Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Battling VX2 I think, it keeps hiding


  • Please log in to reply
1 reply to this topic

#1 jackpound1975

jackpound1975

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:52 PM

Posted 22 May 2005 - 12:58 PM

OK, I have run multiple Virus scans and Ad-Aware scans. It appears that my problem has subsided, but I thought that yesterday too. Here's my log sheet.

Please get back to me.

Logfile of HijackThis v1.99.1
Scan saved at 12:54:13 PM, on 5/22/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ulutil2.dll,SetWriteBack
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O18 - Protocol: bw+0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6D37A978-AC7C-4A5A-931F-E9E4B40F988A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

BC AdBot (Login to Remove)

 


#2 Guest_Cretemonster_*

Guest_Cretemonster_*

  • Guests
  • OFFLINE
  •  

Posted 23 May 2005 - 09:50 AM

Howdy Jackpound1975 and Welcome to the Bleeping Computer Help Forims!

Since the HijackThis log doesnt show any signs of any types of Known Infections,I will need you to run 3 different Scans and post back the Report each generates!

1.Download the L2MFix tool from
http://www.atribune.org/downloads/l2mfix.exe
or
http://www.downloads.subratam.org/l2mfix.exe

Save the file to your desktop and double click l2mfix.exe.

Click the Install button to extract the files and follow the prompts, then open the newly added l2mfix folder on your desktop.

Double click l2mfix.bat and select option #1 for Run Find Log by typing 1 and then pressing enter. This will scan your computer and it may appear nothing is happening, then, after a minute or 2, notepad will open with a log.

Copy the contents of that log and paste it into this thread.

IMPORTANT: Do NOT run option #2 OR any other files in the l2mfix folder until I ask you to.

Once that Scan is completed and you have saved the log>Move on to the next Scan!

2.RKFiles Utility

Download rkfiles.zip and unzip it to its own permanent folder!
http://skads.org/special/rkfiles.zip

Reboot into SAFE MODE(Tap F8 when restarting)
Here is a link on how to boot into Safe Mode:
http://service1.symantec.com/SUPPORT/tsgen...src=sec_doc_nam

Locate the rkfiles.bat file and double-click it to run it. It will start scanning your computer and could take a little while so be patient. Wait for the DOS window to close!

Run MSCONFIG and enable everything in the startup area. To get to MSCONFIG, click on Start -> Run -> type in MSCONFIG -> click OK!

Under the "General" Tab
Make Sure Normal Startup is Checked!!


Click Apply>>OK>>Follow the Prompts to Restart!!

Restart Normal and have the PC Scanned here:
Panda Active Scan

You will need to be using Internet Explorer for the Scan to work!

Save the Report it generates!

Once all is completed>Locate C:\log.txt generated by the RKFiles Utility>The Results of both the L2Mfix and Panda Scan!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users