Slow Start-up,internet,games,ram etc.

lynto · #1 (**permalink**) 04-12-2007, 08:54 PM

Hi Guys,
Back again as you helped me with another problem i hope you can help me with this one.Everything ok until about a week ago when every thing started to go slow.Have deleted some recently installed programs and run anti-virus, disk clean-up etc but to no avail. Now hoping some of you guys can give a hand.HijackThis and uninstall list attached.
Thanks in advance (please the wife is giving me earache over this)
Tony.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:24:22, on 04/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\UAService7.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Innovative Solutions\Innovative System Optimizer - version 1.9

\MemoryOptimizer.exe
C:\WINDOWS\system32\wltray.exe
C:\Program Files\Lexmark 6300 Series\lxcdmon.exe
C:\Program Files\Lexmark 6300 Series\ezprint.exe
C:\WINDOWS\system32\lxcdcoms.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\QuickTime\QTTask.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =

http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bt.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://home.bt.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =

http://uk.red.clientapps.yahoo.com/c...cs.yahoo.com/i

nfo/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://uk.red.clientapps.yahoo.com/c...arch.yahoo.com

/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bt.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride =

127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program

Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program

Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1

\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program

Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program

Files\Yahoo!\browser\YSidebarIEBHO.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft

Money\System\mnyviewer.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program

Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [InnovativeMemoryOptimizer] C:\Program Files\Innovative

Solutions\Innovative System Optimizer - version 1.9\MemoryOptimizer.exe
O4 - HKLM\..\Run: [wltray.exe] C:\WINDOWS\system32\wltray.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [lxcdmon.exe] "C:\Program Files\Lexmark 6300 Series\lxcdmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6300 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3

\LXCDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32

\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5

\avgas.exe" /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL

SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User

'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK

SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User

'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User

'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0

\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?

p=ZBzeb032YYGB
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3

\OFFICE11\EXCEL.EXE/3000
O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.co.uk
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) -

http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation

Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} (RegUserCfgUI Class) -

http://us.dl1.yimg.com/download.yaho...1/yregucfg.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -

http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) -

http://watcherswebclubhouse.com/down...clubhouse.com-

download_instmodule.exe
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) -

http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) -

http://zone.msn.com/binframework/v10...t.cab55579.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) -

http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) -

http://www.shockwave.com/content/lux...jolauncher.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) -

http://zone.msn.com/bingame/zpagames...1.cab55579.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) -

http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) -

http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -

http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) -

http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) -

http://a532.g.akamai.net/f/532/6712/...stall3.0/Insta

ller.exe
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) -

http://help.broadbandassist.com/preq...ivePreQual.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) -

http://zone.msn.com/binframework/v10...y.cab55579.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -

http://www.shockwave.com/content/bej...loader_v10.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -

http://www.driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{072BE6CA-CD06-4B43-8B69-AA00DF641AD6}: NameServer =

85.255.113.94,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{4838D976-E517-40BF-88BD-A54FAC799D1A}: NameServer =

85.255.113.94,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{84E461C2-A9B0-45B1-AD7D-8501E8125F7A}: NameServer =

85.255.113.94,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C6F3FF3-44A7-49FA-862C-7E4BCBDE768D}: NameServer =

85.255.113.94,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{92FF6067-3D79-4E08-8BC4-F43DC71C54A9}: NameServer =

85.255.113.94,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\..\{E50CA547-5CE7-4EED-B509-98F845AB6E0C}: NameServer =

85.255.113.94,85.255.112.234
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.94 85.255.112.234
O17 - HKLM\System\CS1\Services\Tcpip\..\{072BE6CA-CD06-4B43-8B69-AA00DF641AD6}: NameServer =

85.255.113.94,85.255.112.234
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.94 85.255.112.234
O18 - Protocol: bw+0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program

Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-

Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1

\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1

\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1

\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program

Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxcd_device - Unknown owner - C:\WINDOWS\system32\lxcdcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -

C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. -

C:\WINDOWS\system32\UAService7.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner -

C:\WINDOWS\System32\wltrysvc.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 22370 bytes

ABBYY FineReader 6.0 Sprint
Ad-Aware 2007
Adobe MPEG Encoder
Adobe Photoshop 7.0
Adobe Premiere 6.5
Adobe Reader 7.0.9
Adobe Shockwave Player
Advanced RealMedia Export Plug-in for Premiere 6.0
Age of Empires III
Airbus A330-300RR V2.1
AVG Anti-Spyware 7.5
AVG Free Edition
Avro 618 Ten for FSX or FS2004
BT Broadband Desktop Help
BT Home Hub
BT Softphone 1.5.3.6
BT Voyager 205 ADSL Router
BT Voyager Wireless Utility
BT Wireless Connection Manager
BT Yahoo! Applications
Call of Duty(R) 2
CamfrogWEB Advanced ActiveX Plugin (remove only)
CCleaner (remove only)
ColdFear
CSI-Dark Motives
Data Lifeguard
EA Link
EA SPORTS online 2007
Far Cry
FinePixViewer Ver.4.0
FUJIFILM USB Driver
Google Earth
HijackThis 2.0.2
ImageMixer VCD for FinePix
Innovative System Optimizer - version 1.9
iolo technologies' System Mechanic 4
J2SE Runtime Environment 5.0 Update 7
Lexmark 6300 Series
Lizardtech Express View
Logitech Desktop Messenger
Logitech Gaming Software
Logitech SetPoint
Medal of Honor Allied Assault
Medal of Honor Allied Assault(tm) Breakthrough
Medal of Honor Allied Assault(tm) Spearhead
MediaLife
Men of Valor
Microsoft .NET Framework 2.0
Microsoft Age of Empires II
Microsoft Creative Writer 2
Microsoft Flight Simulator X
Microsoft Flight Simulator X
Microsoft Flight Simulator X Service Pack 1
Microsoft Interactive Training
Microsoft Money
Microsoft Money System Pack
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 6.0
MicroStaff WINASPI NT
MSN Gaming Zone
MSN Messenger 7.5
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser and SDK
NVIDIA Drivers
OpenAL
PartyPoker
PowerDVD
Quick StartUp 1.5
QuickTime
RAW FILE CONVERTER LE
RealArcade
RealPlayer Basic
Red Faction
Return to Castle Wolfenstein
Rogue Spear
Scooby-Doo 2 - Monsters Unleashed
Secret Weapons Over Normandy
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB911565)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB903235)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928090)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931768)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB937143)
Security Update for Windows XP (KB938127)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB939653)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB943460)
Short Empire for FSX or FS2004
Short Sandringham for FSX or FS2004
Shrek 2 Activity Center
Shrek Activity Center
Silent Hunter II
SoundMAX
SpongeBob SquarePants Employee of the Month
SpongeBob SquarePants® Operation Krabby Patty
System Requirements Lab
The Settlers III Gold Edition
The Settlers IV
Tiger Woods PGA TOUR 07
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Urban Operations
Victor Chandler
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
X2 - The Threat

Neal · #2 (**permalink**) 04-12-2007, 09:33 PM

Welcome,

AVG Anti-Spyware (formerly ewido)

Launch AVG Anti-Spyware and in the main window click "Realtime protection" (in green indicating "Active") to change to inactive. It may interfer with the fix.

You may want to print out these instructions for reference, since you will have to restart your computer during the fix.

Please download FixWareout from one of these sites:
http://downloads.subratam.org/Fixwareout.exe
http://www.bleepingcomputer.com/file...Fixwareout.exe

Save it to your desktop and run it. Click Next, then Install, make sure "Run fixit" is checked and click Finish.
The fix will begin; follow the prompts. You will be asked to reboot your computer; please do so. Your system may take longer than usual to load; this is normal.

Once the desktop loads please post the text that will open (report.tx)

I need you to post a new log single spaced as it makes things easier to read:

To remove the double spacing in your log, please do the following:

Please go to Start >> Run... and type notepad.exe
Hit OK.
Now go to Format and uncheck WordWrap.
Close Notepad.
Then post a new HijackThis log.

Thanks.

lynto · #3 (**permalink**) 04-12-2007, 10:05 PM

Hi Neal,
Thanks for the quick reply.
1st here is the fixit report.
Username "Tony" - 04/12/2007 20:47:40 [Fixwareout edited 9/01/2007]

~~~~~ Prerun check

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\Parameters
"nameserver"="85.255.113.94 85.255.112.234" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\tcpip\parameters\interfaces\{072BE6CA-CD06-4B43-8B69-AA00DF641AD6}
"nameserver"="85.255.113.94,85.255.112.234" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\tcpip\parameters\interfaces\{4838D976-E517-40BF-88BD-A54FAC799D1A}
"nameserver"="85.255.113.94,85.255.112.234" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\tcpip\parameters\interfaces\{84E461C2-A9B0-45B1-AD7D-8501E8125F7A}
"nameserver"="85.255.113.94,85.255.112.234" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\tcpip\parameters\interfaces\{8C6F3FF3-44A7-49FA-862C-7E4BCBDE768D}
"nameserver"="85.255.113.94,85.255.112.234" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\tcpip\parameters\interfaces\{92FF6067-3D79-4E08-8BC4-F43DC71C54A9}
"nameserver"="85.255.113.94,85.255.112.234" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\tcpip\parameters\interfaces\{E50CA547-5CE7-4EED-B509-98F845AB6E0C}
"nameserver"="85.255.113.94,85.255.112.234" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\tcpip\parameters\interfaces\{072BE6CA-CD06-4B43-8B69-AA00DF641AD6}
"DhcpNameServer"="85.255.113.94,85.255.112.234 " <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\tcpip\parameters\interfaces\{4838D976-E517-40BF-88BD-A54FAC799D1A}
"DhcpNameServer"="85.255.113.94,85.255.112.234 " <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\tcpip\parameters\interfaces\{84E461C2-A9B0-45B1-AD7D-8501E8125F7A}
"DhcpNameServer"="85.255.113.94,85.255.112.234 " <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\tcpip\parameters\interfaces\{8C6F3FF3-44A7-49FA-862C-7E4BCBDE768D}
"DhcpNameServer"="85.255.113.94,85.255.112.234 " <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\tcpip\parameters\interfaces\{92FF6067-3D79-4E08-8BC4-F43DC71C54A9}
"DhcpNameServer"="85.255.113.94,85.255.112.234 " <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\tcpip\parameters\interfaces\{9E6F1482-A950-4A26-B04A-4BD412171281}
"DhcpNameServer"="85.255.113.94,85.255.112.234 " <Value cleared.

Could not flush the DNS Resolver Cache: Function failed during execution.
System was rebooted successfully.

~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "System"=""
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....

~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc. exe /STARTUP"
"InnovativeMemoryOptimizer"="C:\\Program Files\\Innovative Solutions\\Innovative System Optimizer - version 1.9\\MemoryOptimizer.exe"
"wltray.exe"="C:\\WINDOWS\\system32\\wltray.ex e"
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"lxcdmon.exe"="\"C:\\Program Files\\Lexmark 6300 Series\\lxcdmon.exe\""
"EzPrint"="\"C:\\Program Files\\Lexmark 6300 Series\\ezprint.exe\""
"LXCDCATS"="rundll32 C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\ LXCDtime.dll,_RunDLLEntry@16"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\not active]
"System Mechanic Popup Stopper"="\"C:\\PROGRA~1\\iolo\\SYSTEM~1\\PopupSto pper.exe\""
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~

Now new HijackThis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04:42, on 04/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Innovative Solutions\Innovative System Optimizer - version 1.9\MemoryOptimizer.exe
C:\WINDOWS\system32\wltray.exe
C:\Program Files\Lexmark 6300 Series\lxcdmon.exe
C:\Program Files\Lexmark 6300 Series\ezprint.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\lxcdcoms.exe
C:\Program Files\Yahoo!\browser\ybrowser.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bt.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.bt.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bt.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [InnovativeMemoryOptimizer] C:\Program Files\Innovative Solutions\Innovative System Optimizer - version 1.9\MemoryOptimizer.exe
O4 - HKLM\..\Run: [wltray.exe] C:\WINDOWS\system32\wltray.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [lxcdmon.exe] "C:\Program Files\Lexmark 6300 Series\lxcdmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6300 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearc...p=ZBzeb032YYGB
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.co.uk
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} (RegUserCfgUI Class) - http://us.dl1.yimg.com/download.yaho...1/yregucfg.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://watcherswebclubhouse.com/down...instmodule.exe
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab55579.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/lux...jolauncher.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames...1.cab55579.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) - http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/.../Installer.exe
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://help.broadbandassist.com/preq...ivePreQual.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10...y.cab55579.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/bej...loader_v10.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab
O18 - Protocol: bw+0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxcd_device - Unknown owner - C:\WINDOWS\system32\lxcdcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 21299 bytes

Neal · #4 (**permalink**) 05-12-2007, 12:48 AM

Run hijackthis and click on "scan system only" button and put checks next to these:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/c...rch.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.shockwave.com/content/bej...loader_v10.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.shockwave.com/content/lux...jolauncher.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/.../Installer.exe

Everything closed out but hijackthis and click on "fix checked"

Reboot your PC

Tell me what is going on now please.

lynto · #5 (**permalink**) 05-12-2007, 01:23 AM

Did all that you requested.On reboot nothing seems to be any different.Still takes time to boot then a blank screen for about 30 seconds then on to sign in screen.Takes another 20 to 30 seconds for a user to be highlighted then when you get to screen mouse pointer is jerky and takes ages for task bar to set up.Internet seems to be a bit better but still doesn't seem as fast as before.

Neal · #6 (**permalink**) 05-12-2007, 09:45 PM

If you have previously downloaded ComboFix,please delete that version now.

Now download COMBOFIX and save to your desktop:

Note:

It is IMPORTANT that it is saved directly to your desktop

Close any open browsers.

Double click on combofix.exe and follow the prompts.

When it's finished it will produce a log.
Post the entire contents of C:\ComboFix.txt into your next reply.

Note:
Do not mouseclick combofix's window while it's running.

That may cause the program to freeze/hang.

Do NOT post the ComboFix-quarantined-files.txt unless I ask.

*Note*
In case your Antivirus or any other realtime scanner is displaying an alert after you downloaded Combofix or while you use Combofix,please disable your scanner and redownload Combofix again.
Some scanners may see some combofix related components as suspicious and block or delete them while there's nothing wrong with them.

lynto · #7 (**permalink**) 05-12-2007, 11:21 PM

Hi Neal,
Sorry about the delay wife needed to type a letter.
Here is the Combofix log.

ComboFix 07-12-05.2 - Tony 2007-12-05 21:57:34.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.704 [GMT 0:00]
Running from: C:\Documents and Settings\Tony\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\ldpackage.dll
C:\WINDOWS\system32\model.dat
C:\WINDOWS\system32\silc_dll.dll

.
((((((((((((((((((((((((( Files Created from 2007-11-05 to 2007-12-05 )))))))))))))))))))))))))))))))
.

2007-12-04 21:08 . 2007-12-04 21:08 <DIR> d-------- C:\Program Files\PurePlay
2007-12-04 21:08 . 2007-12-04 21:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PurePlay
2007-11-28 19:05 . 2007-11-28 19:05 <DIR> d-------- C:\Documents and Settings\Dev\Application Data\Grisoft
2007-11-26 22:51 . 2007-11-26 22:51 <DIR> d-------- C:\Documents and Settings\Sid\Application Data\Grisoft
2007-11-26 07:42 . 2007-11-26 07:42 <DIR> d-------- C:\Documents and Settings\Charlie\Application Data\Grisoft
2007-11-25 17:07 . 2007-11-30 10:49 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-11-25 17:07 . 2007-11-25 17:07 1,409 --a------ C:\WINDOWS\QTFont.for
2007-11-25 17:03 . 2007-11-25 17:04 <DIR> d-------- C:\Program Files\QuickTime
2007-11-25 16:16 . 2007-11-30 00:45 <DIR> d-------- C:\Program Files\iTunes
2007-11-25 16:13 . 2007-11-30 00:45 <DIR> d-------- C:\Program Files\iPod
2007-11-25 16:05 . 2007-11-25 16:05 <DIR> d-------- C:\Documents and Settings\Lyn\Application Data\Grisoft
2007-11-24 12:03 . 2007-11-24 12:03 <DIR> d-------- C:\Documents and Settings\Tony\Application Data\Grisoft
2007-11-24 12:00 . 2007-05-30 12:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-24 11:58 . 2007-11-24 11:58 <DIR> d-------- C:\Program Files\Trend Micro
2007-11-22 21:14 . 2007-11-22 21:17 <DIR> d-------- C:\Documents and Settings\Tony\.housecall6.6
2007-11-22 21:02 . 2007-11-22 21:02 2,550 --a------ C:\WINDOWS\system32\Uninstall.ico
2007-11-22 21:02 . 2007-11-22 21:02 1,406 --a------ C:\WINDOWS\system32\Help.ico
2007-11-22 17:21 . 2007-11-22 17:34 <DIR> d-------- C:\Program Files\System Tracker
2007-11-22 17:21 . 2007-11-22 17:21 92,160 --a------ C:\WINDOWS\AppHunter.exe
2007-11-22 17:21 . 2007-11-22 17:29 20,736 --a------ C:\WINDOWS\system32\stdrv.sys
2007-11-20 15:30 . 2007-11-20 15:30 <DIR> d-------- C:\Program Files\Lavasoft
2007-11-20 15:30 . 2007-11-20 15:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-20 15:27 . 2007-11-20 15:27 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-17 09:54 . 2007-11-17 09:54 <DIR> d-------- C:\Program Files\IDIGICON Limited
2007-11-16 23:09 . 2007-11-16 23:09 <DIR> d-------- C:\WINDOWS\Ubisoft
2007-11-16 22:58 . 2007-11-19 20:31 <DIR> d-------- C:\Program Files\Ubi Soft
2007-11-14 23:43 . 2007-11-14 23:43 65,536 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2007-11-14 23:43 . 2007-11-14 23:43 49,152 --a------ C:\WINDOWS\system32\QuickTime.qts
2007-11-11 17:42 . 2007-11-11 17:42 <DIR> d-------- C:\Documents and Settings\Terri\Application Data\InstallShield
2007-11-11 17:37 . 2007-11-11 17:37 <DIR> d-------- C:\Documents and Settings\Terri\Application Data\PC Suite
2007-11-11 17:06 . 2007-11-11 17:06 <DIR> d-------- C:\Documents and Settings\Charlie\Application Data\PC Suite
2007-11-10 21:18 . 2007-11-10 21:18 <DIR> d-------- C:\Documents and Settings\Lyn\Application Data\DataLayer
2007-11-10 21:16 . 2007-11-10 21:16 <DIR> d-------- C:\Documents and Settings\Lyn\Application Data\Nokia
2007-11-10 21:14 . 2007-11-10 21:14 <DIR> d-------- C:\Program Files\DIFX
2007-11-10 21:13 . 2007-11-10 21:14 <DIR> d-------- C:\Documents and Settings\Lyn\Application Data\PC Suite
2007-11-10 21:13 . 2007-11-10 21:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2007-12-05 21:47 --------- d-----w C:\Program Files\Lx_cats
2007-12-05 05:35 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7
2007-12-05 05:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\AVG7
2007-12-04 18:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-30 08:26 --------- d-----w C:\Program Files\FSacars
2007-11-28 19:40 --------- d-----w C:\Documents and Settings\Dev\Application Data\FaxCtr
2007-11-25 17:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-25 16:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-24 11:59 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-20 15:14 --------- d-----w C:\Documents and Settings\Tony\Application Data\Lavasoft
2007-11-19 20:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2007-11-16 21:05 --------- d-----w C:\Program Files\THQ
2007-11-11 08:42 --------- d-----w C:\Documents and Settings\Tony\Application Data\PC Suite
2007-11-11 08:30 --------- d-----w C:\Documents and Settings\Sid\Application Data\PC Suite
2007-11-04 12:26 --------- d-----w C:\Program Files\Microsoft Games
2007-10-23 23:48 --------- d-----w C:\Documents and Settings\Tony\Application Data\AVG7
2007-10-19 10:25 --------- d-----w C:\Program Files\Google
2007-10-07 11:40 --------- d-----w C:\Documents and Settings\Lyn\Application Data\FaxCtr
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc. exe" [2007-10-25 00:15]
"InnovativeMemoryOptimizer"="C:\Program Files\Innovative Solutions\Innovative System Optimizer - version 1.9\MemoryOptimizer.exe" [2004-05-27 16:02]
"wltray.exe"="C:\WINDOWS\system32\wltray.exe" [2005-01-29 01:09]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-06-08 11:31 C:\WINDOWS\KHALMNPR.Exe]
"lxcdmon.exe"="C:\Program Files\Lexmark 6300 Series\lxcdmon.exe" [2005-06-24 17:16]
"EzPrint"="C:\Program Files\Lexmark 6300 Series\ezprint.exe" [2005-07-05 11:51]
"LXCDCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X 86\3\LXCDtime.dll" [2005-07-11 16:35]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-03 23:56 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2006-10-22 11:22 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-03 23:56 C:\WINDOWS\system32\rundll32.exe]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 09:25]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgw. exe" [2007-10-25 00:15]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"DisableRegistryTools"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-disabled]
"YOP"=C:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
"LXCDCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtim e.dll,_RunDLLEntry@16
"AdBlocker"=C:\Program Files\3B Software\3B Ad Blocker Pro\AdBlocker.exe
"nwiz"=nwiz.exe /install
"Motive SmartBridge"=C:\PROGRA~1\BTHOME~1\Help\SMARTB~1\BT HelpNotifier.exe
"YBrowser"=C:\PROGRA~1\Yahoo!\browser\ybrwicon .exe
"btbb_wcm_McciTrayApp"=C:\Program Files\btbb_wcm\McciTrayApp.exe
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys
R3 LUsbKbd;Logitech SetPoint USB Keyboard Filter;C:\WINDOWS\system32\Drivers\LUsbKbd.Sys
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver;C:\WINDOWS\system32\drivers\WmBEnum.sys
R3 WmXlCore;Logitech WingMan Translation Layer Driver;C:\WINDOWS\system32\drivers\WmXlCore.sys
S3 ADM8511;Belkin USB Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\NET8511.SYS
S3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\AN983.sys
S3 iadusb;BT Voyager 205 ADSL Router;C:\WINDOWS\system32\DRIVERS\glauiad.sys
S3 musbehco;musbehco;\??\C:\DOCUME~1\Tony\LOCALS~1\Te mp\musbehco.sys
S3 Systrack;Systrack;\??\C:\WINDOWS\System32\stdrv.sy s
S3 WmFilter;Logitech WingMan HID Filter Driver;C:\WINDOWS\system32\drivers\WmFilter.sys
S3 WmVirHid;Logitech Virtual Hid Device Driver;C:\WINDOWS\system32\drivers\WmVirHid.sys

.
Contents of the 'Scheduled Tasks' folder
"2007-11-26 01:59:00 C:\WINDOWS\Tasks\Disk Cleanup.job"
- C:\WINDOWS\system32\cleanmgr.exe
.
************************************************** ************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-05 22:10:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 2007-12-05 22:13:38 - machine was rebooted
.
--- E O F ---

Neal · #8 (**permalink**) 06-12-2007, 02:24 AM

Now...

Please download and install SUPERAntiSpyware Trial Pro Edition http://www.superantispyware.com/superantispyware.html

* Load SUPERAntiSpyware and click the Check for Updates button.
* Once the update has finished, exit SUPERAntiSpyware. Please do NOT run a scan yet!

IMPORTANT: Do NOT open any other windows or programs while SUPERAntiSpyware is scanning, it may interfere with the scanning process.

* Open SUPERAntiSpyware and click the Scan your Computer button.
* Check Perform Complete Scan and then clickNext.
* SUPERAntiSpyware will now scan your computer and when it’s finished it will list all the infections it has found.
* Make sure that they all have a check next to them, and then click Next.
* Click Finish and you will be taken back to the main interface.
* It could be possible that it will ask you to reboot your computer in order to delete some files after reboot.
* I'll need a log afterwards of what has been found.
* To get the log, click Preferences and then click the Statistics/Logs tab. Click the dated log and press View Log and a text file will appear.
* Please post the results of the SUPERAntiSpyware log in your next reply.

Plus a new hijackthis log please.

lynto · #9 (**permalink**) 07-12-2007, 12:10 PM

Hi Neal,
Sorry about the delay but here is the spyware lod and a new Hijack log.
Thanks Tony.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/07/2007 at 10:35 AM

Application Version : 3.9.1008

Core Rules Database Version : 3357
Trace Rules Database Version: 1355

Scan type : Quick Scan
Total Scan Time : 00:52:26

Memory items scanned : 364
Memory threats detected : 0
Registry items scanned : 799
Registry threats detected : 0
File items scanned : 21555
File threats detected : 257

Adware.Tracking Cookie
C:\Documents and Settings\Tony\Cookies\tony@a[1].txt
C:\Documents and Settings\Tony\Cookies\tony@xxxcreatures[1].txt
C:\Documents and Settings\Tony\Cookies\tony@bizrate[2].txt
C:\Documents and Settings\Tony\Cookies\tony@incestsexparty[2].txt
C:\Documents and Settings\Tony\Cookies\tony@st[6].txt
C:\Documents and Settings\Tony\Cookies\tony@track.adform[1].txt
C:\Documents and Settings\Tony\Cookies\tony@login.tracking101[2].txt
C:\Documents and Settings\Tony\Cookies\tony@xxxporn[1].txt
C:\Documents and Settings\Tony\Cookies\tony@hornymatches[1].txt
C:\Documents and Settings\Tony\Cookies\tony@estat[1].txt
C:\Documents and Settings\Tony\Cookies\tony@freepornoamateurs[2].txt
C:\Documents and Settings\Tony\Cookies\tony@adultlounge[1].txt
C:\Documents and Settings\Tony\Cookies\tony@overture[1].txt
C:\Documents and Settings\Tony\Cookies\tony@1066161597[1].txt
C:\Documents and Settings\Tony\Cookies\tony@www.virginmedia[1].txt
C:\Documents and Settings\Tony\Cookies\tony@e-2dj6wjmiwlczoko.stats.esomniture[2].txt
C:\Documents and Settings\Tony\Cookies\tony@1065711054[1].txt
C:\Documents and Settings\Tony\Cookies\tony@screensavers[2].txt
C:\Documents and Settings\Tony\Cookies\tony@image.masterstats[1].txt
C:\Documents and Settings\Tony\Cookies\tony@www.screensavers[1].txt
C:\Documents and Settings\Tony\Cookies\tony@tracking.summitmedia.co[1].txt
C:\Documents and Settings\Tony\Cookies\tony@try.starware[1].txt
C:\Documents and Settings\Tony\Cookies\tony@h.starware[2].txt
C:\Documents and Settings\Tony\Cookies\tony@www.xxxvideopussy[2].txt
C:\Documents and Settings\Tony\Cookies\tony@www.amateurpornlinks[2].txt
C:\Documents and Settings\Tony\Cookies\tony@tracking.ehub-store.co[1].txt
C:\Documents and Settings\Tony\Cookies\tony@1062860687[2].txt
C:\Documents and Settings\Tony\Cookies\tony@roiservice[1].txt
C:\Documents and Settings\Tony\Cookies\tony@paypal.112.2o7[1].txt
C:\Documents and Settings\Tony\Cookies\tony@www.clash-media[2].txt
C:\Documents and Settings\Tony\Cookies\tony@bs.serving-sys[1].txt
C:\Documents and Settings\Tony\Cookies\tony@www.adult-empire[1].txt
C:\Documents and Settings\Tony\Cookies\tony@anad.tacoda[1].txt
C:\Documents and Settings\Tony\Cookies\tony@a[2].txt
C:\Documents and Settings\Tony\Cookies\tony@tribalfusion[1].txt
C:\Documents and Settings\Tony\Cookies\tony@affiliate.eadvtracker[1].txt
C:\Documents and Settings\Tony\Cookies\tony@dtr21[1].txt
C:\Documents and Settings\Tony\Cookies\tony@adinterax[2].txt
C:\Documents and Settings\Tony\Cookies\tony@questionmarket[1].txt
C:\Documents and Settings\Tony\Cookies\tony@server.iad.liveperson[1].txt
C:\Documents and Settings\Tony\Cookies\tony@www.crazysextaxi[1].txt
C:\Documents and Settings\Tony\Cookies\tony@tacoda[2].txt
C:\Documents and Settings\Tony\Cookies\tony@serving-sys[2].txt
C:\Documents and Settings\Tony\Cookies\tony@ads.telegraph.co[1].txt
C:\Documents and Settings\Tony\Cookies\tony@cerosmedia[1].txt
C:\Documents and Settings\Tony\Cookies\tony@5074380[2].txt
C:\Documents and Settings\Tony\Cookies\tony@tracking.yourfilehost[2].txt
C:\Documents and Settings\Tony\Cookies\tony@www.trafficholder[1].txt
C:\Documents and Settings\Tony\Cookies\tony@adopt.euroclick[2].txt
C:\Documents and Settings\Tony\Cookies\tony@eaeacom.112.2o7[1].txt
C:\Documents and Settings\Tony\Cookies\tony@track.webgains[1].txt
C:\Documents and Settings\Tony\Cookies\tony@dennis.cerosmedia[1].txt
C:\Documents and Settings\Tony\Cookies\tony@aff.primaryads[1].txt
C:\Documents and Settings\Tony\Cookies\tony@e-2dj6whkiwld5ehp.stats.esomniture[2].txt
C:\Documents and Settings\Tony\Cookies\tony@weborama[1].txt
C:\Documents and Settings\Tony\Cookies\tony@onlinemediasales[2].txt
C:\Documents and Settings\Tony\Cookies\tony@flightstats[2].txt
C:\Documents and Settings\Tony\Cookies\tony@lightspeed.112.2o7[1].txt
C:\Documents and Settings\Tony\Cookies\tony@mommyinsex[1].txt
C:\Documents and Settings\Tony\Cookies\tony@richmedia.yahoo[2].txt
C:\Documents and Settings\Tony\Cookies\tony@virginmega[1].txt
C:\Documents and Settings\Tony\Cookies\tony@revsci[2].txt
C:\Documents and Settings\Tony\Cookies\tony@saletrack.co[1].txt
C:\Documents and Settings\Tony\Cookies\tony@ad[1].txt
C:\Documents and Settings\Tony\Cookies\tony@bizrate.co[2].txt
C:\Documents and Settings\Tony\Cookies\tony@perf.overture[1].txt
C:\Documents and Settings\Tony\Cookies\tony@virginmedia[2].txt
C:\Documents and Settings\Tony\Cookies\tony@ads.addynamix[2].txt
C:\Documents and Settings\Tony\Cookies\tony@112.2o7[2].txt
C:\Documents and Settings\Tony\Cookies\tony@i.screensavers[1].txt
C:\Documents and Settings\Tony\Cookies\tony@1071765850[1].txt
C:\Documents and Settings\Tony\Cookies\tony@1068504769[1].txt
C:\Documents and Settings\Tony\Cookies\tony@banner.goldenpalacepoke r[2].txt
C:\Documents and Settings\Tony\Cookies\tony@247realmedia[1].txt
C:\Documents and Settings\Tony\Cookies\tony@try.screensavers[1].txt
C:\Documents and Settings\Tony\Cookies\tony@122.2o7[2].txt
C:\Documents and Settings\Tony\Cookies\tony@interclick[2].txt
C:\Documents and Settings\Tony\Cookies\tony@adecn[1].txt
C:\Documents and Settings\Tony\Cookies\tony@1059647206[1].txt
C:\Documents and Settings\Tony\Cookies\tony@wysistat[1].txt
C:\Documents and Settings\Tony\Cookies\tony@xren_cj[2].txt
C:\Documents and Settings\Tony\Cookies\tony@adultfriendfinder[2].txt
C:\Documents and Settings\Tony\Cookies\tony@anat.tacoda[1].txt
C:\Documents and Settings\Charlie\Cookies\charlie@adrevenue[1].txt
C:\Documents and Settings\Charlie\Cookies\charlie@ads.accelerator-media[1].txt
C:\Documents and Settings\Charlie\Cookies\charlie@ads.freeonlinegam es[1].txt
C:\Documents and Settings\Charlie\Cookies\charlie@adtech[1].txt
C:\Documents and Settings\Charlie\Cookies\charlie@belnk[1].txt
C:\Documents and Settings\Charlie\Cookies\charlie@dealtime.co[2].txt
C:\Documents and Settings\Charlie\Cookies\charlie@dist.belnk[2].txt
C:\Documents and Settings\Charlie\Cookies\charlie@geocounter[2].txt
C:\Documents and Settings\Charlie\Cookies\charlie@h.starware[1].txt
C:\Documents and Settings\Charlie\Cookies\charlie@media.adshadow[1].txt
C:\Documents and Settings\Charlie\Cookies\charlie@mywebsearch[2].txt
C:\Documents and Settings\Charlie\Cookies\charlie@nextag[2].txt
C:\Documents and Settings\Charlie\Cookies\charlie@try.starware[2].txt
C:\Documents and Settings\Charlie\Cookies\charlie@windowsmedia[1].txt
C:\Documents and Settings\Charlie\Cookies\charlie@www.dgm2[2].txt
C:\Documents and Settings\Dev\Cookies\dev@3d-sexgames[2].txt
C:\Documents and Settings\Dev\Cookies\dev@a.websponsors[2].txt
C:\Documents and Settings\Dev\Cookies\dev@ad.excite.co[2].txt
C:\Documents and Settings\Dev\Cookies\dev@ad.zanox[1].txt
C:\Documents and Settings\Dev\Cookies\dev@adrevenue[2].txt
C:\Documents and Settings\Dev\Cookies\dev@ads.freeonlinegames[1].txt
C:\Documents and Settings\Dev\Cookies\dev@ads.monster[1].txt
C:\Documents and Settings\Dev\Cookies\dev@adsrevenue[1].txt
C:\Documents and Settings\Dev\Cookies\dev@advert.runescape[1].txt
C:\Documents and Settings\Dev\Cookies\dev@amsterdamlivexxx[2].txt
C:\Documents and Settings\Dev\Cookies\dev@azjmp[2].txt
C:\Documents and Settings\Dev\Cookies\dev@bannersng.yell[1].txt
C:\Documents and Settings\Dev\Cookies\dev@belnk[1].txt
C:\Documents and Settings\Dev\Cookies\dev@campaign.indieclick[1].txt
C:\Documents and Settings\Dev\Cookies\dev@cassava[1].txt
C:\Documents and Settings\Dev\Cookies\dev@dist.belnk[2].txt
C:\Documents and Settings\Dev\Cookies\dev@focalex[1].txt
C:\Documents and Settings\Dev\Cookies\dev@***pornblog[1].txt
C:\Documents and Settings\Dev\Cookies\dev@interclick[1].txt
C:\Documents and Settings\Dev\Cookies\dev@ipt.advertserve[1].txt
C:\Documents and Settings\Dev\Cookies\dev@jamster.co[1].txt
C:\Documents and Settings\Dev\Cookies\dev@m1.webstats4u[1].txt
C:\Documents and Settings\Dev\Cookies\dev@msnprod.oberon-media[2].txt
C:\Documents and Settings\Dev\Cookies\dev@offeroptimizer[1].txt
C:\Documents and Settings\Dev\Cookies\dev@order.jamster.co[2].txt
C:\Documents and Settings\Dev\Cookies\dev@private.amsterdamlivexxx[1].txt
C:\Documents and Settings\Dev\Cookies\dev@server.cpmstar[2].txt
C:\Documents and Settings\Dev\Cookies\dev@stats.espinthebottle[2].txt
C:\Documents and Settings\Dev\Cookies\dev@teensay.co[2].txt
C:\Documents and Settings\Dev\Cookies\dev@thebestporn[1].txt
C:\Documents and Settings\Dev\Cookies\dev@toplist[1].txt
C:\Documents and Settings\Dev\Cookies\dev@tracker.interclimax[1].txt
C:\Documents and Settings\Dev\Cookies\dev@tracker.roitesting[1].txt
C:\Documents and Settings\Dev\Cookies\dev@tracking.summitmedia.co[1].txt
C:\Documents and Settings\Dev\Cookies\dev@windowsmedia[2].txt
C:\Documents and Settings\Dev\Cookies\dev@www.0stats[2].txt
C:\Documents and Settings\Dev\Cookies\dev@www.3d-sexgames[1].txt
C:\Documents and Settings\Dev\Cookies\dev@www.3pintracking[1].txt
C:\Documents and Settings\Dev\Cookies\dev@www.adultmovienetwork[2].txt
C:\Documents and Settings\Dev\Cookies\dev@www.dgm2[1].txt
C:\Documents and Settings\Dev\Cookies\dev@www.everyclick[1].txt
C:\Documents and Settings\Dev\Cookies\dev@www.penisbot[1].txt
C:\Documents and Settings\Dev\Cookies\dev@www.screensavers[2].txt
C:\Documents and Settings\Dev\Cookies\dev@www2.mystats[1].txt
C:\Documents and Settings\Dev\Cookies\dev@x.gcapmedia[2].txt
C:\Documents and Settings\Dev\Cookies\dev@xiti[1].txt
C:\Documents and Settings\Dev\Cookies\dev@yourmedia[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@005.free-counter.co[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@112.2o7[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@122.2o7[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@2o7[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@adinterax[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@adrevenue[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@ads.aol.co[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@ads.contactmusic[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@ads.expedia[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@ads.ft[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@ads.hairboutique[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@ads.monster[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@ads.uknetguide.co[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@adtech[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@advertising[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@as1.falkag[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@atdmt[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@belnk[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@counter2.hitslink[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@dist.belnk[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@doubleclick[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@e-2dj6wfk4wgazako.stats.esomniture[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@ehg-dennisinteractive.hitbox[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@ehg-iwantoneofthose.hitbox[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@hitbox[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@i.screensavers[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@ipt.advertserve[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@media.adrevolver[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@media.hotels[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@mediauk[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@msnprod.oberon-media[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@mywebsearch[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@nextag[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@overture[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@pornaccess[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@roiservice[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@saletrack.co[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@screensavers[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@secure.pornaccess[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@sexintheuk[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@stat.onestat[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@stats.renault.co[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@stats.searchtrack[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@stats2.clicktracks[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@statse.webtrendslive[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@toplist[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@tracker.netklix[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@tracking.dc-storm[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@tracking.summitmedia.co[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@tracking[3].txt
C:\Documents and Settings\Lyn\Cookies\lyn@webstats.thefa[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@www.005.free-counter.co[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@www.clickmanage[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@www.dgm2[2].txt
C:\Documents and Settings\Lyn\Cookies\lyn@www.hxtrack[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@www.screensavers[1].txt
C:\Documents and Settings\Lyn\Cookies\lyn@x.gcapmedia[1].txt
C:\Documents and Settings\Sid\Cookies\sid@a.websponsors[2].txt
C:\Documents and Settings\Sid\Cookies\sid@ad.parachat[1].txt
C:\Documents and Settings\Sid\Cookies\sid@ad.zanox[2].txt
C:\Documents and Settings\Sid\Cookies\sid@adecn[1].txt
C:\Documents and Settings\Sid\Cookies\sid@adopt.hbmediapro[1].txt
C:\Documents and Settings\Sid\Cookies\sid@adopt.specificclick[2].txt
C:\Documents and Settings\Sid\Cookies\sid@ads.autotrader.co[1].txt
C:\Documents and Settings\Sid\Cookies\sid@ads.channel4[2].txt
C:\Documents and Settings\Sid\Cookies\sid@ads.ft[2].txt
C:\Documents and Settings\Sid\Cookies\sid@ads.hairboutique[1].txt
C:\Documents and Settings\Sid\Cookies\sid@ads.monster[1].txt
C:\Documents and Settings\Sid\Cookies\sid@ads.urbandictionary[1].txt
C:\Documents and Settings\Sid\Cookies\sid@adverts.digitalspy.co[2].txt
C:\Documents and Settings\Sid\Cookies\sid@audit.median[1].txt
C:\Documents and Settings\Sid\Cookies\sid@azjmp[2].txt
C:\Documents and Settings\Sid\Cookies\sid@belnk[1].txt
C:\Documents and Settings\Sid\Cookies\sid@clicksor[1].txt
C:\Documents and Settings\Sid\Cookies\sid@clicktorrent[2].txt
C:\Documents and Settings\Sid\Cookies\sid@clicktracks.aristotle[2].txt
C:\Documents and Settings\Sid\Cookies\sid@creativeby.viewpoint[1].txt
C:\Documents and Settings\Sid\Cookies\sid@dist.belnk[2].txt
C:\Documents and Settings\Sid\Cookies\sid@exitexchange[2].txt
C:\Documents and Settings\Sid\Cookies\sid@eztracks.us.intellitxt[1].txt
C:\Documents and Settings\Sid\Cookies\sid@herfirstlesbiansex[2].txt
C:\Documents and Settings\Sid\Cookies\sid@i.screensavers[2].txt
C:\Documents and Settings\Sid\Cookies\sid@interclick[1].txt
C:\Documents and Settings\Sid\Cookies\sid@media.adshadow[2].txt
C:\Documents and Settings\Sid\Cookies\sid@mediametrics.mpsa[1].txt
C:\Documents and Settings\Sid\Cookies\sid@mysextour[2].txt
C:\Documents and Settings\Sid\Cookies\sid@mywebsearch[1].txt
C:\Documents and Settings\Sid\Cookies\sid@offeroptimizer[2].txt
C:\Documents and Settings\Sid\Cookies\sid@optimtraffic[1].txt
C:\Documents and Settings\Sid\Cookies\sid@par.jamster.co[2].txt
C:\Documents and Settings\Sid\Cookies\sid@saletrack.co[1].txt
C:\Documents and Settings\Sid\Cookies\sid@server.cpmstar[2].txt
C:\Documents and Settings\Sid\Cookies\sid@sitetrafficking[1].txt
C:\Documents and Settings\Sid\Cookies\sid@stats.tf1[1].txt
C:\Documents and Settings\Sid\Cookies\sid@tagworld[1].txt
C:\Documents and Settings\Sid\Cookies\sid@teensay.co[1].txt
C:\Documents and Settings\Sid\Cookies\sid@teensforcash[1].txt
C:\Documents and Settings\Sid\Cookies\sid@teenspot[2].txt
C:\Documents and Settings\Sid\Cookies\sid@tracker.netklix[2].txt
C:\Documents and Settings\Sid\Cookies\sid@tracking.dc-storm[2].txt
C:\Documents and Settings\Sid\Cookies\sid@tracking.summitmedia.co[1].txt
C:\Documents and Settings\Sid\Cookies\sid@webstats.channel4[1].txt
C:\Documents and Settings\Sid\Cookies\sid@www.0stats[2].txt
C:\Documents and Settings\Sid\Cookies\sid@www.countercentral[2].txt
C:\Documents and Settings\Sid\Cookies\sid@www.dgm2[1].txt
C:\Documents and Settings\Sid\Cookies\sid@www.femalefirst.co[2].txt
C:\Documents and Settings\Sid\Cookies\sid@www.screensavers[1].txt
C:\Documents and Settings\Sid\Cookies\sid@xiti[1].txt
C:\Documents and Settings\Sid\Cookies\sid@yourmedia[1].txt
C:\Documents and Settings\Terri\Cookies\terri@ads.cartoonnetwork[1].txt
C:\Documents and Settings\Terri\Cookies\terri@mywebsearch[1].txt
C:\Documents and Settings\Terri\Cookies\terri@windowsmedia[1].txt

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:05:00, on 07/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Innovative Solutions\Innovative System Optimizer - version 1.9\MemoryOptimizer.exe
C:\WINDOWS\system32\wltray.exe
C:\Program Files\Lexmark 6300 Series\lxcdmon.exe
C:\Program Files\Lexmark 6300 Series\ezprint.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\lxcdcoms.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Yahoo!\browser\ybrwicon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bt.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.bt.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bt.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [InnovativeMemoryOptimizer] C:\Program Files\Innovative Solutions\Innovative System Optimizer - version 1.9\MemoryOptimizer.exe
O4 - HKLM\..\Run: [wltray.exe] C:\WINDOWS\system32\wltray.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [lxcdmon.exe] "C:\Program Files\Lexmark 6300 Series\lxcdmon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6300 Series\ezprint.exe"
O4 - HKLM\..\Run: [LXCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCDtim e.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearc...p=ZBzeb032YYGB
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O14 - IERESET.INF: START_PAGE_URL=http://www.freeserve.co.uk
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10...I.cab55579.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1803B9EF-9905-4F34-AFC4-05D1BAB28801} (RegUserCfgUI Class) - http://us.dl1.yimg.com/download.yaho...1/yregucfg.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://watcherswebclubhouse.com/down...instmodule.exe
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10...t.cab55579.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {80B626D6-BC34-4BCF-B5A1-7149E4FD9CFA} (UnoCtrl Class) - http://zone.msn.com/bingame/zpagames...1.cab55579.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9903F4ED-B673-456A-A15F-ED90C7DE9EF5} (Sol Control) - http://www.worldwinner.com/games/v46/sol/sol.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game03.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://help.broadbandassist.com/preq...ivePreQual.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10...y.cab55579.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab
O18 - Protocol: bw+0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {ADD03A79-BA6A-4EFA-8F8E-A22969EEBDF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxcd_device - Unknown owner - C:\WINDOWS\system32\lxcdcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1.EXE

--
End of file - 20152 bytes

Neal · #10 (**permalink**) 08-12-2007, 01:03 AM

How long have you had Adaware 2007, been known to slow some systems down.

Have you run CCleaner lately?

If not clean the junk off your computer with that, useing the windows tab only which is up front by default.

Read this also:

http://users.telenet.be/bluepatchy/m...wcomputer.html

Let me know. Thanks.