I've recently been infected by the Spyware Strike 2.5. The Spyware Strike seems to be very annoying malware and the removal of it seems to be a hard job. I've followed few different instructions to remove it. Using the smitRem, ewido, Ad-Aware etc haven't helped me so far. I'm starting to get desperate with Spyware Strike, so here is my HJT, Panda activescan and smitRem logs. Hope you can help me to find solution to this problem and remove the Spyware Strike.
Logfile of HijackThis v1.99.1
Scan saved at 16:40:30, on 24.1.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
D:\ewido anti-malware\ewidoctrl.exe
D:\ewido anti-malware\ewidoguard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
D:\Outpost Firewall\outpost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\Logi_MwX.Exe
D:\Winamp\winampa.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
D:\MOZILL~1\FIREFOX.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
D:\hijackthis\HijackThis.exe
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [WinampAgent] D:\Winamp\winampa.exe
O4 - HKLM\..\Run: [Outpost Firewall] D:\OUTPOS~1\outpost.exe /waitservice
O4 - HKLM\..\Run: [OutpostFeedBack] D:\Outpost Firewall\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [SpywareStrike] C:\Program Files\SpywareStrike\SpywareStrike.exe /h
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - D:\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/ ... 1.1.74.cab
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab
O18 - Protocol: bw+0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {EDBC10E2-6567-4706-AEA1-EE90C4B96B0D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: D:\OUTPOS~1\wl_hook.dll D:\OUTPOS~1\wl_hook.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido security suite control - ewido networks - D:\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\ewido anti-malware\ewidoguard.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - D:\Outpost Firewall\outpost.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Panda Activescan log:
Incident Status Location
Adware:adware/securityerror Not disinfected C:\WINDOWS\SYSTEM32\ot.ico
Potentially unwanted tool:application/spywarestrike Not disinfected C:\PROGRAM FILES\SpywareStrike
Adware:adware/antivirus-gold Not disinfected Windows Registry
Potentially unwanted tool:application/zango Not disinfected HKEY_LOCAL_MACHINE\Software\Microsoft\Code Store Database\Distribution Units\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Walloittaja\Application Data\Mozilla\Firefox\Profiles\lfre0qdm.default\cookies.txt[.toplist.cz/]
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Walloittaja\Application Data\Mozilla\Firefox\Profiles\lfre0qdm.default\cookies.txt[.gostats.com/]
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Walloittaja\Application Data\Mozilla\Firefox\Profiles\lfre0qdm.default\cookies.txt[.adultfriendfinder.com/]
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Walloittaja\Application Data\Mozilla\Firefox\Profiles\lfre0qdm.default\cookies.txt[.clickbank.net/]
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Walloittaja\Application Data\Mozilla\Firefox\Profiles\lfre0qdm.default\cookies.txt[.maxserving.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Walloittaja\Application Data\Mozilla\Firefox\Profiles\lfre0qdm.default\cookies.txt[.xiti.com/]
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Walloittaja\Application Data\Mozilla\Firefox\Profiles\lfre0qdm.default\cookies.txt[.yadro.ru/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Walloittaja\Application Data\Mozilla\Firefox\Profiles\lfre0qdm.default\cookies.txt[.zedo.com/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Walloittaja\Application Data\Mozilla\Firefox\Profiles\lfre0qdm.default\cookies.txt[.searchportal.information.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Walloittaja\Application Data\Mozilla\Firefox\Profiles\lfre0qdm.default\cookies.txt[.dist.belnk.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Walloittaja\Application Data\Mozilla\Firefox\Profiles\lfre0qdm.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Walloittaja\Application Data\Mozilla\Firefox\Profiles\lfre0qdm.default\cookies.txt[.belnk.com/]
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Walloittaja\Application Data\Mozilla\Firefox\Profiles\lfre0qdm.default\cookies.txt[]
Adware:Adware/IST.ISTBar Not disinfected C:\Documents and Settings\Walloittaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-5aa0b436-66c622a1.zip[InstallerApplet.class]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Walloittaja\Local Settings\Application Data\Mozilla\Firefox\Profiles\lfre0qdm.default\Cache\3EFBEAA3d01[Process.exe]
Adware:Adware/SpywareStrike Not disinfected C:\Program Files\SpywareStrike\uninst.exe
Spyware:Cookie/Zedo Not disinfected C:\RECYCLER\NPROTECT\00054754.MOZ[]
Adware:Adware/SpywareStrike Not disinfected C:\RECYCLER\NPROTECT\00054777.exe
Adware:Adware/SpywareStrike Not disinfected C:\RECYCLER\NPROTECT\00054914.exe
Spyware:Cookie/Zedo Not disinfected C:\RECYCLER\NPROTECT\00055078.MOZ[]
Spyware:Cookie/Zedo Not disinfected C:\RECYCLER\NPROTECT\00055086.MOZ[]
Spyware:Cookie/Zedo Not disinfected C:\RECYCLER\NPROTECT\00055089.MOZ[]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00055095.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055110.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055111.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055112.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055113.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055229.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055237.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055238.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055244.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055245.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055246.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055263.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055296.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055297.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055298.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055305.MOZ[]
Spyware:Cookie/Clickbank Not disinfected C:\RECYCLER\NPROTECT\00055500.MOZ[]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00055529.MOZ[]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00055530.MOZ[]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00055532.MOZ[]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00055542.MOZ[]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00055543.MOZ[]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00055544.MOZ[]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00055546.MOZ[]
Adware:Adware/SpywareStrike Not disinfected C:\RECYCLER\NPROTECT\00055576.exe
Adware:Adware/SpywareStrike Not disinfected C:\RECYCLER\NPROTECT\00055686.exe
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00055713.MOZ[]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00055715.MOZ[]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00055719.MOZ[]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00055730.MOZ[]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00055972.MOZ[]
Spyware:Cookie/RealMedia Not disinfected C:\RECYCLER\NPROTECT\00055973.MOZ[]
Spyware:Cookie/adultfriendfinder Not disinfected C:\RECYCLER\NPROTECT\00055992.MOZ[]
Spyware:Cookie/adultfriendfinder Not disinfected C:\RECYCLER\NPROTECT\00055993.MOZ[]
Spyware:Cookie/adultfriendfinder Not disinfected C:\RECYCLER\NPROTECT\00055994.MOZ[]
Spyware:Cookie/adultfriendfinder Not disinfected C:\RECYCLER\NPROTECT\00055995.MOZ[]
Spyware:Cookie/adultfriendfinder Not disinfected C:\RECYCLER\NPROTECT\00056018.MOZ[]
Spyware:Cookie/adultfriendfinder Not disinfected C:\RECYCLER\NPROTECT\00056037.MOZ[]
Spyware:Cookie/Xiti Not disinfected C:\RECYCLER\NPROTECT\00056041.MOZ[]
Spyware:Cookie/Xiti Not disinfected C:\RECYCLER\NPROTECT\00056068.MOZ[]
Spyware:Cookie/Xiti Not disinfected C:\RECYCLER\NPROTECT\00056080.MOZ[]
Spyware:Cookie/Xiti Not disinfected C:\RECYCLER\NPROTECT\00056081.MOZ[]
Spyware:Cookie/Xiti Not disinfected C:\RECYCLER\NPROTECT\00056083.MOZ[]
Spyware:Cookie/Xiti Not disinfected C:\RECYCLER\NPROTECT\00056110.MOZ[]
Spyware:Cookie/Xiti Not disinfected C:\RECYCLER\NPROTECT\00056121.MOZ[]
Spyware:Cookie/Xiti Not disinfected C:\RECYCLER\NPROTECT\00056135.MOZ[]
Spyware:Cookie/Xiti Not disinfected C:\RECYCLER\NPROTECT\00056144.MOZ[]
Spyware:Cookie/Xiti Not disinfected C:\RECYCLER\NPROTECT\00056145.MOZ[]
Spyware:Cookie/Xiti Not disinfected C:\RECYCLER\NPROTECT\00056146.MOZ[]
Spyware:Cookie/Xiti Not disinfected C:\RECYCLER\NPROTECT\00056147.MOZ[]
Spyware:Cookie/GoStats Not disinfected C:\RECYCLER\NPROTECT\00056148.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056149.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056150.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056151.MOZ[]
Spyware:Cookie/GoStats Not disinfected C:\RECYCLER\NPROTECT\00056152.MOZ[]
Spyware:Cookie/Xiti Not disinfected C:\RECYCLER\NPROTECT\00056153.MOZ[]
Spyware:Cookie/Xiti Not disinfected C:\RECYCLER\NPROTECT\00056295.MOZ[]
Spyware:Cookie/Yadro Not disinfected C:\RECYCLER\NPROTECT\00056296.MOZ[]
Adware:Adware/SpywareStrike Not disinfected C:\RECYCLER\NPROTECT\00056310.exe
Spyware:Cookie/Yadro Not disinfected C:\RECYCLER\NPROTECT\00056327.MOZ[]
Spyware:Cookie/Yadro Not disinfected C:\RECYCLER\NPROTECT\00056328.MOZ[]
Adware:Adware/SpywareStrike Not disinfected C:\RECYCLER\NPROTECT\00056340.exe
Adware:Adware/SpywareStrike Not disinfected C:\RECYCLER\NPROTECT\00056430.exe
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056547.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056557.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056733.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056735.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056736.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056743.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056749.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056750.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056751.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056752.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056754.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056755.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056756.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056757.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056758.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056759.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056760.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056761.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056762.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056765.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056770.MOZ[]
Spyware:Cookie/Toplist Not disinfected C:\RECYCLER\NPROTECT\00056785.MOZ[]
Spyware:Cookie/Doubleclick Not disinfected D:\Outpost Firewall\Plugins\AntiSpyware\quarantine\00000633.asw
Potentially unwanted tool:Application/Processor Not disinfected D:\smitRem\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected D:\smitRem(2).exe[Process.exe]
Potentially unwanted tool:Application/Processor Not disinfected D:\smitRem.exe[Process.exe]
And finally smitRem log:
smitRem © log file
version 2.8
by noahdfear
Microsoft Windows XP [Version 5.1.2600]
The current date is: ti 24.01.2006
The current time is: 15:24:10,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
checking for ShudderLTD key
ShudderLTD key not present!
checking for PSGuard.com key
PSGuard.com key not present!
checking for WinHound.com key
WinHound.com key not present!
spyaxe uninstaller NOT present
Winhound uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SpywareStrike © by noahdfear
SpywareStrike directory present
SpywareStrike uninstaller present
Starting spystri uninstaller
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{D81E2FC4-B0A2-11D3-21AC-07C04C21A18A}"="Replay for WindowsXP"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~