Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijack This Log: Please help diagnose


  • Please log in to reply
9 replies to this topic

#1 sthacker

sthacker

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 01 March 2005 - 02:03 PM

Over the last 2 days the computer has appeared to get corruption in drivers.
On boot up there is a message, "C:\Windows\System\VSHINIT.VXD" missing.
Before I started they could get on the internet, but everything would plug up after 1/2 hour or so. Yesterday I could get on the internet, but any attempt to access anything at all gave the message, "Server could not be found".
Now the internet cannot be accessed at all, the printer is dead, and the mouse is very slow and jerky. I don't know if any of this is pertinent to the problem, but it sure would be nice to be able to get on the internet even for a short shot to send a HJT log!!

Here's the log I got this morning when I went to her house.

Logfile of HijackThis v1.99.1
Scan saved at 11:44:24 AM, on 3/1/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\MK9908.EXE
C:\PROGRAM FILES\GEARBOX CONNECTION KIT\BIN\CONFSVR.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\PROGRAM FILES\NETSCAPE\NETSCAPE 6\NETSCP6.EXE
C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\LOGITECHDESKTOPMESSENGER.EXE
C:\PROGRAM FILES\CALLWAVE\IAM.EXE
C:\PROGRAM FILES\GEARBOX CONNECTION KIT\BIN\GBCONMON.EXE
C:\PROGRAM FILES\GEARBOX CONNECTION KIT\BIN\GBTASK.EXE
C:\WINDOWS\HH.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

F1 - win.ini: load=C:\S-MONEY\CASM2ALR.EXE
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.fbx.com/"); (C:\Program Files\Netscape\Communicator\users\dtaks\prefs.js)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSCSHELLEXTENSION.DLL (file missing)
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [CHotKey] mk9908.exe
O4 - HKLM\..\Run: [Gearbox] "C:\Program Files\Gearbox Connection Kit\bin\confsvr.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Imonitor] "c:\Program Files\McAfee\QuickClean\Plguni.exe" /START
O4 - HKLM\..\Run: [MyPointsPointAlert0] "C:\PROGRAM FILES\MYPOINTS_POINTALERT\MyPointsPointAlert0.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM\..\RunServices: [Gearbox Deferal Check] C:\Program Files\Gearbox Connection Kit\bin\gbdefer.exe
O4 - HKLM\..\RunServices: [McAfeeVirusScanService] c:\Program Files\McAfee\McAfee VirusScan\AVSYNMGR.EXE
O4 - HKLM\..\RunServices: [McAfee Firewall] "C:\PROGRAM FILES\MCAFEE\MCAFEE FIREWALL\CPD.EXE" /SERVICE
O4 - HKCU\..\Run: [Mozilla Quick Launch] C:\Program Files\Netscape\Netscape 6\Netscp6.exe -turbo
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "c:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.EXE
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: MyPoints - file://C:\PROGRAM FILES\MYPOINTS_POINTALERT\Sy800\Tp800\scri800a.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Point Alert - {16BF42FD-CA0A-4f48-819D-B0343254DD67} - file://C:\Program Files\MyPointsPointAlert\System\Temp\mypoints_script0.htm (file missing) (HKCU)
O9 - Extra button: Point Alert - {67B50696-04BA-48ea-A697-28AA0EAA9C26} - file://C:\PROGRAM FILES\MYPOINTS_POINTALERT\Sy800\Tp800\scri800a.htm (file missing) (HKCU)
O10 - Broken Internet access because of LSP provider 'c:\windows\system\cslsp.dll' missing
O12 - Plugin for .pif: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npaudio.dll
O16 - DPF: {22E5705C-991A-4646-9053-A9525CA7222A} - http://www.topmoxie.com/external/builds/mypoints/mpmoxie.cab
O18 - Protocol: offline-8876480 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\GAPLUGPROTOCOL-8876480.DLL

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:10 PM

Posted 01 March 2005 - 07:30 PM

Fix all those entries that look like this:

O18 - Protocol: bwx0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL

Then reboot and post a new log.

Also do you know what C:\S-MONEY\CASM2ALR.EXE is?

#3 sthacker

sthacker
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 02 March 2005 - 12:42 AM

I'm not sure how to fix the entries noted. Will SpyBot or Ad-Aware pick them up? I hate feeling so useless, but don't want to make things worse if I do something wrong.

I'll find out what that .exe file is when I go there tomorrow.

Anyone have a guess as to the modem/printer/mouse problem? I'd sure like to be able to get online to debug this bugger.

Stan

#4 sthacker

sthacker
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 02 March 2005 - 01:34 AM

Well, I really need to eat crow. I read far enough in the manual to learn how to do a scan and send it in. After my last post I scanned the rest of the manual and now think I need to start HJT, scan, check the designated entries, and fix checked.

If someone will just validate what I said above, I'll read the manual carefully in the morning when I'm awake, and make sure I can do it right.

This is so new to me, I'm a bit overwhelmed. Given time, I know I could figure it out, but my daughter has already dumped all her personal files, in preparation for a 'Format-reinstall'. I'd really rather fix it just so I can learn how. I also feel one never quite remembers everything when backing up strategic files.

Stan

#5 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:10 PM

Posted 02 March 2005 - 10:30 AM

Dont worry...well get this worked out :thumbsup:

Just follow these directions.

Print out these instructions and then close all windows including Internet Explorer.

Then I want you to fix some of those entries. Please do the following:

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Run Hijackthis again, click scan, and Put a checkmark next to each of these. Then click the Fix button:

O4 - HKCU\..\Run: [LDM] C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: MyPoints - file://C:\PROGRAM FILES\MYPOINTS_POINTALERT\Sy800\Tp800\scri800a.htm
O9 - Extra button: Point Alert - {16BF42FD-CA0A-4f48-819D-B0343254DD67} - file://C:\Program Files\MyPointsPointAlert\System\Temp\mypoints_script0.htm (file missing) (HKCU)
O9 - Extra button: Point Alert - {67B50696-04BA-48ea-A697-28AA0EAA9C26} - file://C:\PROGRAM FILES\MYPOINTS_POINTALERT\Sy800\Tp800\scri800a.htm (file missing) (HKCU)
O16 - DPF: {22E5705C-991A-4646-9053-A9525CA7222A} - http://www.topmoxie.com/external/builds/mypoints/mpmoxie.cab
O18 - Protocol: offline-8876480 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw00s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw10s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw20s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw30s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw40s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw50s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw60s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw70s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw80s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw90s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwa0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwb0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwc0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwd0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwe0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwf0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwg0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwh0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwi0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwj0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwk0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwl0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwm0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwn0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwo0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwp0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwq0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwr0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bws0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwt0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwu0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwv0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bww0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwx0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwy0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwz0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw-0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0 - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bw+0s - {1F023AA1-7E55-11D9-9AD2-444553540000} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\BWPLUGPROTOCOL-8876480.DLL
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\PROGRAM FILES\DESKTOP MESSENGER\8876480\PROGRAM\GAPLUGPROTOCOL-8876480.DLL

Reboot your computer post a new log as a reply to this topic.

#6 sthacker

sthacker
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 02 March 2005 - 04:05 PM

OK, I think I'm getting up to speed.

Logfile of HijackThis v1.99.1
Scan saved at 2:48:44 PM, on 3/2/05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\MK9908.EXE
C:\PROGRAM FILES\GEARBOX CONNECTION KIT\BIN\CONFSVR.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
C:\PROGRAM FILES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
C:\PROGRAM FILES\NETSCAPE\NETSCAPE 6\NETSCP6.EXE
C:\PROGRAM FILES\CALLWAVE\IAM.EXE
C:\PROGRAM FILES\GEARBOX CONNECTION KIT\BIN\GBCONMON.EXE
C:\PROGRAM FILES\GEARBOX CONNECTION KIT\BIN\GBTASK.EXE
C:\PROGRAM FILES\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...=5.5&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?p...=5.5&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...B_PVER}&ar=home
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
F1 - win.ini: load=C:\S-MONEY\CASM2ALR.EXE
N1 - Netscape 4: user_pref("browser.startup.homepage", "http://www.fbx.com/"); (C:\Program Files\Netscape\Communicator\users\dtaks\prefs.js)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: McAfee VirusScan - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSCSHELLEXTENSION.DLL (file missing)
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [CHotKey] mk9908.exe
O4 - HKLM\..\Run: [Gearbox] "C:\Program Files\Gearbox Connection Kit\bin\confsvr.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Imonitor] "c:\Program Files\McAfee\QuickClean\Plguni.exe" /START
O4 - HKLM\..\Run: [MyPointsPointAlert0] "C:\PROGRAM FILES\MYPOINTS_POINTALERT\MyPointsPointAlert0.exe"
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MusicMatch\MusicMatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM\..\RunServices: [Gearbox Deferal Check] C:\Program Files\Gearbox Connection Kit\bin\gbdefer.exe
O4 - HKLM\..\RunServices: [McAfeeVirusScanService] c:\Program Files\McAfee\McAfee VirusScan\AVSYNMGR.EXE
O4 - HKLM\..\RunServices: [McAfee Firewall] "C:\PROGRAM FILES\MCAFEE\MCAFEE FIREWALL\CPD.EXE" /SERVICE
O4 - HKCU\..\Run: [Mozilla Quick Launch] C:\Program Files\Netscape\Netscape 6\Netscp6.exe -turbo
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "c:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - Startup: Event Reminder.lnk = C:\Program Files\Broderbund\PrintMaster\PMremind.exe
O4 - Startup: Internet Answering Machine.lnk = C:\Program Files\CallWave\IAM.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O10 - Broken Internet access because of LSP provider 'c:\windows\system\cslsp.dll' missing
O12 - Plugin for .pif: C:\PROGRAM FILES\NETSCAPE\COMMUNICATOR\PROGRAM\PLUGINS\npaudio.dll
O15 - Trusted Zone: http://free.aol.com

#7 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:10 PM

Posted 02 March 2005 - 04:43 PM

I need to get samples of some of your files. Please create a folder called c:\submit. Now copy the following files into that directory:

C:\S-MONEY\CASM2ALR.EXE

To copy the files simply navigate to the directory they are in and right click on them and then click on copy. Then paste these files into the c:\submit directory. Once the files are all copied I need you to zip the folder and rename submit.zip to yourmembername.zip (for example grinler.zip). If you are using XP or ME right-click on the folder and click on the Send To option and then send it to a compressed folder. You will now see a file called submit.zip. If you are using another version of Windows, please download a program called Winzip and zip it using that. Then go to http://www.bleepingcomputer.com/submit-malware.php fill in the required fields, and browse to the file. Then click on the Send File button.

#8 sthacker

sthacker
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 02 March 2005 - 07:03 PM

The zip file has been sent. Some of the files were lost going from dying computer to mine. Hope you can tell something with what were sent. If not, I'll try again. Can't believe I'm using 3 1/2" disks again!

Stan

#9 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:10:10 PM

Posted 02 March 2005 - 09:21 PM

Log looks clean...great job!

Disable and Enable System Restore. - If you are using Windows ME or XP then you should disable and reenable system restore to make sure there are no infected files found in a restore point.

You can find instructions on how to enable and reenable system restore here:

Managing Windows Millenium System Restore

or

Windows XP System Restore Guide

Renable system restore with instructions from tutorial above


Next,

This process will clean out your Temp files and your Temporary Internet Files. Please do both steps:

Step 1:Delete Temp Files
To clean out your temp files, click on Start and then run, and type %temp% and press the ok button.

This should open up the temp directory that your machine uses. Please delete all files that are found there. If you get an error when deleting a file, skip that file and delete all the others. If you had trouble deleting a file, reboot into Safe Mode and follow this step again. You should now be able to delete all the files.

Step 2: Delete Temporary Internet Files
Now I want you to open up Internet Explorer, and click on the Tools menu and then Internet Options. At the General tab, which should be the first tab you are currently on, click on the Delete Files button and put a checkmark in Delete offline content. Then press the OK button. This may take quite a while, so do not be alarmed with how long it takes. When it is done, your Temporary Internet Files will now be deleted.

Finally, and definitely the MOST IMPORTANT step, click on the following tutorial and follow each step listed there:

Simple and easy ways to keep your computer safe and secure on the Internet


Glad I was able to help.

#10 sthacker

sthacker
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 03 March 2005 - 01:10 AM

Thanks a million for your help. I've printed your last post as well as the tutorial at the end, 2 copies. I will give one to my daughter and her husband, and go over it with them. I will then follow up 2 or 3 times a week until I feel their system is more secure. The other copy is for me to put in my notebook on my computer desk, for frequent perusal to be sure I get and keep up to date.

Regards,
Stan

P.S. This is probably not a good idea in case you have already read this first part, you'll miss this. I'll take a chance, it's not life threatening.

Can you tell me what bug(s) were on my system and what the large S_Money file was? Was it a bad guy? Thanks.

Edited by sthacker, 03 March 2005 - 12:48 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users