dsunidrv (DellSupport UniDriver) - c:\windows\system32\drivers\dsunidrv.sys <Not Verified; Gteko Ltd.; Gteko Diagnostics>
R3 SjyPkt - c:\windows\system32\drivers\sjypkt.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
S3 BVRPMPR5 (BVRPMPR5 NDIS Protocol Driver) - d:\instal~e\core\bvrpmpr5.sys (file missing)
S3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys (file missing)
S3 iAimTV2 - c:\windows\system32\drivers\watv03nt.sys (file missing)
S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 MwlSvc (McAfee Wireless Security Service) - c:\progra~1\mcafee\mwl\mwlsvc.exe <Not Verified; McAfee, Inc.; McAfee Wireless Home Network Security>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>
S2 AOLService (AOL Spyware Protection Service) - c:\program files\common files\aol\aol spyware protection\\aolserv.exe (file missing)
S3 DSBrokerService - "c:\program files\dellsupport\brkrsvc.exe" (file missing)
S3 YPCService - c:\windows\system32\ypcser~1.exe <Not Verified; Yahoo! Inc.; YPCService Module>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-03-15 03:05:34 264 --a------ C:\WINDOWS\Tasks\McDefragTask.job
2007-10-01 01:00:00 356 --a------ C:\WINDOWS\Tasks\McQcTask.job
2007-06-10 13:31:45 156 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2008-05-29 and 2008-06-29 -----------------------------
2008-06-25 13:20:59 0 d-------- C:\Program Files\Trend Micro
2008-06-23 19:00:46 92672 -r-hs---- C:\WINDOWS\system32\1025m.exe
-- Find3M Report ---------------------------------------------------------------
2008-06-24 15:16:48 0 d-------- C:\Program Files\Windows Media Connect 2
2008-06-24 09:54:05 0 d-------- C:\Program Files\MySpace
2008-06-24 09:52:22 0 d-------- C:\Program Files\AIM Toolbar
2008-06-17 10:26:41 0 d-------- C:\Documents and Settings\Kathy\Application Data\Yahoo!
2008-05-30 14:13:06 135150 --a------ C:\WINDOWS\hpwins10.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [04/24/2003 02:58 PM]
"DVDSentry"="C:\WINDOWS\System32\DSentry.exe" [08/14/2002 04:22 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [08/28/2003 06:47 AM]
"AdaptecDirectCD"="C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [12/17/2002 10:28 AM]
"ezShieldProtector for Px"="C:\WINDOWS\System32\ezSP_Px.exe" [08/20/2002 11:29 AM]
"WildTangent CDA"="C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll" [05/21/2004 04:12 PM]
"YBrowser"="C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe" [07/21/2006 04:19 PM]
"IPInSightLAN 01"="C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" [06/11/2003 01:52 AM]
"IPInSightMonitor 01"="C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe" [06/11/2003 01:52 AM]
"Motive SmartBridge"="C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe" [12/10/2003 04:52 AM]
"HostManager"="C:\Program Files\Common Files\AOL\1116264636\ee\AOLSoftware.exe" [05/09/2006 05:24 PM]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" []
"YOP"="C:\PROGRA~1\Yahoo!\YOP\yop.exe" [04/22/2005 08:49 PM]
"mmtask"="C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" [01/17/2006 01:03 PM]
"MWLExe"="C:\PROGRA~1\McAfee\MWL\MwlGui.exe" [11/17/2006 08:04 PM]
"IPHSend"="C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe" [02/17/2006 09:59 AM]
"ViewMgr"="C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr_.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [04/27/2007 09:41 AM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [06/01/2007 04:51 PM]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [08/04/2007 02:33 AM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [12/10/2006 09:52 PM]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" []
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 09:24 AM]
"Yahoo! Pager"="1" []
"Aim6"="" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 12:56 AM]
C:\Documents and Settings\Kathy\Start Menu\Programs\Startup\
DESKTOP.INI [9/3/2002 7:00:00 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DESKTOP.INI [9/3/2002 7:00:00 AM]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [8/28/2003 6:37:04 AM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [1/2/2007 9:40:10 PM]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/12/2001 11:01:04 PM]
SBC Self Support Tool.lnk - C:\Program Files\SBC Self Support Tool\bin\matcli.exe [4/5/2005 2:08:55 PM]
WG111v2 Smart Wizard Wireless Setting.lnk - C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe [6/22/2006 5:13:53 PM]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"IEUpdate"= C:\WINDOWS\system32\1025m.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk
backup=C:\WINDOWS\pss\HotSync Manager.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak software updater.lnk
backup=C:\WINDOWS\pss\Kodak software updater.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
C:\Program Files\Logitech\Video\LogiTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt hpqcxs08 hpqddsvc
*Newly Created Service* - SJYPKT
-- Hosts -----------------------------------------------------------------------
205.238.40.51 www.winmx.com err.winmx.com
205.238.40.2 test3201.winmx.com test3205.winmx.com
205.238.40.2 test3202.winmx.com test3206.winmx.com
205.238.40.1 test3203.winmx.com test3207.winmx.com
82.43.224.20 test3204.winmx.com test3208.winmx.com
205.238.40.2 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
205.238.40.2 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
205.238.40.2 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
205.238.40.2 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
205.238.40.2 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
15 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2008-06-29 13:11:54 -----------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: Intel(R) Pentium(R) 4 CPU 2.40GHz
Percentage of Memory in Use: 72%
Physical Memory (total/avail): 254.98 MiB / 71.2 MiB
Pagefile Memory (total/avail): 625.97 MiB / 239.97 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1922.13 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 38.24 GiB total, 20.41 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is Removable (FAT)
\\.\PHYSICALDRIVE0 - Maxtor 6E040L0 - 38.29 GiB - 2 partitions
\PARTITION0 - Unknown - 39.19 MiB
\PARTITION1 (bootable) - Installable File System - 38.24 GiB - C:
\\.\PHYSICALDRIVE1 - Memorex TD Classic 003C USB Device - 980.53 MiB - 1 partition
\PARTITION0 (bootable) - Win95 w/Extended Int 13 - 983.98 MiB - F:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
AntiVirusDisableNotify is set.
FW: McAfee Personal Firewall v (McAfee)
AV: McAfee VirusScan v (McAfee)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\America Online 9.0a\\waol.exe"="C:\\Program Files\\America Online 9.0a\\waol.exe:*:Enabled:America Online 9.0a"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\1116264636\\ee\\aolservicehost.exe"="C:\\Program Files\\Common Files\\AOL\\1116264636\\ee\\aolservicehost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe:*:Disabled:backWeb-7288971"
"C:\\Program Files\\Dell Computer\\Dell Picture Studio v2.0\\launch.exe"="C:\\Program Files\\Dell Computer\\Dell Picture Studio v2.0\\launch.exe:*:Enabled:Jasc Paint Shop Photo Album Application"
"C:\\Program Files\\WinMX\\WinMX.exe"="C:\\Program Files\\WinMX\\WinMX.exe:*:Enabled:WinMX Application"
"C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\\Program Files\\America Online 9.0a\\waol.exe"="C:\\Program Files\\America Online 9.0a\\waol.exe:*:Enabled:America Online 9.0a"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPAGER.EXE"="C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YPAGER.EXE:*:Enabled:Yahoo! Messenger"
"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe"="C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\Yahoo!\\browser\\ybrowser.exe"="C:\\Program Files\\Yahoo!\\browser\\ybrowser.exe:*:Enabled:Yahoo! Browser"
"C:\\Program Files\\Common Files\\AOL\\1116264636\\ee\\aolservicehost.exe"="C:\\Program Files\\Common Files\\AOL\\1116264636\\ee\\aolservicehost.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\Common Files\\aol\\1116264636\\EE\\aolsoftware.exe"="C:\\Program Files\\Common Files\\aol\\1116264636\\EE\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\aol\\1116264636\\EE\\aim6.exe"="C:\\Program Files\\Common Files\\aol\\1116264636\\EE\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\McAfee\\MWL\\MWLSvc.exe"="C:\\Program Files\\McAfee\\MWL\\MWLSvc.exe:*:Enabled:McAfee Wireless Home Network Security"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe:*:Enabled:MySpaceIM"
"C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"="C:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe:*:Enabled:McAfee Network Agent"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Kathy\Application Data
CLASSPATH=.;C:\Program Files\JavaSoft\JRE\1.3.0_02\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=LYNNFAM
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Kathy
LOGONSERVER=\\LYNNFAM
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\JavaSoft\JRE\1.3.0_02\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Kathy\LOCALS~1\Temp
TMP=C:\DOCUME~1\Kathy\LOCALS~1\Temp
USERDOMAIN=LYNNFAM
USERNAME=Kathy
USERPROFILE=C:\Documents and Settings\Kathy
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
Kathy (admin)
Tom (admin)
Michael
Jon
-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\SBC Yahoo!\umuninst.exe" /S
--> C:\PROGRA~1\SBCSEL~1\CustomUninstall.exe SBC
--> C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer --> MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
360Share(remove only) --> "C:\Program Files\360Share\bt-uninst.exe"
Adobe Acrobat 4.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Shockwave Player --> C:\WINDOWS\SYSTEM32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Adobe\SHOCKW~1\Install.log
AIM 6 --> C:\Program Files\AIM6\uninst.exe
AOL Browser --> C:\Program Files\Common Files\AOL\1116264636\EE\services\browser\ver1_0_110\uninst.exe
AOL Explorer --> C:\Program Files\Common Files\AOL\1116264636\ee\services\browser\ver1_1_1042\uninst.exe
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
AOL Toolbar 2.0 --> "C:\Program Files\AOL\AOL Toolbar 2.0\uninstall.exe"
AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe
Apple Software Update --> MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
AT&T Yahoo! Applications --> C:\PROGRA~1\Yahoo!\Common\uninstall.exe
BroadJump Client Foundation --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BroadJump\Client Foundation\Uninst.isu" -c"C:\Program Files\BroadJump\Client Foundation\RmvBJCFD.dll" -b"CFD" -h"CFD" -a
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Conexant SmartHSFi V92 56K DF PCI Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2702\HXFSETUP.EXE -U -IDel8d8xk.INF
CR2 --> MsiExec.exe /I{432C3720-37BF-4BD7-8E49-F38E090246D0}
DAO --> MsiExec.exe /I{64116298-93C5-401D-B06C-39D8E3338508}
Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Solution Center --> MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
Digital Line Detect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
DVDSentry --> MsiExec.exe /I{98DF85D9-96C0-4F57-A92E-C3539477EF5E}
Easy CD Creator 5 Basic --> MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}
ESSBrwr --> MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSCT --> MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}
ESSEMAIL --> MsiExec.exe /I{FEDE2483-87B7-44C1-A5BB-D75AEB8B6340}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp --> MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSSONIC --> MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331}
ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvcpt --> MsiExec.exe /I{D1973749-F5E7-40EB-B528-F2B78685B9FF}
ESSvpaht --> MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}
ESSvpot -->
crunchie 990 Most Valuable Poster Team Colleague Featured Poster
Can you please do the following.
===============
Go to Add/Remove programs and uninstall the following, if present:
MyWebSearch
Viewpoint Manager
WildTangent
The above could appear anywhere within the entry. Be careful not to remove any personal or system software.
===============
Scan with HijackThis and then place a check next to all the following, if present:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr_.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...S_ZSYYYYYYYYUS
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
Now, close all instances of Internet Explorer and any other windows you have open except HiJackThis, click "Fix checked".
===============
Locate and delete the following item(s), if present. Make sure you are able to view system and hidden files/ folders:
folders...
C:\Program Files\Viewpoint
C:\Program Files\WildTangent
C:\PROGRA~1\MYWEBS~1
-
Note that some of these file(s)/folder(s) may or may not be present. If present, and cannot be deleted because they're 'in use', try deleting them in Safe Mode by doing the following:
- Restart your computer
- After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
- Instead of Windows loading as normal, a menu should appear.
Select the first option to run Windows in Safe Mode hit enter.
-
Reboot.
===============
After rebooting, rescan with hijackthis and post back a new log. Please let me know how your pc is now.
kalynn0225 0 Newbie Poster
Did all that. Still unable to access certain websites and unable to download combofix and dss. Here is hijackthis log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:52:56 PM, on 6/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe
C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
C:\PROGRA~1\Yahoo!\YOP\yop.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\PROGRA~1\McAfee\MWL\MwlGui.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\AOL\1116264636\ee\aolsoftware.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\system32\ctfmon.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\MWL\MwlSvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com
O1 - Hosts: 205.238.40.51 www.winmx.com err.winmx.com
O1 - Hosts: 205.238.40.2 test3201.winmx.com test3205.winmx.com
O1 - Hosts: 205.238.40.2 test3202.winmx.com test3206.winmx.com
O1 - Hosts: 205.238.40.1 test3203.winmx.com test3207.winmx.com
O1 - Hosts: 82.43.224.20 test3204.winmx.com test3208.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com
O1 - Hosts: 205.238.40.1 c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\4608\SiteAdv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1116264636\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [MWLExe] C:\PROGRA~1\McAfee\MWL\MwlGui.exe /Start
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: AT&T Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: Yahoo! Gin - http://download.games.yahoo.com/games/clients/y/nt1_x.cab
O16 - DPF: Yahoo! Hearts - http://download.games.yahoo.com/games/clients/y/ht1_x.cab
O16 - DPF: Yahoo! Literati - http://download2.games.yahoo.com/games/clients/y/tt5_x.cab
O16 - DPF: Yahoo! Word Racer - http://origin.games.yahoo.net/games/clients/y/wt1_x.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {902CFBBF-48DD-4DD3-8FF2-5A9B5C165DED} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Common Files\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Wireless Security Service (MwlSvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MWL\MwlSvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\SYSTEM32\YPCSER~1.EXE
--
End of file - 25332 bytes
crunchie 990 Most Valuable Poster Team Colleague Featured Poster
Did all that. unable to download combofix and dss.
Strange, I could swear I see a DSS log above :).
Download Dial-a-Fix and run it. Select the 'Check all' (green arrow) and then hit 'GO.'
Reboot when done and see how things are now.
kalynn0225 0 Newbie Poster
Sorry i guess i replied in the wrong place. I got dss through a flash drive. Anyway, i ran Counterspy which found 2 trojans and rogue spyware. Everything is working fine now. Thank you for all of your help.
crunchie 990 Most Valuable Poster Team Colleague Featured Poster
No worries :)
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.