Computer Messed up. Hijackthis log inside

Sharky Forums


Results 1 to 8 of 8

Thread: Computer Messed up. Hijackthis log inside

Hybrid View

  1. 07-23-2006, 06:30 PM #1
    FFactoryxx
    FFactoryxx is offline
    Tiger Shark FFactoryxx's Avatar
    Join Date
    Feb 2001
    Location
    Richboro, PA, USA
    Posts
    618

    Computer Messed up. Hijackthis log inside

    My friends computer is really messed up and ive been working on it all day. Can someone take a loog at the hijackthis file and tell me what to fix

    Logfile of HijackThis v1.99.1
    Scan saved at 6:30:02 PM, on 7/23/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\Logi_MwX.Exe
    C:\Program Files\Xerox\NWWia\XrxFTPLt.exe
    C:\windows\system32\xyBi22V.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\windows\system32\xyBi22V.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\AIM\aim.exe
    C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Program Files\AVPersonal\AVWUPSRV.EXE
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\system32\wwSecure.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Documents and Settings\JW\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.comcast.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [XeroxScannerDaemon] C:\Program Files\Xerox\NWWia\XrxFTPLt.exe
    O4 - HKLM\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\System32\sfg_4b0c.dll"
    O4 - HKLM\..\Run: [xyBi22V] C:\windows\system32\xyBi22V.exe
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [Si4n.exe] C:\windows\temp\Si4n.exe
    O4 - HKLM\..\Run: [xyBi22V.exe] C:\windows\system32\xyBi22V.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\RunOnce: [Pest Cleaning] "C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\ppclean.exe" "clean" "silent" "wintools" "2"
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINDOWS\System32\sfg_4b0c.dll"
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\PartyPoker.exe (file missing)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://www.classlink2000.com/sites/FILES/wfica.cab
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1093383359531
    O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/Visi.../TLIEFlash.CAB
    O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
    O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - https://www.stopzilla.com/_download/...ler/dwnldr.cab
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/tech...a/SymAData.dll
    O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab
    O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/...ampx_en_dl.cab
    O18 - Protocol: bw+0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {71CD000A-5359-462D-BA9C-A4148587EAFA} -
    "Don't Run! You'll only die tired"
    AMOS's Quote of Wisdom
    XP [email protected], 8RDA+ 1.1, EVGA 6800nu, 1gb Twinmos/Ch-5, 40gb WD, Antec SX835 w/350watt ps, 19in, Liteon 24x40x12, NEC-1300a Dual Burner.Ohh yea and A FLOPPY!!
    Reply With Quote Reply With Quote
  2. 07-23-2006, 06:31 PM #2
    FFactoryxx
    FFactoryxx is offline
    Tiger Shark FFactoryxx's Avatar
    Join Date
    Feb 2001
    Location
    Richboro, PA, USA
    Posts
    618
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    wSecure.exe
    "Don't Run! You'll only die tired"
    AMOS's Quote of Wisdom
    XP [email protected], 8RDA+ 1.1, EVGA 6800nu, 1gb Twinmos/Ch-5, 40gb WD, Antec SX835 w/350watt ps, 19in, Liteon 24x40x12, NEC-1300a Dual Burner.Ohh yea and A FLOPPY!!
    Reply With Quote Reply With Quote
  3. 07-23-2006, 06:31 PM #3
    FFactoryxx
    FFactoryxx is offline
    Tiger Shark FFactoryxx's Avatar
    Join Date
    Feb 2001
    Location
    Richboro, PA, USA
    Posts
    618
    O18 - Protocol: bwn0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {71CD000A-5359-462D-BA9C-A4148587EAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\w
    "Don't Run! You'll only die tired"
    AMOS's Quote of Wisdom
    XP [email protected], 8RDA+ 1.1, EVGA 6800nu, 1gb Twinmos/Ch-5, 40gb WD, Antec SX835 w/350watt ps, 19in, Liteon 24x40x12, NEC-1300a Dual Burner.Ohh yea and A FLOPPY!!
    Reply With Quote Reply With Quote
  4. 07-23-2006, 07:42 PM #4
    Delphi00
    Delphi00 is offline
    Thread Killer Delphi00's Avatar
    Join Date
    Jun 2003
    Location
    Bay Area, CA
    Posts
    3,327
    I don't knw much aboutt HijackThis! logs, but I heard that there are support groups out there that lets you paste the logs on the message boards. They specialize in looking at these logs. You might wanna give those a try.

    EDIT: I googled 'hijackthis log' and got this link:
    http://www.techsupportforum.com/forumdisplay.php?f=50
    Last edited by Delphi00; 07-23-2006 at 07:44 PM.
    Rig:
    P4 2.4C @ 3.0Ghz | Abit IC7 | Thermalright SLK 947U + Enermax 90mm | Scythe Ultra Kaze 120mm | Corsair 3GB | PowerColor HD3850 AGP | Antec SLK3700AMB | Enermax Whisper II 535W | Hercules Fortissimo III 7.1 | Samsung 931B | Logitech Z-2300 | WinXP Pro
    Reply With Quote Reply With Quote
  6. 07-23-2006, 10:14 PM #5
    mrsinster
    mrsinster is offline
    Mako Shark mrsinster's Avatar
    Join Date
    Apr 2001
    Location
    New Jersey
    Posts
    4,182
    Okay you got a few things goimng on hgere .......
    You either need to diable or delete......

    1.
    Tooo many tool bar runing at the same time when you open your browser.......

    2.
    Too many thinngs running at boot up aim,yahoo, msn, mns msg,and comcast....
    to name a few.....

    3.
    lastly to many media players running in hidden mode at the same time

    =================================
    Save ANA
    http://www.jpages.net/HelpAna.htm
    =================================
    For MOM
    Save a life become a donor

    http://www.shareyourlife.org/
    =================================
    System:
    AMD Athlon 64 4400 1MB L2 Cache
    2 gigs corsair extreme
    asus AN8-SLI deluxe
    Power color x1900xt 512 meg
    soundblaster audiogy 2
    lynksys nic
    Antec 500 watt
    CoolerMaster case
    21 Inch Hitachi
    Reply With Quote Reply With Quote
  7. 07-24-2006, 09:35 PM #6
    DOCDAVID
    DOCDAVID is offline
    Tiger Shark DOCDAVID's Avatar
    Join Date
    Mar 2001
    Location
    Somewhere over the rainbow, way up high.
    Posts
    649
    Try this site. They were helpful when I had a problem.

    http://www.bleepingcomputer.com/forums/forum22.html
    IBM 8113W3
    Pentium 4 3GHz
    DDR2 2GB 533Mhz
    WDC 160 GB
    ATI Radeon 9000
    Ensoniq AudioPCI
    52X CD_ROM
    Liteon 52x24x52x
    Kingston EtherRxKNE111TX
    WinXP Pro
    --------------------------------
    We do not stop playing because we grow old;
    We grow old because we stop playing!
    Reply With Quote Reply With Quote
  8. 07-25-2006, 07:03 AM #7
    Mechanic
    Mechanic is offline
    Hammerhead Shark Mechanic's Avatar
    Join Date
    Jan 2001
    Location
    Cincinnati, Ohio
    Posts
    2,163
    I suggest that you do yourself and your friend a favor, Back up the important data on the system to CD or DVD and then format the HD and restore the Operating System and applications.

    Tell your friend not to add everything to the computer that is offered for free. If you decide not to format the HD take mrsinster's suggestion and clean EVERYHING out of the startup files and delete all the toolbars and unused programs through Add/Remove programs in Control Panel.
    Reply With Quote Reply With Quote
  9. 07-25-2006, 11:16 AM #8
    speedstream5621
    speedstream5621 is offline
    Great White Shark
    Join Date
    Jun 2002
    Posts
    7,136
    For the love of God, get rid of all of those toolbars. Uninstall them from Add/Remove if possible, and then go into IE-->Tools-->Manage Add-ons and delete everything except what is obviously legitimate.

    In MSCONFIG, remove all of the services in the C:\windows folder from starting up. A lowercase "w" is your tip-off.

    Determining good services from bad ones can get tricky if you have a lot of software starting at boot. Depending on the severity of the infection(s), you may want/need to do this in Safe Mode.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules