System Security -- Can't even install Hijack This to generat
Page 1 of 3 • 1, 2, 3 
System Security -- Can't even install Hijack This to generate log
by Peewiglet on Sun 28 Jun - 11:37
Hi,
I'd be enormously grateful for any help you can give.
My friends' computer is infected with System Security. I tried to download Malwarebytes onto it two days ago but the trojan blocked the download.
I've now got Hijack This and Malwarebytes on a memory stick (downloaded from my own PC) but the trojan won't even let me install Hijack This on Tim's PC, so I can't generate a log for you.
Can you please tell me what we can do about this?
Many thanks in advance for any help.
I'd be enormously grateful for any help you can give.
My friends' computer is infected with System Security. I tried to download Malwarebytes onto it two days ago but the trojan blocked the download.
I've now got Hijack This and Malwarebytes on a memory stick (downloaded from my own PC) but the trojan won't even let me install Hijack This on Tim's PC, so I can't generate a log for you.
Can you please tell me what we can do about this?
Many thanks in advance for any help.
Peewiglet
Newbie Surfer
- Posts: 28
Joined: 2009-06-28
Operating System: XP 
Re: System Security -- Can't even install Hijack This to generat
by Belahzur on Sun 28 Jun - 11:43
Lets try renaming the installer for Hijack This, do you know how to that?
If not, right click the installer file > Rename.
Rename it to winlogon.exe and see if it will run.
If not, right click the installer file > Rename.
Rename it to winlogon.exe and see if it will run.
From now on, I will no longer answer any requests for help via PM, please post in the forum.
If I have helped, please consider a [You must be registered and logged in to see this link.] to help keep us alive.
"Faith through unity. Unity through faith."
Belahzur
Super Moderator | Tech Officer
- Posts: 29565
Joined: 2008-08-03
Operating System: XP SP3 Media Centre -
Re: System Security -- Can't even install Hijack This to generat
by Peewiglet on Sun 28 Jun - 11:47
Thanks for your speedy help, Belahzur.
I've renamed it, but unfortunately it still won't run. Each time I try to run anything except Internet Explorer (as far as I can tell) a small box comes up above the Systray and tells me the file can't be executed because it's infected.
I've renamed it, but unfortunately it still won't run. Each time I try to run anything except Internet Explorer (as far as I can tell) a small box comes up above the Systray and tells me the file can't be executed because it's infected.
Peewiglet
Newbie Surfer- Posts: 28
Joined: 2009-06-28
Operating System: XP -
Re: System Security -- Can't even install Hijack This to generat
by Peewiglet on Sun 28 Jun - 12:19
Hi again,
I managed to get into Safe Mode with Networking and generate a HiJackThis log that way. I've posted it below, in two parts
Many thanks again for your help -- it's very much appreciated.
PART 1
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:11:38 PM, on 6/28/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = [You must be registered and logged in to see this link.]
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: XBTP06568 - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\tbuA4\AOL_security_toolbar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\tbuA4\AOL_security_toolbar.dll
O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dldfmon.exe] "C:\Program Files\Dell AIO Printer 948\dldfmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell AIO Printer 948\memcard.exe"
O4 - HKLM\..\Run: [Dell AIO Printer 948 Fax Server] "C:\Program Files\Dell AIO Printer 948\fm3032.exe" /s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [10399214] C:\Documents and Settings\All Users\Application Data\10399214\10399214.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: bw+0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
I managed to get into Safe Mode with Networking and generate a HiJackThis log that way. I've posted it below, in two parts
Many thanks again for your help -- it's very much appreciated.
PART 1
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:11:38 PM, on 6/28/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = [You must be registered and logged in to see this link.]
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: XBTP06568 - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\tbuA4\AOL_security_toolbar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\tbuA4\AOL_security_toolbar.dll
O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dldfmon.exe] "C:\Program Files\Dell AIO Printer 948\dldfmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell AIO Printer 948\memcard.exe"
O4 - HKLM\..\Run: [Dell AIO Printer 948 Fax Server] "C:\Program Files\Dell AIO Printer 948\fm3032.exe" /s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [10399214] C:\Documents and Settings\All Users\Application Data\10399214\10399214.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: bw+0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
Peewiglet
Newbie Surfer- Posts: 28
Joined: 2009-06-28
Operating System: XP -
Re: System Security -- Can't even install Hijack This to generat
by Peewiglet on Sun 28 Jun - 12:20
PART 2
O18 - Protocol: bw50 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: dldfCATSCustConnectService - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe
O23 - Service: dldf_device - - C:\WINDOWS\system32\dldfcoms.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
--
End of file - 19014 bytes
O18 - Protocol: bw50 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: dldfCATSCustConnectService - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe
O23 - Service: dldf_device - - C:\WINDOWS\system32\dldfcoms.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
--
End of file - 19014 bytes
Peewiglet
Newbie Surfer- Posts: 28
Joined: 2009-06-28
Operating System: XP -
Re: System Security -- Can't even install Hijack This to generat
by Belahzur on Sun 28 Jun - 14:05
Hello.
Please download and run this tool.
Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]
Double Click mbam-setup.exe to install the application.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.
Post the contents of the MBAM Log.
- Open HijackThis
- Choose "Do a system scan only"
- Check the boxes in front of these lines:
O4 - HKLM\..\Run: [10399214] C:\Documents and Settings\All Users\Application Data\10399214\10399214.exe
O18 - Protocol: bw+0 - {B91B3344-E057-40B4-A9E6-8674A2A2EAC4} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
Fix ALL these O18 items - Press "Fix Checked"
- Close Hijack This.
Please download and run this tool.
Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]
Double Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.
Post the contents of the MBAM Log.
From now on, I will no longer answer any requests for help via PM, please post in the forum.
If I have helped, please consider a [You must be registered and logged in to see this link.] to help keep us alive.
"Faith through unity. Unity through faith."
Belahzur
Super Moderator | Tech Officer- Posts: 29565
Joined: 2008-08-03
Operating System: XP SP3 Media Centre -
Re: System Security -- Can't even install Hijack This to generat
by Peewiglet on Sun 28 Jun - 14:14
Thank you very much 
I'll be back at Tim and Kate's tomorrow evening and I'll do that then.
All three of us are extremely grateful to you for your help!
I'll be back at Tim and Kate's tomorrow evening and I'll do that then.
All three of us are extremely grateful to you for your help!
Peewiglet
Newbie Surfer- Posts: 28
Joined: 2009-06-28
Operating System: XP -
Re: System Security -- Can't even install Hijack This to generat
by Peewiglet on Sun 28 Jun - 14:20
Doh... apologies. I've just read through the instructions you gave and realised I've not fully understood. I'm very much a novice in this stuff.
When you've said to fix the "O18 - Protocol: bw+0" items, I can't see any that have a + sign. Underneath you said "Fix all these 018 items". Just to be clear... do I fix *every single* 018 item in the log?
When you've said to fix the "O18 - Protocol: bw+0" items, I can't see any that have a + sign. Underneath you said "Fix all these 018 items". Just to be clear... do I fix *every single* 018 item in the log?
Peewiglet
Newbie Surfer- Posts: 28
Joined: 2009-06-28
Operating System: XP -
Re: System Security -- Can't even install Hijack This to generat
by Origin on Sun 28 Jun - 14:28
Yes that is correct, and then can you please post a new HijackThis log for me
While my help is always free, please consider donating to keep this site alive: [You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
Origin
Tech Staff- Posts: 2685
Joined: 2009-05-06
Operating System: Windows Xp Sp3 -
Re: System Security -- Can't even install Hijack This to generat
by Peewiglet on Sun 28 Jun - 17:50
Thanks, Origin. I'll do that and get back to you tomorrow evening
Shirl
Shirl
Peewiglet
Newbie Surfer- Posts: 28
Joined: 2009-06-28
Operating System: XP -
Re: System Security -- Can't even install Hijack This to generat
by Peewiglet on Mon 29 Jun - 16:15
Hello again!
I've followed the instructions, and here are both the MBAM log and a new HiJack This log. Thanks so much once again for your help!
MBAM LOG PART 1
Malwarebytes' Anti-Malware 1.38
Database version: 2297
Windows 5.1.2600 Service Pack 3
6/29/2009 7:49:31 PM
mbam-log-2009-06-29 (19-49-31).txt
Scan type: Quick Scan
Objects scanned: 97405
Time elapsed: 7 minute(s), 7 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 15
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 37
Files Infected: 282
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\uprppchk.uprppchk (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f0e4888b-938d-43e9-8444-787e2ffc178b} (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{936301de-ed09-4540-9daf-0c8443a7f334} (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ebf4b37a-6262-40a8-aad6-3a36b08ae98b} (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\uprppchk.uprppchk.1 (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{df058c45-cd18-453e-8745-5a77f60722ab} (Adware.Gdown) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b5a33c35-7298-4d15-8753-a2e851e2eab3} (Adware.Gdown) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f0d2b812-752d-4af1-a2fb-968c4d8446db} (Adware.Gdown) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e856b973-45fd-4559-8f82-eab539144667} (Adware.Gdown) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\URLSearchHook.SoftomateURLSearchHook (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UWA7P_is1 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\PrivacyProtector Free (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UPRP_is1 (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\drivecleaner freeware (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SystemSecurity2009 (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
c:\program files\WinAntiVirus Pro 2007 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2007\AWBase (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2007\Download (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2007\plugins (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2007\res (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\PrivacyProtector Free (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\common files\PrivacyProtector Free (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\PrivacyProtector Free (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Download (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\common files\DriveCleaner Freeware (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\DriveCleaner Freeware (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\DriveCleaner Freeware (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\All Users\Application Data\SalesMonitor (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\salesmonitor\Data (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\program files\SystemDoctor 2006 Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\Download (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\Download\mlmfmxxm (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\Download\qbjvswob (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\PrivacyProtector Free (Rogue.PrivacyProtector) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\privacyprotector free\Logs (Rogue.PrivacyProtector) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\DriveCleaner Freeware (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\drivecleaner freeware\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\Antivirus2008 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\Application Data\ErrorKiller (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\errorkiller\Log (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\Start Menu\Programs\Pro AntiSpyware 2009 (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\Start Menu\Programs\System Security (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
c:\documents and settings\All Users\Application Data\Solt Lake Software (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\solt lake software\Pro Antispyware 2009 (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\solt lake software\pro antispyware 2009\BASE (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\solt lake software\pro antispyware 2009\DELETED (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\solt lake software\pro antispyware 2009\LOG (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\solt lake software\pro antispyware 2009\SAVED (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\PrivacyProtector Free\UPRPPChk.dll (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\GTDownDE_87.ocx (Adware.Gdown) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2007\IEFWBHO.dll (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2007\res\wa7p.gif (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\privacyprotector free\PrivacyProtector HomePage.lnk (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\privacyprotector free\PrivacyProtector Online Manual.lnk (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\privacyprotector free\PrivacyProtector Online Support.lnk (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\privacyprotector free\PrivacyProtector.lnk (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\privacyprotector free\Uninstall PrivacyProtector.lnk (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Activate.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\atl71.dll (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\bnlink.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\diagnosis.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\err.log (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\lapv.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\license.rtf (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\manual.url (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\mfc71.dll (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\msvcp71.dll (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\msvcr71.dll (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\pv.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\readme.rtf (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\ScanReport.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Schedule.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\sr.log (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\support.url (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\unins000.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\unins000.exe (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\uninstall.ico (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\UninstallPage.html (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\up.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\updater.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\UPRP.url (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\UPRP.xml (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\uprpcw.exe (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\vbpv.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\AE_CD_Cr.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\AReadr4.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\AReadr5.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\ASDSEEpv.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\ASPack.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\Babylon.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\BDelphi5.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\CatchUp.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\CBuildr5.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\CCGA.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\CManager.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\CuteFTP4.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
I've followed the instructions, and here are both the MBAM log and a new HiJack This log. Thanks so much once again for your help!
MBAM LOG PART 1
Malwarebytes' Anti-Malware 1.38
Database version: 2297
Windows 5.1.2600 Service Pack 3
6/29/2009 7:49:31 PM
mbam-log-2009-06-29 (19-49-31).txt
Scan type: Quick Scan
Objects scanned: 97405
Time elapsed: 7 minute(s), 7 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 15
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 37
Files Infected: 282
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\uprppchk.uprppchk (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{f0e4888b-938d-43e9-8444-787e2ffc178b} (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{936301de-ed09-4540-9daf-0c8443a7f334} (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ebf4b37a-6262-40a8-aad6-3a36b08ae98b} (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\uprppchk.uprppchk.1 (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{df058c45-cd18-453e-8745-5a77f60722ab} (Adware.Gdown) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b5a33c35-7298-4d15-8753-a2e851e2eab3} (Adware.Gdown) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f0d2b812-752d-4af1-a2fb-968c4d8446db} (Adware.Gdown) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e856b973-45fd-4559-8f82-eab539144667} (Adware.Gdown) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\URLSearchHook.SoftomateURLSearchHook (Adware.SoftMate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UWA7P_is1 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\PrivacyProtector Free (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UPRP_is1 (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\drivecleaner freeware (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SystemSecurity2009 (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
c:\program files\WinAntiVirus Pro 2007 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2007\AWBase (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2007\Download (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2007\plugins (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2007\res (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\PrivacyProtector Free (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\common files\PrivacyProtector Free (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\PrivacyProtector Free (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Download (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\common files\DriveCleaner Freeware (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\DriveCleaner Freeware (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\DriveCleaner Freeware (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\All Users\Application Data\SalesMonitor (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\salesmonitor\Data (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\program files\SystemDoctor 2006 Free (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\Download (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\Download\mlmfmxxm (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\Download\qbjvswob (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\PrivacyProtector Free (Rogue.PrivacyProtector) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\privacyprotector free\Logs (Rogue.PrivacyProtector) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\DriveCleaner Freeware (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\drivecleaner freeware\Logs (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\Antivirus2008 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\Application Data\ErrorKiller (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\errorkiller\Log (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\Start Menu\Programs\Pro AntiSpyware 2009 (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\Start Menu\Programs\System Security (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
c:\documents and settings\All Users\Application Data\Solt Lake Software (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\solt lake software\Pro Antispyware 2009 (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\solt lake software\pro antispyware 2009\BASE (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\solt lake software\pro antispyware 2009\DELETED (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\solt lake software\pro antispyware 2009\LOG (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\solt lake software\pro antispyware 2009\SAVED (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\PrivacyProtector Free\UPRPPChk.dll (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\GTDownDE_87.ocx (Adware.Gdown) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2007\IEFWBHO.dll (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\program files\winantivirus pro 2007\res\wa7p.gif (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\privacyprotector free\PrivacyProtector HomePage.lnk (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\privacyprotector free\PrivacyProtector Online Manual.lnk (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\privacyprotector free\PrivacyProtector Online Support.lnk (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\privacyprotector free\PrivacyProtector.lnk (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\privacyprotector free\Uninstall PrivacyProtector.lnk (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Activate.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\atl71.dll (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\bnlink.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\diagnosis.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\err.log (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\lapv.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\license.rtf (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\manual.url (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\mfc71.dll (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\msvcp71.dll (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\msvcr71.dll (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\pv.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\readme.rtf (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\ScanReport.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Schedule.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\sr.log (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\support.url (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\unins000.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\unins000.exe (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\uninstall.ico (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\UninstallPage.html (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\up.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\updater.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\UPRP.url (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\UPRP.xml (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\uprpcw.exe (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\vbpv.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\AE_CD_Cr.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\AReadr4.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\AReadr5.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\ASDSEEpv.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\ASPack.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\Babylon.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\BDelphi5.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\CatchUp.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\CBuildr5.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\CCGA.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\CManager.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\CuteFTP4.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
Peewiglet
Newbie Surfer- Posts: 28
Joined: 2009-06-28
Operating System: XP -
Re: System Security -- Can't even install Hijack This to generat
by Peewiglet on Mon 29 Jun - 16:16
MBAM LOG Part 2
c:\program files\privacyprotector free\Appbase\CuteHTML.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\DAcceler.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\DiscJug.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\ECDCreat4.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\Far.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\FFTsks.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\FlashFXP.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\FrntPage.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\FrontPEx.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\FtpEXP.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\FtpVoya.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\GetRight.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\GoZilla.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\GravMRU.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\HomeSite.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\HotDogPr.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\H_TxtPad.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\IconExtr.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\iMesh.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\ImgReady3.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\InsShExp.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\JASC_P_P.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\KaZaA.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\LView.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MacDir.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MacDrWea.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MicAng.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MicDes.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MMUnDisk.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MM_CON.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\Morpheus.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MPaint.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MPicPub.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MPImaGal.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MSExplorer.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MSoffice.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MSRegEdit.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MSWMP.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MSWordPad.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\Nero.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\NetShow.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\NTBackup.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\pfilelst.xda (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\PhotShel.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\PHPCoder.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\PowerZIP.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\RapidBr.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\RealAuPl.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\RealDown.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\SecurCRT.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\SL_BlWin.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\SmartClr.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\Sonique.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\StuffIt.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\TelepPro.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\UGifAnim.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\UltraEd.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\UMedStud.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\UPhImpV.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\UPhotoEx.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\UVidStud.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\VNC.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\WebFeret.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\WebReap.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\WinACE.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\WinGate.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\WinRAR.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\WinZIP.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\WiseInst.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\wordslst.xda (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\YahooPl.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\ZipMagic.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\button.gif (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\button2.gif (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\header.gif (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\logo.gif (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\spacer.gif (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\top1.jpg (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\top2.jpg (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\top_line.gif (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Activate.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\atl71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\AV.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\bnlink.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\diagnosis.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\err.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\lapv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\license.rtf (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\CuteHTML.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\DAcceler.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\DiscJug.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\ECDCreat4.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\Far.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\FFTsks.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\FlashFXP.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\FrntPage.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\FrontPEx.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\FtpEXP.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\FtpVoya.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\GetRight.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\GoZilla.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\GravMRU.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\HomeSite.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\HotDogPr.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\H_TxtPad.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\IconExtr.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\iMesh.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\ImgReady3.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\InsShExp.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\JASC_P_P.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\KaZaA.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\LView.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MacDir.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MacDrWea.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MicAng.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MicDes.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MMUnDisk.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MM_CON.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\Morpheus.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MPaint.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MPicPub.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MPImaGal.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MSExplorer.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MSoffice.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MSRegEdit.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MSWMP.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\MSWordPad.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\Nero.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\NetShow.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\NTBackup.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\pfilelst.xda (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\PhotShel.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\PHPCoder.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\PowerZIP.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\RapidBr.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\RealAuPl.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\RealDown.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\SecurCRT.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\SL_BlWin.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\SmartClr.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\Sonique.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\StuffIt.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\TelepPro.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\UGifAnim.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\UltraEd.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\UMedStud.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\UPhImpV.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\UPhotoEx.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\UVidStud.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\VNC.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\WebFeret.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\WebReap.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\WinACE.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\WinGate.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\WinRAR.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\WinZIP.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\WiseInst.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\wordslst.xda (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\YahooPl.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\Appbase\ZipMagic.dat (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\button.gif (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\button2.gif (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\header.gif (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\logo.gif (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\spacer.gif (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\top1.jpg (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\top2.jpg (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\privacyprotector free\img\top_line.gif (Rogue.Privacy.Protector) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Activate.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\atl71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\AV.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\bnlink.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\diagnosis.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\err.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\lapv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\license.rtf (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
Peewiglet
Newbie Surfer- Posts: 28
Joined: 2009-06-28
Operating System: XP -
Re: System Security -- Can't even install Hijack This to generat
by Peewiglet on Mon 29 Jun - 16:19
MBAM LOG Part 3
c:\program files\drivecleaner freeware\manual.url (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\mfc71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\msvcp71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\msvcr71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\pv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\pv.exe (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\readme.rtf (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\remnag.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\ScanReport.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Schedule.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\softwaredetect.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\sr.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\support.url (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\UDC.xml (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\UDC6.url (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\unins000.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\unins000.exe (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\uninstall.ico (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\UninstallPage.html (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\up.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\updater.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\vbpv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\AE_CD_Cr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\AReadr4.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\AReadr5.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\ASDSEEpv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\ASPack.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\Babylon.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\BDelphi5.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\CatchUp.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\CBuildr5.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\CCGA.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\CManager.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\CuteFTP4.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\CuteHTML.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\DAcceler.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\DiscJug.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\ECDCreat4.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\Far.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\FFTsks.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\FlashFXP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\FrntPage.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\FrontPEx.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\FtpEXP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\FtpVoya.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\GetRight.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\GoZilla.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\GravMRU.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\HomeSite.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\HotDogPr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\H_TxtPad.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\IconExtr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\iMesh.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\ImgReady3.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\InsShExp.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\JASC_P_P.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\KaZaA.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\LView.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MacDir.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MacDrWea.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MicAng.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MicDes.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MMUnDisk.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MM_CON.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\Morpheus.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MPaint.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MPicPub.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MPImaGal.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MSExplorer.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MSoffice.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MSRegEdit.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MSWMP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MSWordPad.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\Nero.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\NetShow.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\NTBackup.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\pfilelst.xda (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\PhotShel.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\PHPCoder.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\PowerZIP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\RapidBr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\RealAuPl.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\manual.url (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\mfc71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\msvcp71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\msvcr71.dll (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\pv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\pv.exe (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\readme.rtf (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\remnag.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\ScanReport.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Schedule.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\softwaredetect.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\sr.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\support.url (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\UDC.xml (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\UDC6.url (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\unins000.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\unins000.exe (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\uninstall.ico (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\UninstallPage.html (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\up.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\updater.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\vbpv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\AE_CD_Cr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\AReadr4.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\AReadr5.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\ASDSEEpv.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\ASPack.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\Babylon.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\BDelphi5.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\CatchUp.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\CBuildr5.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\CCGA.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\CManager.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\CuteFTP4.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\CuteHTML.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\DAcceler.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\DiscJug.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\ECDCreat4.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\Far.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\FFTsks.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\FlashFXP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\FrntPage.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\FrontPEx.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\FtpEXP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\FtpVoya.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\GetRight.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\GoZilla.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\GravMRU.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\HomeSite.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\HotDogPr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\H_TxtPad.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\IconExtr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\iMesh.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\ImgReady3.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\InsShExp.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\JASC_P_P.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\KaZaA.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\LView.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MacDir.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MacDrWea.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MicAng.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MicDes.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MMUnDisk.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MM_CON.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\Morpheus.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MPaint.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MPicPub.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MPImaGal.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MSExplorer.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MSoffice.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MSRegEdit.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MSWMP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\MSWordPad.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\Nero.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\NetShow.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\NTBackup.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\pfilelst.xda (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\PhotShel.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\PHPCoder.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\PowerZIP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\RapidBr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\RealAuPl.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
Peewiglet
Newbie Surfer- Posts: 28
Joined: 2009-06-28
Operating System: XP -
Re: System Security -- Can't even install Hijack This to generat
by Peewiglet on Mon 29 Jun - 16:20
MBAM LOG Part 4
c:\program files\drivecleaner freeware\Appbase\RealDown.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\SecurCRT.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\SL_BlWin.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\SmartClr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\Sonique.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\StuffIt.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\TelepPro.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\UGifAnim.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\UltraEd.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\UMedStud.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\UPhImpV.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\UPhotoEx.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\UVidStud.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\VNC.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\WebFeret.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\WebReap.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\WinACE.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\WinGate.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\WinRAR.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\WinZIP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\WiseInst.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\wordslst.xda (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\YahooPl.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\ZipMagic.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\button.gif (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\button2.gif (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\header.gif (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\logo.gif (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\spacer.gif (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\top1.jpg (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\top2.jpg (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\top_line.gif (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\drivecleaner freeware\DriveCleaner Freeware.lnk (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\drivecleaner freeware\DriveCleaner HomePage.lnk (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\drivecleaner freeware\DriveCleaner Online Manual.lnk (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\drivecleaner freeware\DriveCleaner Online Support.lnk (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\drivecleaner freeware\Uninstall DriveCleaner.lnk (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\atl71.dll (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\DataBase.sav (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\err.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\is-0QFGQ.tmp (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\is-4BV9O.tmp (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\is-9EJCC.tmp (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\License.rtf (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\mfc71.dll (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\mProp (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\msvcp71.dll (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\msvcr71.dll (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\propbh.xml (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\readme.rtf (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\ReportListFile.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\sr.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\umain.xml (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\unins000.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\unins000.exe (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\privacyprotector free\Logs\update.log (Rogue.PrivacyProtector) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\drivecleaner freeware\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\errorkiller\Errors.stg (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\errorkiller\Results.stg (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\start menu\Programs\pro antispyware 2009\Pro Antispyware 2009.lnk (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\start menu\Programs\system security\System Security (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\solt lake software\pro antispyware 2009\proas2009.exe (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\solt lake software\pro antispyware 2009\LOG\20090409105353562.log (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\Desktop\System Security 2009.lnk (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\RealDown.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\SecurCRT.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\SL_BlWin.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\SmartClr.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\Sonique.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\StuffIt.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\TelepPro.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\UGifAnim.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\UltraEd.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\UMedStud.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\UPhImpV.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\UPhotoEx.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\UVidStud.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\VNC.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\WebFeret.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\WebReap.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\WinACE.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\WinGate.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\WinRAR.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\WinZIP.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\WiseInst.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\wordslst.xda (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\YahooPl.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\Appbase\ZipMagic.dat (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\button.gif (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\button2.gif (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\header.gif (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\logo.gif (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\spacer.gif (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\top1.jpg (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\top2.jpg (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\drivecleaner freeware\img\top_line.gif (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\drivecleaner freeware\DriveCleaner Freeware.lnk (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\drivecleaner freeware\DriveCleaner HomePage.lnk (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\drivecleaner freeware\DriveCleaner Online Manual.lnk (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\drivecleaner freeware\DriveCleaner Online Support.lnk (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\all users\start menu\Programs\drivecleaner freeware\Uninstall DriveCleaner.lnk (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\atl71.dll (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\DataBase.sav (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\err.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\is-0QFGQ.tmp (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\is-4BV9O.tmp (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\is-9EJCC.tmp (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\License.rtf (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\mfc71.dll (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\mProp (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\msvcp71.dll (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\msvcr71.dll (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\propbh.xml (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\readme.rtf (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\ReportListFile.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\sr.log (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\umain.xml (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\unins000.dat (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\program files\systemdoctor 2006 free\unins000.exe (Rogue.SystemDoctor) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\privacyprotector free\Logs\update.log (Rogue.PrivacyProtector) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\drivecleaner freeware\Logs\update.log (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\errorkiller\Errors.stg (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\application data\errorkiller\Results.stg (Rogue.ErrorKiller) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\start menu\Programs\pro antispyware 2009\Pro Antispyware 2009.lnk (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\start menu\Programs\system security\System Security (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\solt lake software\pro antispyware 2009\proas2009.exe (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\solt lake software\pro antispyware 2009\LOG\20090409105353562.log (Rogue.ProAntiSpyware) -> Quarantined and deleted successfully.
c:\documents and settings\Tim Wood\Desktop\System Security 2009.lnk (Rogue.SystemSecurity) -> Quarantined and deleted successfully.
Peewiglet
Newbie Surfer- Posts: 28
Joined: 2009-06-28
Operating System: XP -
Re: System Security -- Can't even install Hijack This to generat
by Peewiglet on Mon 29 Jun - 16:21
HIJACK THIS LOG (Pre re-boot after running MBAM)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:17:35 PM, on 6/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: XBTP06568 - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\tbuA4\AOL_security_toolbar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\tbuA4\AOL_security_toolbar.dll
O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dldfmon.exe] "C:\Program Files\Dell AIO Printer 948\dldfmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell AIO Printer 948\memcard.exe"
O4 - HKLM\..\Run: [Dell AIO Printer 948 Fax Server] "C:\Program Files\Dell AIO Printer 948\fm3032.exe" /s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: dldfCATSCustConnectService - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe
O23 - Service: dldf_device - - C:\WINDOWS\system32\dldfcoms.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
--
End of file - 7542 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:17:35 PM, on 6/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: XBTP06568 - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\tbuA4\AOL_security_toolbar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\tbuA4\AOL_security_toolbar.dll
O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dldfmon.exe] "C:\Program Files\Dell AIO Printer 948\dldfmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell AIO Printer 948\memcard.exe"
O4 - HKLM\..\Run: [Dell AIO Printer 948 Fax Server] "C:\Program Files\Dell AIO Printer 948\fm3032.exe" /s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: dldfCATSCustConnectService - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe
O23 - Service: dldf_device - - C:\WINDOWS\system32\dldfcoms.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
--
End of file - 7542 bytes
Peewiglet
Newbie Surfer- Posts: 28
Joined: 2009-06-28
Operating System: XP -
Page 1 of 3 • 1, 2, 3
Permissions of this forum:
You cannot reply to topics in this forum