infected by "yieldmanager" help me plz

neurotrash1982 · Jan 30, 2007

Hi. Ive been having alot of problems lately, especially downloading and surfing. a lot of things I try to download just stop halfway the download as if theyre finished, like only part of a picture or part of a movie clip. Then sometimes when I try to surf in the left bottom of my browser it says trying to open ad.yieldmanager.com all the time. also, my taskmanager indicates that programs like word and taskmanager itself take a ridiculous amount of cpu, like I only have word open I notice it all starts grinding to a halt I open task manager and it says 100%.

So in general my internet connection just slows down to a halt and my comp is being verrrrry slow. All of these problems seem to come up sporadically, but enough to drive me up the wall.

Ok so I googled "yieldmanager remove" and found this site here. I saw these other threads but apparently every case requires a different approach apparently depending on a hijackthis log. I can post one of those if you want. I dont know what you people can tell about me by looking at a hijackthis log of my comp but oh well

I know something about computers but really not that much.
I just REALLY NEED HELP WITH THIS, so please.

nice site you have here

Adywebb · Jan 30, 2007

Have you scanned your PC with your AV? - if not give it a go and see if it picks up anything.

By all means post your HijackThis log and we'll have a look

neurotrash1982 · Jan 30, 2007

okI will do that the problem is it might take a while since my comps being slow and stuff. but I will doit now.sopleasestand by for a while.

Adywebb · Jan 30, 2007

Make sure you update your AV first, then do the AV scan in Safe Mode

...oh, and as much as I'll try to be on standby - I do have to sleep sometime so I can get up for work in the morning

neurotrash1982 · Jan 31, 2007

ok I ran AVG in safe mode and then I ran a hijackthis

This is the AVG in safe mode:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 8:23:15 31/01/2007
+ Scan result:

C:\Program Files\AGSetup0609.exe -> Adware.Gator : Ignored.
:mozilla.66:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@2o7[1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@2o7[3].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@adbrite[1].txt -> TrackingCookie.Adbrite : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@adbrite[3].txt -> TrackingCookie.Adbrite : Ignored.
:mozilla.46:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
:mozilla.47:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.Adrevolver : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@adrevolver[2].txt -> TrackingCookie.Adrevolver : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@adtech[2].txt -> TrackingCookie.Adtech : Ignored.
:mozilla.43:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.Atdmt : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignored.
:mozilla.53:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.54:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.55:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
:mozilla.56:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.Casalemedia : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\[email protected][1].txt -> TrackingCookie.Clickhype : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@com[2].txt -> TrackingCookie.Com : Ignored.
:mozilla.61:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.Doubleclick : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Ignored.
:mozilla.45:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.Fastclick : Ignored.
:mozilla.40:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.Hitbox : Ignored.
:mozilla.41:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.Hitbox : Ignored.
:mozilla.42:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.Hitbox : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\[email protected][2].txt -> TrackingCookie.Onestat : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@overture[1].txt -> TrackingCookie.Overture : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\[email protected][1].txt -> TrackingCookie.Pointroll : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@questionmarket[1].txt -> TrackingCookie.Questionmarket : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@questionmarket[3].txt -> TrackingCookie.Questionmarket : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@realmedia[1].txt -> TrackingCookie.Realmedia : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@revenue[1].txt -> TrackingCookie.Revenue : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\[email protected][1].txt -> TrackingCookie.Serving-sys : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\[email protected][1].txt -> TrackingCookie.Starware : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\[email protected][1].txt -> TrackingCookie.Starware : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@tacoda[2].txt -> TrackingCookie.Tacoda : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@trafficmp[2].txt -> TrackingCookie.Trafficmp : Ignored.
:mozilla.26:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignored.
:mozilla.27:C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\cacs0xgu.default\cookies.txt -> TrackingCookie.Tribalfusion : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\eigenaar@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Ignored.
C:\Documents and Settings\Eigenaar\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Ignored.

::Report end

And heres the hijackthis log (didnt run it in safe mode hopeI got that right):

Logfile of HijackThis v1.99.1
Scan saved at 19:41:01, on 31/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\COMMON~1\EACCEL~1\EANTHO~1.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe
C:\Program Files\E-Color\True Internet Color\TICIcon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\SysShield Tools\IE Popup Blocker\PKMaster.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Network Associates\VirusScan\MCUPDATE.EXE
C:\Program Files\Network Associates\Common Framework\McScript_InUse.exe
C:\Program Files\hijackthis\HijackThis1991.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://netlogin.kuleuven.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/search/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.searchv.com/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.searchv.com/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://kuleuven.ac.be/ludit/Kotnet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.sokewhjnfyuyrfvvqapgb.com/kNvtKee9hABZc46kVFJchk9dDykUng4Z4C2QKTJ0u6A.asp"); (C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Profiles\default\ovis2eev.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\Eigenaar\Application Data\Mozilla\Profiles\default\ovis2eev.slt\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: WsftpBrowserHelper Class - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: (no name) - {6ACD11BD-4CA0-4283-A8D8-872B9BA289B6} - C:\Program Files\Acceleration Software\StopSign\webcbrowse.dll
O2 - BHO: ViewSource Class - {6CC1C918-AE8B-4373-A5B4-28BA1851E39A} - C:\WINDOWS\winshow.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: PopKiller Class - {9A23B8A4-C6C9-4A68-8FA6-5F905DC8FF80} - C:\Program Files\SysShield Tools\IE Popup Blocker\PKExt.dll
O2 - BHO: (no name) - {DA639E8D-CF1C-3B56-7A72-7E1BBA73D959} - C:\DOCUME~1\Eigenaar\APPLIC~1\flagweb\Thunk curb.exe (file missing)
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\en-us\msntb.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EanthologyApp] C:\PROGRA~1\COMMON~1\EACCEL~1\EANTHO~1.EXE /b
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [5-1-48-2[1]] c:\windows\5-1-48-2[1].exe -m
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Microsoft Update] vpc32.exe
O4 - HKCU\..\Run: [DrawSign] C:\DOCUME~1\Eigenaar\APPLIC~1\MANAGE~1\AudioEq.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - Startup: AGSatellite.lnk = ?
O4 - Global Startup: Microsoft Office Snelzoeken.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: True Internet Color Icon.lnk = C:\Program Files\E-Color\True Internet Color\TICIcon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {2F099F5D-7003-4441-82C2-707C7C273FEB} - C:\Program Files\Acceleration Software\StopSign\webcbrowse.dll
O9 - Extra 'Tools' menuitem: Block This Popup - {2F099F5D-7003-4441-82C2-707C7C273FEB} - C:\Program Files\Acceleration Software\StopSign\webcbrowse.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\icq\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\icq\ICQ.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: AbsoluteShield IE Popup Blocker - {A70DD885-5FCE-44af-8AA1-FC07FFE8CE21} - C:\Program Files\SysShield Tools\IE Popup Blocker\PKMaster.exe (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...le.com/samantha/us/win/QuickTimeInstaller.exe
O16 - DPF: {58172624-85DD-4482-9E64-02ADCA637E96} (shizmoo Class) - http://www.kungfuchess.com/activex/web665.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162990053970
O16 - DPF: {8522F9B3-38C5-4AA4-AE40-7401F1BBC851} - http://www.weed-warez.net/free_warez.exe
O18 - Protocol: bw+0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\WINDOWS\System32\wmfhotfix.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe

There. Sorry for the delay the AVG scan went really slow and I didnt run it in safe mode at first so I had to do it over again.
Hope you can make something of this.

Rush · Jan 31, 2007

At least 1 big juicy worm there that needs deleting

Rush · Jan 31, 2007

Use this utility ..
Download and run ....

1..
Spybot search and destroy

Adywebb · Jan 31, 2007

Ok, you have a few nasties on there and some uneccesary entries so run HijackThis again, select the following and delete:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm

O2 - BHO: (no name) - {6ACD11BD-4CA0-4283-A8D8-872B9BA289B6} - C:\Program Files\Acceleration Software\StopSign\webcbrowse.dll

O2 - BHO: ViewSource Class - {6CC1C918-AE8B-4373-A5B4-28BA1851E39A} - C:\WINDOWS\winshow.dll (file missing)

O2 - BHO: (no name) - {DA639E8D-CF1C-3B56-7A72-7E1BBA73D959} - C:\DOCUME~1\Eigenaar\APPLIC~1\flagweb\Thunk curb.exe (file missing)

O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\en-us\msntb.dll (file missing)

O4 - HKCU\..\Run: [Microsoft Update] vpc32.exe

O4 - Global Startup: GStartup.lnk = C:\Program Files\Common Files\GMT\GMT.exe

O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\icq\ICQ.exe (file missing)

O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\icq\ICQ.exe (file missing)

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52...meInstaller.exe

O16 - DPF: {8522F9B3-38C5-4AA4-AE40-7401F1BBC851} - http://www.weed-warez.net/free_warez.exe

Your AVG scan has detected a shed load of adware/spyware cookies without apparently deleting them - please let it do so.

I also note you have McAfee installed - is this your proper antivirus as opposed to AVG Anti-Spy? - if so please run it in safe mode and let it delete any malicious stuff it finds.

Please download and run EWIDO in safe mode (free trial).

Also download and use the following to give you some real time protection: Windows Defender and SpywareBlaster, also download and scan regularly with AdAware and Spybot S&D - all available from HERE.

Afterwards run CCleaner to get rid of any redundant cr*p left on your system

SpainLover · Feb 1, 2007

As Rush said - Try Spybot.

One site I use has yieldmanager on it. This puts TagASaurus on to my computer. Sypbot gets rid of this.

neurotrash1982 · Feb 8, 2007

ok I tried to do what you told me.
however when I use that EWIDO link I go to the page where I downloaded that AVG program.
Anyways heres the Hijackthis log I made just now:

Logfile of HijackThis v1.99.1
Scan saved at 13:01:00, on 8/02/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop
Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program
Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\E-Color\True Internet Color\TICIcon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\Program Files\Network Associates\VirusScan\MCUPDATE.EXE
C:\Program Files\Network Associates\Common Framework\McScript_InUse.exe
C:\Program Files\SysShield Tools\IE Popup Blocker\PKMaster.exe
C:\Program Files\hijackthis\HijackThis1991.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/*http://www.yahoo.com/ext/s
earch/search.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,AutoConfigURL = http://kuleuven.ac.be/ludit/Kotnet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
Koppelingen
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
N3 - Netscape 7: user_pref("browser.startup.homepage",
"http://www.sokewhjnfyuyrfvvqapgb.com/kNvtKee9hABZc46kVFJchk9dDykUng4Z4C2QKTJ0u6A
.asp"); (C:\Documents and Settings\Eigenaar\Application
Data\Mozilla\Profiles\default\ovis2eev.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine",
"engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01
.src"); (C:\Documents and Settings\Eigenaar\Application
Data\Mozilla\Profiles\default\ovis2eev.slt\prefs.js)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} -
C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program
Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: WsftpBrowserHelper Class - {601ED020-FB6C-11D3-87D8-0050DA59922B} -
C:\Program Files\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: PopKiller Class - {9A23B8A4-C6C9-4A68-8FA6-5F905DC8FF80} - C:\Program
Files\SysShield Tools\IE Popup Blocker\PKExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program
files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe
SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network
Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common
Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program
Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone
Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program
Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
-atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware
7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program
Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [5-1-48-2[1]] c:\windows\5-1-48-2[1].exe -m
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop
Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [DrawSign] C:\DOCUME~1\Eigenaar\APPLIC~1\MANAGE~1\AudioEq.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program
Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips
Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: AGSatellite.lnk = ?
O4 - Global Startup: Microsoft Office Snelzoeken.lnk = C:\Program Files\Microsoft
Office\Office\FINDFAST.EXE
O4 - Global Startup: True Internet Color Icon.lnk = C:\Program Files\E-Color\True
Internet Color\TICIcon.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: AbsoluteShield IE Popup Blocker -
{A70DD885-5FCE-44af-8AA1-FC07FFE8CE21} - C:\Program Files\SysShield Tools\IE
Popup Blocker\PKMaster.exe (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {58172624-85DD-4482-9E64-02ADCA637E96} (shizmoo Class) -
http://www.kungfuchess.com/activex/web665.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center
Base Module) -
http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase9602.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.
cab?1162990053970
O18 - Protocol: bw+0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -
C:\Program Files\Logitech\Desktop
Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {785D7C45-34ED-48F4-9CD7-AF31DA020444} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program
Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {785D7C45-34ED-48F4-9CD7-AF31DA020444} -
C:\Program Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\WINDOWS\System32\wmfhotfix.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. -
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates,
Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc.
- C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network
Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner -
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe"
-sSQLEXPRESS (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. -
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe

ok I hope its sort of clean now.
Altho I seemed to have some weird problem with flash player, like in youtube and on YTMND (if youre familiar with that site) and guess what, problem magically disappeared. also no more browser frantically trying to contact "ad.yieldmanager.com", of course.
what kind of people does this kind of thing anyways?

well, hope shes clean now.
anyways, thanks in advance!

ad.yieldmanager.com problem	2	Apr 2, 2007
presumed infected and looking for hijackthis	2	Jan 4, 2009
Virus Infected..plz help	1	Dec 17, 2007
Please help	28	Jul 16, 2007
help plz	4	Mar 13, 2010
Wired Networking Issue, Plz Help Me!	2	Jul 25, 2005
Please Help! Virus? Avast, Firefox, Windows update quit working	4	Jun 4, 2021
HELP ME PLZ	1	Dec 10, 2003

infected by "yieldmanager" help me plz

neurotrash1982

Adywebb

Growing old....

neurotrash1982

Adywebb

Growing old....

neurotrash1982

Rush

Cool Cruncher

Rush

Cool Cruncher

Adywebb

Growing old....

SpainLover

neurotrash1982

Ask a Question

Similar Threads