Please could one of the in the know crowd take a look at the attached HijackThis log as I think I've been over-run. Thanks in advance.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 17:44:54, on 30/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\SiteAdvisor\6065\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\SiteAdvisor\6065\SiteAdv.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msrr.exe
C:\Program Files\FunTV Installation\T7Ir9x.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\palstart.exe
C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Morpheus\Morpheus.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\Program Files\HijackThis\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6065\SiteAdv.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {42BBAF6A-005F-4AE6-962A-8EE3616C9AAE} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - (no file)
O2 - BHO: (no name) - {70E9DEFE-6BB5-4B3A-ADFC-33DCC321379D} - C:\WINDOWS\system32\jkkji.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7D064D71-DD76-4596-90C0-921766AD560A} - C:\WINDOWS\system32\jkkhfcb.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {E7C79532-B748-40A4-A54C-6A14569541B7} - (no file)
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6065\SiteAdv.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [DataLayer] "C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [Broadbandadvisor.exe] "C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe" /AUTORUN
O4 - HKLM\..\Run: [SupaDial] "C:\Program Files\SupaDial\SupaDial.exe" /A
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6065\SiteAdv.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [SoundService] "rundll32.exe" "C:\WINDOWS\system32\exlodweg.dll",setvm
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-21-1054891167-116301478-3111466437-1009\..\Run: [Power2GoExpress] (User 'Loui Render')
O4 - HKUS\S-1-5-21-1054891167-116301478-3111466437-1009\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Loui Render')
O4 - HKUS\S-1-5-21-1054891167-116301478-3111466437-1009\..\Run: [LDM] \Program\ (User 'Loui Render')
O4 - HKUS\S-1-5-21-1054891167-116301478-3111466437-1009\..\Run: [saap] c:\program files\180searchassistant\saap\saap.exe (User 'Loui Render')
O4 - HKUS\S-1-5-21-1054891167-116301478-3111466437-1009\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Loui Render')
O4 - HKUS\S-1-5-21-1054891167-116301478-3111466437-1009\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus1.exe" /WinStart (User 'Loui Render')
O4 - HKUS\S-1-5-21-1054891167-116301478-3111466437-1009\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Loui Render')
O4 - HKUS\S-1-5-21-1054891167-116301478-3111466437-1009\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Loui Render')
O4 - HKUS\S-1-5-21-1054891167-116301478-3111466437-1009\..\Run: [startkey] C:\WINDOWS\system32\server.exe (User 'Loui Render')
O4 - HKUS\S-1-5-21-1054891167-116301478-3111466437-1009\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe (User 'Loui Render')
O4 - HKUS\S-1-5-21-1054891167-116301478-3111466437-1009\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\exlodweg.dll",setvm (User 'Loui Render')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Morpheus.lnk = C:\Program Files\Morpheus\Morpheus.exe
O4 - Global Startup: FunTV Remote Control.lnk = ?
O4 - Global Startup: palstart.exe
O4 - Global Startup: AudioDeck.lnk = C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - (no file)
O9 - Extra 'Tools' menuitem: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1105728037531
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128106504609
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...ows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - https://ukplay.toontown.com/download/sv1.0.21.10/ttinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O18 - Protocol: bw+0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: jkkhfcb - C:\WINDOWS\SYSTEM32\jkkhfcb.dll
O20 - Winlogon Notify: jkkji - C:\WINDOWS\system32\jkkji.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - Unknown owner - c:\program files\mcafee.com\agent\mcdetect.exe (file missing)
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6065\SAService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O24 - Desktop Component 0: (no name) - http://www.tag-board.com/smilies/frog.gif
O24 - Desktop Component 1: (no name) - http://pics.ebay.com/aw/pics/uk/temp/150x36_nospoof.gif
O24 - Desktop Component 2: (no name) - http://www.chez.com/multisujets/images/south-park.gif
O24 - Desktop Component 3: (no name) - http://memail.com/animations/Images/FatB.gif
O24 - Desktop Component 4: (no name) - http://www.tag-board.com/smilies/uhh.gif
O24 - Desktop Component 5: (no name) - http://www.tag-board.com/smilies/smile.gif
O24 - Desktop Component 6: (no name) - http://www.tag-board.com/smilies/bowl.gif
O24 - Desktop Component 7: (no name) - http://www.enidlawsongallery.co.uk/images/alex/jcb.jpg
O24 - Desktop Component 8: (no name) - http://www.bbc.co.uk/cbeebies/charlieandlo...ages/clocks.gif
O24 - Desktop Component 9: (no name) - http://www.bbc.co.uk/cbeebies/numberjacks/...images/thu1.jpg

--
End of file - 27735 bytes

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]

Hi,

Some remarks here first..
I see you have Paltalk installed. I do not recommend this one since it has a dubious reputation. That's why I recommend you uninstall it. There are safer alternatives, for example Skype.

Secondly, I see leftovers from McAfee present, however, it says that files are missing. Did you uninstall/delete McAfee previously? Or deleted it manually?
You really have to install an Antivirus though.

Please perform my steps in the right order..

* Download VirtumundoBegone, place it on your desktop.

• Doubleclick VirtumundoBeGone.exe to start the tool.
• Follow the instructions on the screen.
• Don't worry if you'll get a Blue screen with an error in it - this is normal.

After reboot,

* Start HijackThis, close all open windows leaving only HijackThis running. Place a check against each of the following if still present (some entries won't be present anymore):

O2 - BHO: (no name) - {42BBAF6A-005F-4AE6-962A-8EE3616C9AAE} - (no file)
O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - (no file)
O2 - BHO: (no name) - {70E9DEFE-6BB5-4B3A-ADFC-33DCC321379D} - C:\WINDOWS\system32\jkkji.dll
O2 - BHO: (no name) - {7D064D71-DD76-4596-90C0-921766AD560A} - C:\WINDOWS\system32\jkkhfcb.dll
O2 - BHO: (no name) - {E7C79532-B748-40A4-A54C-6A14569541B7} - (no file)
O4 - HKLM\..\Run: [SoundService] "rundll32.exe" "C:\WINDOWS\system32\exlodweg.dll",setvm
O4 - HKUS\S-1-5-21-1054891167-116301478-3111466437-1009\..\Run: [saap] c:\program files\180searchassistant\saap\saap.exe (User 'Loui Render')
O4 - HKUS\S-1-5-21-1054891167-116301478-3111466437-1009\..\Run: [startkey] C:\WINDOWS\system32\server.exe (User 'Loui Render')
O4 - HKUS\S-1-5-21-1054891167-116301478-3111466437-1009\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\exlodweg.dll",setvm (User 'Loui Render')
O4 - Global Startup: palstart.exe
O9 - Extra button: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - (no file)
O9 - Extra 'Tools' menuitem: Morpheus Toolbar - {119DBEDA-9c41-4F97-94B4-B6BCD01133CF} - (no file)
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O20 - Winlogon Notify: jkkhfcb - C:\WINDOWS\SYSTEM32\jkkhfcb.dll
O20 - Winlogon Notify: jkkji - C:\WINDOWS\system32\jkkji.dll

Check next entries if you didn't set these as an active desktop - or you are not aware these are present:

O24 - Desktop Component 0: (no name) - http://www.tag-board.com/smilies/frog.gif
O24 - Desktop Component 1: (no name) - http://pics.ebay.com/aw/pics/uk/temp/150x36_nospoof.gif
O24 - Desktop Component 2: (no name) - http://www.chez.com/multisujets/images/south-park.gif
O24 - Desktop Component 3: (no name) - http://memail.com/animations/Images/FatB.gif
O24 - Desktop Component 4: (no name) - http://www.tag-board.com/smilies/uhh.gif
O24 - Desktop Component 5: (no name) - http://www.tag-board.com/smilies/smile.gif
O24 - Desktop Component 6: (no name) - http://www.tag-board.com/smilies/bowl.gif
O24 - Desktop Component 7: (no name) - http://www.enidlawsongallery.co.uk/images/alex/jcb.jpg
O24 - Desktop Component 8: (no name) - http://www.bbc.co.uk/cbeebies/charlieandlo...ages/clocks.gif
O24 - Desktop Component 9: (no name) - http://www.bbc.co.uk/cbeebies/numberjacks/...images/thu1.jpg

* Click on Fix Checked when finished and exit HijackThis.
Make sure your Internet Explorer is closed when you click Fix Checked!

I also see parts from Bifrose, a nasty infection present, so do next as well:

It's better to print out the next instructions or save it in notepad, because you also have to work in safe mode without networking support, so this page wouldn't be available then.
It is also important you don't miss a step and perform everything in the right order!!

* Download SDFix and save it to your Desktop.

* Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

---------------------------

* Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
do not use the scan yet

--------------------------

* Reboot into Safe Mode`: ( without networking support !)
°To get into the Windows Safe Mode, restart your computer and, just before Windows starts to load, tap the F8 key a few times.
Choose Safe Mode from the menu that will appear and press Enter.

• Doubleclick the drweb-cureit.exe, Click Start and Allow to run the express scan.
• This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
• It could be possible it displays a popup to buy it in between, to buy or 50% discount. Just close that popup again.
• Once the short scan has finished, Click Options > Change settings
• Choose the "Scan"-tab, remove the mark at "Heuristic analysis".
• Back at the main window, mark the drives that you want to scan.
• Select all drives. A red dot shows which drives have been chosen.
• Click the green arrow at the right, and the scan will start.
• Click 'Yes to all' if it asks if you want to cure/move the file.
• When the scan has finished, look if you can click next icon next to the files found:
• If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
  
  This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
• After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
• Save the report to your desktop. The report will be called DrWeb.csv
• Close Dr.Web Cureit.

-------------------------

• Open the extracted SDFix folder and double click RunThis.bat to start the script.
• Type Y to begin the cleanup process.
• It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
• Press any Key and it will restart the PC.
• When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
• Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
  (Report.txt will also be copied to Clipboard ready for posting back on the forum).

Post the following logs in your next reply:

* Log from DrWeb CureIt
* Log from SDFix
* New HijackThislog
* log VBG.TXT which present on your desktop

Sorry for the delay, but here the new reports.

Dr Web CureIt Report


msnmsgr.exe;c:\program files\msn messenger;BackDoor.Funmaker;Deleted.;
exlodweg.dll;c:\windows\system32;Trojan.Virtumod;Will be cured after reboot.;
exlodweg.dll;C:\WINDOWS\system32;Trojan.Virtumod;Will be cured after reboot.;
ljjjkkk.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
yayvwvs.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
pmkhh.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
efccyvt.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
opnmnmn.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
efcbbay.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
awtstqq.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
khfeebb.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
awtssqq.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
hggdbyv.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
rqrpono.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
nnnmlkh.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
yayxwuu.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
hgghfcb.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
rqromnk.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
opnljjh.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
fccyxur.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
fcccywx.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
jkkjghi.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
opnnljk.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
tuvspqn.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
hgggday.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
ddcyw.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
ssttt.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
ddcdcby.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
mljgf.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
vtutstr.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
gebcywt.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
urqonlj.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
pmnnm.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
nnnlklj.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
xxywuts.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
mllmk.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
jkklk.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
jkkjh.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
awtqnkh.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
yayvuvu.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
jkkll.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
tuvtttq.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
pmnnono.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
efccayw.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
pmnllih.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
ssqrppm.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
ssqppqr.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
gebyaxv.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
khfedda.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
iifgedb.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
gebcyya.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
urqqpqo.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
geedc.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
pmnlk.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
awtqomj.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
rqrspmk.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
iifeeff.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
jkklkif.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
qomnopn.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
xxyywwx.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
khfghhe.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
gebcdax.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
jkkjige.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
fccdcdd.dll;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
jkkhfcb.dll.vir;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
jkkji.dll.vir;C:\WINDOWS\system32;Trojan.Virtumod;Deleted.;
is67271[1].exe;C:\Documents and Settings\Loui Render\Local Settings\Temporary Internet Files\Content.IE5\T7R4MHB4;Trojan.Virtumod;Deleted.;
nsp7.tmp;C:\Documents and Settings\Vicky Wiles\Local Settings\Temp;Tool.Prockill;Incurable.Moved.;
nsn7.tmp;C:\Documents and Settings\Vicky Wiles\Local Settings\Temp;Tool.Prockill;Incurable.Moved.;
nsaC.tmp;C:\Documents and Settings\Vicky Wiles\Local Settings\Temp;Tool.Prockill;Incurable.Moved.;
nsx11.tmp;C:\Documents and Settings\Vicky Wiles\Local Settings\Temp;Tool.Prockill;Incurable.Moved.;
is67295[1].exe;C:\Documents and Settings\Vicky Wiles\Local Settings\Temporary Internet Files\Content.IE5\ORO58XES;Trojan.Virtumod;Deleted.;
Process.exe;C:\Documents and Settings\Vicky Wiles\Desktop\SDFix\apps;Tool.Prockill;Incurable.Moved.;
dj ez live 23.wma;C:\Documents and Settings\Vicky Wiles\Shared;Trojan.Isbar.389;Deleted.;
is67271[1].exe;C:\Documents and Settings\Guest\Local Settings\Temporary Internet Files\Content.IE5\VWX71KDB;Trojan.Virtumod;Deleted.;
A0621936.exe;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP723;Adware.IMAd;Incurable.Moved.;
A0676694.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP758;Trojan.Virtumod;Deleted.;
A0676695.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP758;Trojan.Virtumod;Deleted.;
A0676786.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP761;Trojan.Virtumod;Deleted.;
A0676918.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP761;Trojan.Virtumod;Deleted.;
A0676919.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP761;Trojan.Virtumod;Deleted.;
A0676920.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP761;Trojan.Virtumod;Deleted.;
A0676921.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP761;Trojan.Virtumod;Deleted.;
A0685235.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0685236.DLL;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686273.exe;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;BackDoor.Funmaker;Deleted.;
A0686274.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686275.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686276.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686277.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686278.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686279.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686280.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686281.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686282.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686283.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686284.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686285.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686286.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686287.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686288.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686289.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686290.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686291.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686292.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686293.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686294.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686295.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686296.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686297.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686298.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686299.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686300.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686301.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686302.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686303.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686304.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686305.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686306.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686307.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686308.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686309.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686310.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686311.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686312.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686313.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686314.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686315.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686316.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686317.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686318.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686319.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686320.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686321.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686322.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686323.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686324.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686325.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686326.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686327.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686328.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686329.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686330.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686331.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686332.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686333.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0686334.dll;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP762;Trojan.Virtumod;Deleted.;
A0585575.exe;C:\System Volume Information\_restore{C2A838C9-C19B-4A27-AD96-74D9CFCB3389}\RP697;Trojan.MulDrop.1326;Deleted.;
GoldMinerSetup-dm[1].exe;C:\Downloads;Adware.TryMedia;Incurable.Moved.;
Monopoly3-dm[1].exe;C:\Downloads;Adware.TryMedia;Incurable.Moved.;
GMVegasSetup-dm[1].exe;C:\Downloads;Adware.TryMedia;Incurable.Moved.;
PokerSuperstars2SetupV141-dm[1].exe;C:\Downloads;Adware.TryMedia;Incurable.Moved.;

__________________________________________________________________


SDFix Report

SDFix: Version 1.76

Run by ******* - 05/04/2007 - 19:21:16.73

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\Documents and Settings\V*****s\Desktop\SDFix

Safe Mode:
Checking Services:





Restoring Windows Registry Entries
Restoring Default Hosts File


Rebooting...

Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\WINDOWS\Installer\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}\_SHCT_Sprint.exe.exe - Deleted



ADS Check:

C:\WINDOWS\system32
No streams found.


Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\WINDOWS\\System32\\LEXPPS.EXE"="C:\\WINDOWS\\System32\\LEXPPS.EXE:*:Disabled:LEXPPS.EXE"
"C:\\Program Files\\Kazaa\\kazaa.exe"="C:\\Program Files\\Kazaa\\kazaa.exe:*:Enabled:Kazaa"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Disabled:Logitech Desktop Messenger"
"C:\\Documents and Settings\\V*****S\\Local Settings\\Temporary Internet Files\\Content.IE5\\K3CDALI7\\incredimail_install[1].exe"="C:\\Documents and Settings\\Vicky Wiles\\Local Settings\\Temporary Internet Files\\Content.IE5\\K3CDALI7\\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"
"C:\\Documents and Settings\\V*****s\\Local Settings\\Temp\\ImInstaller\\IncrediMail\\incredimail_install[1].exe"="C:\\Documents and Settings\\Vicky Wiles\\Local Settings\\Temp\\ImInstaller\\IncrediMail\\incredimail_install[1].exe:*:Enabled:IncrediMail Installer"
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"="C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Morpheus\\Morpheus.exe"="C:\\Program Files\\Morpheus\\Morpheus.exe:*:Enabled:M5Shell"
"C:\\WINDOWS\\System32\\lxctcoms.exe"="C:\\WINDOWS\\System32\\lxctcoms.exe:*:Enabled:Lexmark Communications System"
"C:\\Program Files\\MSN Messenger\\msrr.exe"="C:\\Program Files\\MSN Messenger\\msrr.exe:*:Enabled:Messenger"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


Remaining Files:
---------------

Backups Folder: - C:\DOCUME~1\VICKYW~1\Desktop\SDFix\backups\backups.zip

Checking For Files with Hidden Attributes :

C:\Program Files\Common Files\Adobe\ESD\DLMCleanup.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\bbadd.tmp
C:\WINDOWS\system32\ijkkj.tmp
C:\WINDOWS\system32\ijkkj.tmp2
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp
C:\Documents and Settings\Guest\Application Data\Roxio\Dragon\DiscInfoCache\IDE______DVD-ROM_16X______1005_310_DICV018_DRGV2050108.TMP

Finished

______________________________________________


HiJack This report

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 19:44:51, on 05/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\SiteAdvisor\6065\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe
C:\Program Files\SiteAdvisor\6065\SiteAdv.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\FunTV Installation\T7Ir9x.exe
C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Morpheus\Morpheus.exe
C:\Program Files\HijackThis\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6065\SiteAdv.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6065\SiteAdv.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [DataLayer] "C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [lxctmon.exe] "C:\Program Files\Lexmark 5400 Series\lxctmon.exe"
O4 - HKLM\..\Run: [Lexmark 5400 Series Fax Server] "C:\Program Files\Lexmark 5400 Series\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 5400 Series\ezprint.exe"
O4 - HKLM\..\Run: [Broadbandadvisor.exe] "C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe" /AUTORUN
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SiteAdvisor] "C:\Program Files\SiteAdvisor\6065\SiteAdv.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\exlodweg.dll",setvm
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Morpheus.lnk = C:\Program Files\Morpheus\Morpheus.exe
O4 - Global Startup: FunTV Remote Control.lnk = ?
O4 - Global Startup: AudioDeck.lnk = C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.co.uk
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1105728037531
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {665585FD-2068-4C5E-A6D3-53AC3270ECD4} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1128106504609
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...ows-i586-jc.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} (Toontown Installer ActiveX Control) - https://ukplay.toontown.com/download/sv1.0.21.10/ttinst.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O18 - Protocol: bw+0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {158DE96B-2887-4AE2-B517-1AA79652D0C1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - Unknown owner - c:\program files\mcafee.com\agent\mcdetect.exe (file missing)
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6065\SAService.exe
O24 - Desktop Component 0: (no name) - http://www.tag-board.com/smilies/frog.gif
O24 - Desktop Component 1: (no name) - http://pics.ebay.com/aw/pics/uk/temp/150x36_nospoof.gif
O24 - Desktop Component 2: (no name) - http://www.chez.com/multisujets/images/south-park.gif
O24 - Desktop Component 3: (no name) - http://memail.com/animations/Images/FatB.gif
O24 - Desktop Component 4: (no name) - http://www.tag-board.com/smilies/uhh.gif
O24 - Desktop Component 5: (no name) - http://www.tag-board.com/smilies/smile.gif
O24 - Desktop Component 6: (no name) - http://www.tag-board.com/smilies/bowl.gif
O24 - Desktop Component 7: (no name) - http://www.enidlawsongallery.co.uk/images/alex/jcb.jpg
O24 - Desktop Component 8: (no name) - http://www.bbc.co.uk/cbeebies/charlieandlo...ages/clocks.gif
O24 - Desktop Component 9: (no name) - http://www.bbc.co.uk/cbeebies/numberjacks/...images/thu1.jpg

--
End of file - 25308 bytes
_____________________________________________

VBG Report

[04/04/2007, 19:06:32] - VirtumundoBeGone v1.5 ( "G:\VirtumundoBeGone.exe" )
[04/04/2007, 19:06:51] - User choose NOT to continue. Exiting...

[04/04/2007, 19:08:37] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\V****s\Desktop\VirtumundoBeGone.exe" )
[04/04/2007, 19:10:18] - Detected System Information:
[04/04/2007, 19:10:18] - Windows Version: 5.1.2600, Service Pack 2
[04/04/2007, 19:10:18] - Current Username: V*****s (Admin)
[04/04/2007, 19:10:18] - Windows is in NORMAL mode.
[04/04/2007, 19:10:18] - Searching for Browser Helper Objects:
[04/04/2007, 19:10:18] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[04/04/2007, 19:10:18] - BHO 2: {089FD14D-132B-48FC-8861-0048AE113215} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - Checking for HKLM\...\Winlogon\Notify\SiteAdv
[04/04/2007, 19:10:18] - Key not found: HKLM\...\Winlogon\Notify\SiteAdv, continuing.
[04/04/2007, 19:10:18] - BHO 3: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} (Lexmark Toolbar)
[04/04/2007, 19:10:18] - BHO 4: {42BBAF6A-005F-4AE6-962A-8EE3616C9AAE} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - No filename found. Continuing.
[04/04/2007, 19:10:18] - BHO 5: {53707962-6F74-2D53-2644-206D7942484F} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[04/04/2007, 19:10:18] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[04/04/2007, 19:10:18] - BHO 6: {57E218E6-5A80-4f0c-AB25-83598F25D7E9} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - No filename found. Continuing.
[04/04/2007, 19:10:18] - BHO 7: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[04/04/2007, 19:10:18] - BHO 8: {7D064D71-DD76-4596-90C0-921766AD560A} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - Checking for HKLM\...\Winlogon\Notify\jkkhfcb
[04/04/2007, 19:10:18] - Found: HKLM\...\Winlogon\Notify\jkkhfcb - This is probably Virtumundo.
[04/04/2007, 19:10:18] - Assigning {7D064D71-DD76-4596-90C0-921766AD560A} MSEvents Object
[04/04/2007, 19:10:18] - BHO list has been changed! Starting over...
[04/04/2007, 19:10:18] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[04/04/2007, 19:10:18] - BHO 2: {089FD14D-132B-48FC-8861-0048AE113215} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - Checking for HKLM\...\Winlogon\Notify\SiteAdv
[04/04/2007, 19:10:18] - Key not found: HKLM\...\Winlogon\Notify\SiteAdv, continuing.
[04/04/2007, 19:10:18] - BHO 3: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} (Lexmark Toolbar)
[04/04/2007, 19:10:18] - BHO 4: {42BBAF6A-005F-4AE6-962A-8EE3616C9AAE} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - No filename found. Continuing.
[04/04/2007, 19:10:18] - BHO 5: {53707962-6F74-2D53-2644-206D7942484F} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[04/04/2007, 19:10:18] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[04/04/2007, 19:10:18] - BHO 6: {57E218E6-5A80-4f0c-AB25-83598F25D7E9} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - No filename found. Continuing.
[04/04/2007, 19:10:18] - BHO 7: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[04/04/2007, 19:10:18] - BHO 8: {7D064D71-DD76-4596-90C0-921766AD560A} (MSEvents Object)
[04/04/2007, 19:10:18] - ALERT: Found MSEvents Object!
[04/04/2007, 19:10:18] - BHO 9: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[04/04/2007, 19:10:18] - BHO 10: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[04/04/2007, 19:10:18] - BHO 11: {E7C79532-B748-40A4-A54C-6A14569541B7} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - No filename found. Continuing.
[04/04/2007, 19:10:18] - BHO 12: {F72B8563-255E-475F-99C4-0B0A91012779} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - Checking for HKLM\...\Winlogon\Notify\jkkji
[04/04/2007, 19:10:18] - Found: HKLM\...\Winlogon\Notify\jkkji - This is probably Virtumundo.
[04/04/2007, 19:10:18] - Assigning {F72B8563-255E-475F-99C4-0B0A91012779} MSEvents Object
[04/04/2007, 19:10:18] - BHO list has been changed! Starting over...
[04/04/2007, 19:10:18] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
[04/04/2007, 19:10:18] - BHO 2: {089FD14D-132B-48FC-8861-0048AE113215} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - Checking for HKLM\...\Winlogon\Notify\SiteAdv
[04/04/2007, 19:10:18] - Key not found: HKLM\...\Winlogon\Notify\SiteAdv, continuing.
[04/04/2007, 19:10:18] - BHO 3: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} (Lexmark Toolbar)
[04/04/2007, 19:10:18] - BHO 4: {42BBAF6A-005F-4AE6-962A-8EE3616C9AAE} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - No filename found. Continuing.
[04/04/2007, 19:10:18] - BHO 5: {53707962-6F74-2D53-2644-206D7942484F} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[04/04/2007, 19:10:18] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[04/04/2007, 19:10:18] - BHO 6: {57E218E6-5A80-4f0c-AB25-83598F25D7E9} ()
[04/04/2007, 19:10:18] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/04/2007, 19:10:18] - No filename found. Continuing.
[04/04/2007, 19:10:18] - BHO 7: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[04/04/2007, 19:10:18] - BHO 8: {7D064D71-DD76-4596-90C0-921766AD560A} (MSEvents Object)
[04/04/2007, 19:10:18] - ALERT: Found MSEvents Object!
[04/04/2007, 19:10:18] - BHO 9: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[04/04/2007, 19:10:18] - BHO

That was quite a collection of malware present there.

Did you reboot after running DrWeb? Because that was really important, since some files were sheduled to delete after reboot.
In case you didn't, please reboot first.

Then, check and fix next entry in Hijackthis again:

O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\exlodweg.dll",setvm

So, I assume you have set next active desktop components, since I already asked you previously to fix them if you didn't set them? :

O24 - Desktop Component 0: (no name) - http://www.tag-board.com/smilies/frog.gif
O24 - Desktop Component 1: (no name) - http://pics.ebay.com/aw/pics/uk/temp/150x36_nospoof.gif
O24 - Desktop Component 2: (no name) - http://www.chez.com/multisujets/images/south-park.gif
O24 - Desktop Component 3: (no name) - http://memail.com/animations/Images/FatB.gif
O24 - Desktop Component 4: (no name) - http://www.tag-board.com/smilies/uhh.gif
O24 - Desktop Component 5: (no name) - http://www.tag-board.com/smilies/smile.gif
O24 - Desktop Component 6: (no name) - http://www.tag-board.com/smilies/bowl.gif
O24 - Desktop Component 7: (no name) - http://www.enidlawsongallery.co.uk/images/alex/jcb.jpg
O24 - Desktop Component 8: (no name) - http://www.bbc.co.uk/cbeebies/charlieandlo...ages/clocks.gif
O24 - Desktop Component 9: (no name) - http://www.bbc.co.uk/cbeebies/numberjacks/...images/thu1.jpg

Please set your system to show all files.
Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
Uncheck: Hide file extensions for known file types
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm.
Click OK.

Please hide your hidden files and folders afterwards again, when we are done with this thread and your problems are solved, because above instructions to set your system to show all files, unhide legit files and folders as well.
And I don't want you to delete them because they may look suspicious. To hide them again, just perform the above instructions in the opposite way.

Delete next files:

C:\WINDOWS\system32\bbadd.tmp
C:\WINDOWS\system32\ijkkj.tmp
C:\WINDOWS\system32\ijkkj.tmp2

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Updating Java:

• Download the latest version of Java Runtime Environment (JRE) 6u1.
• Scroll down to where it says "Java Runtime Environment (JRE) 6u1".
• Click the "Download" button to the right.
• Check the box that says: "Accept License Agreement".
• The page will refresh.
• Click on the link to download Windows Offline Installation, Multi-language and save to your desktop.
• Close any programs you may have running - especially your web browser.
• Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
• Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  - Examples of older versions in Add or Remove Programs:
  • Java 2 Runtime Environment, SE v1.4.2
  • J2SE Runtime Environment 5.0
  • J2SE Runtime Environment 5.0 Update 6
• Click the Remove or Change/Remove button.
• Repeat as many times as necessary to remove each Java versions.
• Reboot your computer once all Java components are removed.
• Then from your desktop double-click on jre-6-windows-i586.exe to install the newest version.

Reboot and post a new HijackThislog in your next reply as a final check.

Miekiemoes, this will have to wait until tomorrow now, the computer in question is my sister's and it's not with me. I did put a check mark against the 024 entries but for some reason they didn't get removed. I thought it strange when I saw them still included on the latest log. I was also shocked by the number of trojans etc. Hopefully Avast and Comodo will help reduce this problem in the future.
I thought the Java version on this machine was the latest to be honest, as I only downloaded it the other day as the original was highlighted as out of date! Oh well, must have been an old link I followed.

Thanks for your help so far, it's certainly helped.

As of February 2007 the latest version of Java from Sun is 1.5.0_11.

Yes, that's possible since this is a beta version of HijackThis you are using - it may not delete these entries.

Anyway, to delete them, do next instead:

* Go to start > control panel > Display properties > Desktop > Customize Desktop... > Web tab
Select everything you find in there (except for "My current home page" if present) and press the delete button on the right.
Hit ok below > apply in previous window.

I'll read your reply later. The active infection is gone now though, above are just leftovers to deal with

Yes, but you're looking at this page:

http://www.java.com/en/download/manual.jsp

That page hasn't been updated yet. When you look at this page:

http://java.sun.com/javase/downloads/index.jsp

you'll find the correct latest version Java Runtime Environment (JRE) 6u1 there.

Miekiemoes, I follwowed your instructions but as you cn see the 024 entries still remain, I can't get rid of them. I also notice that I have the following entry which I think need fixing with hijack this, what do you think?

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)


Anyway, the complete report is below.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 00:06:18, on 07/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\SiteAdvisor\6065\SAService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Lexmark 5400 Series\lxctmon.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Lexmark 5400 Series\ezprint.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe
C:\Program Files\SiteAdvisor\6065\SiteAdv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\FunTV Installation\T7Ir9x.exe
C:\Program Files\VIA Technologies, Inc\VIA Audio Driver Setup Program\AudioDeck\AudioDeck.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Morpheus\Morpheus.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HijackThis\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6065\SiteAdv.dll
O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6065\SiteAdv.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\Video\ISStart.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] "C:\Program Files\Logitech\Video\LogiTray.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [DataLayer] "C:\Program Files\