stdole3.tlb and related

Computing.Net > Forums > Security and Virus > stdole3.tlb and related - help

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to start participating now! Also, be sure to check out the New User Guide.

stdole3.tlb and related - help

Name: Marticus
Date: May 30, 2006 at 14:25:53 Pacific
OS: Windows XP Professional 2
CPU/Ram: AMD Athlon 64 3700+ 2.21
Product: -

Comment:

Having trouble getting rid of stdole3.tlb (apparently associated with a trojan of some sort) and some other related files. Any help would be appreciated.

Sponsored Link

Ads by Google

Response Number 1

Name: Marticus
Date: May 30, 2006 at 14:52:11 Pacific

Reply:

Also having problems with all video media. For example, Windows Media Player buttons won't work, and my AVS DVD Player won't even open now.

Response Number 2

Name: jabuck
Date: May 30, 2006 at 15:09:40 Pacific

Reply:

Please post a Hijack This log so that the files associated with the virus/spyware/hijacker can be identified. You can download Hijack This at this link http://www.tomcoyote.org/hjt/ then place it into a folder of it's on, such as C:\HJT, so that back up copies can be made and not clutter your desktop or other folders and the backup copies of deleted items can be easily located if needed.
Once saved double click HijackThis.exe, and press "Scan". When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log, Ctrl-A to Select All, and copy its contents into the text editor at this forum.
Do not fix anything yet unless you know what you are doing. This is a powerful tool that can crash the computer if used improperly.
Please download SmitRemFix from this link http://siri.geekstogo.com/SmitfraudFix.php Then extract the contents to your desktop.
Open the "SmitfraudFix" folder and double-click "smitfraudfix.cmd"
Select option #1 - Search by typing 1 and press "Enter"; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.
Note : process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
Please do not option #2 untill asked to do so as running it on an uninfected computer will remove the desktop background

Response Number 3

Name: Marticus
Date: May 30, 2006 at 18:14:44 Pacific

Reply:

Logfile of HijackThis v1.99.1
Scan saved at 8:14:34 PM, on 5/30/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\SOUNDMAN.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZENG10.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.exe
C:\Documents and Settings\Mark\Desktop\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: RaptisoftGameLoader - http://www.raptisoft.com/webgames/raptisoftgameloader.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: bw+0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {685DE5C9-74B8-4A9C-A405-BF1834C2A769} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

Response Number 4

Name: Marticus
Date: May 30, 2006 at 18:16:02 Pacific

Reply:

SmitFraudFix v2.51
Scan done at 20:15:23.90, Tue 05/30/2006
Run from C:\Documents and Settings\Mark\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Mark\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Start Menu

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Mark\FAVORI~1

»»»»»»»»»»»»»»»»»»»»»»»» Desktop

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys

»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection

»»»»»»»»»»»»»»»»»»»»»»»» End

Response Number 5

Name: Marticus
Date: May 30, 2006 at 18:17:00 Pacific

Reply:

I also used Ewido, which seems to have gotten rid of the stdole3.tlb file, but I'm still having media issues as described above. Can't system restore either.

windows 7 english language pack grep line number Wednesday December 31 1969 vi select text unix sort and count Extended Desktop Windows_NT cmd editor background location can't system restore vista	php note ISO C++ forbids comparison between pointer and integer c++ system accounting database design c++ delay button php ATI.ACE.CLI.Aspect.DeviceDFP.Graphics.Runtime.RT_DeviceDFP::Parse cli.exe tick symbol windows 7 english language pack
See More

Response Number 6

Name: jabuck
Date: May 30, 2006 at 18:34:43 Pacific

Reply:

Please download ATF-Cleaner to your desktop from this link
http://www.atribune.org/content/view/19/2/ We will need it later in safe mode
Next, please reboot your computer in Safe Mode by doing the following :
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
Instead of Windows loading as normal, a menu with options should appear;
Select the first option, to run Windows in Safe Mode, then press "Enter".
Choose your usual account.
Run Ewido from safe mode. When the scan has completed, Ewido will create a report.txt file. Click the "Save Report" button on the bottom of the screen and save the log to your desktop.
Please reboot into normal mode and post the ewido log.
Run ATF-Cleaner from safe mode. Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
Run this free online scan from Kaspersky http://kaspersky.com/kos/english/kavwebscan.html
Click Accept
When the updates are finished downloading, click Next, Scan Settings
Under Scan using the following antivirus database:, select extended
Make sure the Scan Archives and Scan Mail Bases options are selected as well. Click OK
Click My Computer and wait for the scan to finish
Click Save Report As. Under Save as type:, select Text file. Save this log to your Desktop and post a copy of it here.

Response Number 7

Name: Marticus
Date: May 31, 2006 at 12:42:29 Pacific

Reply:

ewido anti-malware - Scan report

+ Created on: 2:37:43 PM, 5/31/2006
+ Report-Checksum: 848EE904
+ Scan result:
:mozilla.7:C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\cxe0j0s2.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.8:C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\cxe0j0s2.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\cxe0j0s2.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\cxe0j0s2.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.11:C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\cxe0j0s2.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\cxe0j0s2.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\cxe0j0s2.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\cxe0j0s2.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\cxe0j0s2.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup

::Report End

Response Number 8

Name: Marticus
Date: May 31, 2006 at 13:39:48 Pacific

Reply:

---------------------
KASPERSKY ON-LINE SCANNER REPORT
Wednesday, May 31, 2006 3:39:04 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 31/05/2006
Kaspersky Anti-Virus database records: 197477
---------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
Scan Statistics:
Total number of scanned objects: 66469
Number of viruses found: 7
Number of infected objects: 27
Number of suspicious objects: 0
Duration of the scan process: 00:54:47
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\046C0000.VBN Infected: Trojan-Downloader.Win32.Zlob.pz skipped
C:\Program Files\My Stuff\Installations\mirc616.exe/data0001.bin Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
C:\Program Files\My Stuff\Installations\mirc616.exe mIRC: infected - 1 skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP46\A0008985.DLL Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP46\A0008986.exe Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP46\A0008987.DLL Infected: not-a-virus:AdWare.Win32.MySearch.f skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP46\A0008988.DLL Infected: not-a-virus:AdWare.Win32.MyWay.p skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP46\A0008992.exe/stream/data0013 Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP46\A0008992.exe/stream/data0014 Infected: not-a-virus:AdWare.Win32.SaveNow.bo skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP46\A0008992.exe/stream Infected: not-a-virus:AdWare.Win32.SaveNow.bo skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP46\A0008992.exe NSIS: infected - 3 skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP54\A0011637.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP55\A0011648.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP55\A0011658.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP58\A0011689.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP59\A0011731.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP59\A0011758.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP59\A0011771.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP59\A0011793.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP59\A0012813.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP59\A0012826.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP60\A0012835.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP61\A0012847.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP61\A0012854.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP61\A0012864.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP61\A0012872.exe Infected: Trojan-Downloader.Win32.Zlob.qa skipped
C:\System Volume Information\_restore{4F9036F5-C0C9-4510-9282-273412926F19}\RP61\A0012873.tlb Infected: Trojan-Downloader.Win32.Zlob.qa skipped
Scan process completed.

Response Number 9

Name: jabuck
Date: May 31, 2006 at 17:36:15 Pacific

Reply:

Looks good.
Run hijack This, close all windows and browsers except HT, place a check to the left of the following item and press "fix checked":
O16 - DPF: RaptisoftGameLoader - http://www.raptisoft.com/webgames/raptisoftgameloader.cab
Exit Hijack This
Try cleaning the restore folder. Go to start>control panel>system>system restore tab>check the box to the left of "turn off system restore"> apply(may take a minute or two)>ok. Then go back and turn it back on.
To create a new restore point go Start>Run>type "msconfig" without the quotes>ok>Launch System Restore>Tick the circle beside "create a restore point">next>name it anything you wish>Create>home>restart the computer.

Response Number 10

Name: Marticus
Date: May 31, 2006 at 22:32:02 Pacific

Reply:

Alright... much thanks for all the help.
Anything I can do to fix the media issues as described above?

Response Number 11

Name: jabuck
Date: June 1, 2006 at 03:43:00 Pacific

Reply:

Try the repair option described at this link http://www.avsmedia.com/VideoTools/faq.aspx
I know little to nothing about windows media player, but a shared file or codec with the dvd player may be causing the problem so the repair, if it works, may solve that also.

Response Number 12

Name: Marticus
Date: June 1, 2006 at 09:05:21 Pacific

Reply:

Awesome, thanks again for all the help.

Sponsored Link

Ads by Google

Pop-ops I cant get rid of

Weird Files

Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.

Go to Security and Virus Forum Home

Sponsored links

Ads by Google

Results for: stdole3.tlb and related - help

dc379c8.exe and related problems

Summary

www.computing.net/answers/security/dc379c8exe-and-related-problems/18744.html

Hijacked and need help.

Summary

www.computing.net/answers/security/hijacked-and-need-help/9557.html

need helping in removing stdole3.tl

Summary

www.computing.net/answers/security/need-helping-in-removing-stdole3tl/18717.html

From the Geek Dictionary
website - 1. A collection of electronic pages on the internet accessed by connectin...

Ask a Question!

Weekly Poll
Do you think Comcast should have bought NBC?

Poll Finishes In 5 Days.
Discuss in The Lounge
Poll History

Recent Posts
redirect virus

Overclock Q6600

whats the highest cpu my asrock k7s41 will go

psu query

no display/cpufried?

All Awaiting Reply

Tom's News
Verizon: iPhone is Digitally Clueless Beauty Queen

Nintendo DS Flash Cards are Legal Says Judge

Go Retro: Dragon's Lair Confirmed for iPhone

Sony's PSPgo May Get External UMD Reader

Report: Teen Internet Addicts Likely to Self-Harm

More Tom's Guide News

Data Recovery

Manufacturer List | About Us | Advertising Info | Contact Us
The information on Computing.Net is the opinions of its users. Such opinions may not be accurate and they are to be used at your own risk. Computing.Net cannot verify the validity of the statements made on this site. Computing.Net and Computing.Net LLC hereby disclaim all responsibility and liability for the content of Computing.Net and its accuracy.
PLEASE READ THE FULL DISCLAIMER AND LEGAL TERMS BY CLICKING HERE