ComputerForum.com ComputerForum.com  
TigerDirect
  
Go Back   Computer Forum > Computer Software > Computer Security
AVG Found 2 trojans....Hijack this log AVG Found 2 trojans....Hijack this log
Register FAQ Members List Calendar Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
Old 08-24-2006, 11:50 PM   #1 (permalink)
Bronze Member
 
Join Date: Jun 2006
Age: 19
Posts: 97
Default AVG Found 2 trojans....Hijack this log
Logfile of HijackThis v1.99.1
Scan saved at 4:11:21 PM, on 8/24/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.e3e (CAUTION - executable file)
C:\WINDOWS\system32\winlogon.e3e (CAUTION - executable file)
C:\WINDOWS\system32\services.e3e (CAUTION - executable file)
C:\WINDOWS\system32\lsass.e3e (CAUTION - executable file)
C:\WINDOWS\system32\Ati2evxx.e3e (CAUTION - executable file)
C:\WINDOWS\system32\svchost.e3e (CAUTION - executable file)
C:\WINDOWS\System32\svchost.e3e (CAUTION - executable file)
C:\WINDOWS\system32\spoolsv.e3e (CAUTION - executable file)
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.e3e (CAUTION - executable file)
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.e3e (CAUTION - executable file)
C:\WINDOWS\system32\Ati2evxx.e3e (CAUTION - executable file)
C:\WINDOWS\Explorer.e3e (CAUTION - executable file)
C:\Program Files\D-Link\AirPremier AG Utility\AirPMCFG.e3e (CAUTION - executable file)
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.e3e (CAUTION - executable file)
C:\Program Files\iTunes\iTunesHelper.e3e (CAUTION - executable file)
C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.e3e (CAUTION - executable file)
C:\Program Files\Google\Gmail Notifier\gnotify.e3e (CAUTION - executable file)
C:\Program Files\CyberLink\PowerDVD\PDVDServ.e3e (CAUTION - executable file)
C:\Program Files\iPod\bin\iPodService.e3e (CAUTION - executable file)
C:\WINDOWS\SOUNDMAN.e3e (CAUTION - executable file)
C:\Program Files\ATI Technologies\ATI.ACE\cli.e3e (CAUTION - executable file)
C:\Program Files\Java\jre1.5.0_03\bin\jusched.e3e (CAUTION - executable file)
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.e3e (CAUTION - executable file)
C:\Program Files\Viewpoint\Viewpoint Toolbar V35\FotomatDeviceConnect.e3e (CAUTION - executable file)
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .e3e (CAUTION - executable file)
C:\Program Files\AIM\aim.e3e (CAUTION - executable file)
C:\Program Files\Logitech\SetPoint\SetPoint.e3e (CAUTION - executable file)
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.e3e (CAUTION - executable file)
C:\WINDOWS\system32\svchost.e3e (CAUTION - executable file)
C:\Program Files\ATI Technologies\ATI.ACE\cli.e3e (CAUTION - executable file)
C:\WINDOWS\system32\wbem\wmiapsrv.e3e (CAUTION - executable file)
C:\Program Files\Mozilla Firefox\firefox.e3e (CAUTION - executable file)
C:\Program Files\ewido anti-spyware 4.0\guard.e3e (CAUTION - executable file)
C:\Program Files\ewido anti-spyware 4.0\ewido.e3e (CAUTION - executable file)
C:\Documents and Settings\Blake\My Documents\Unzipped\hijackthis\HijackThis.e3e (CAUTION - executable file)

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [D-Link AirPremier AG Utility] C:\Program Files\D-Link\AirPremier AG Utility\AirPMCFG.e3e (CAUTION - executable file)
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.e3e (CAUTION - executable file)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.e3e (CAUTION - executable file)"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.e3e (CAUTION - executable file)" -atboottime
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.e3e (CAUTION - executable file)
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.e3e (CAUTION - executable file)
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.e3e (CAUTION - executable file)"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.e3e (CAUTION - executable file)
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.e3e (CAUTION - executable file)" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.e3e (CAUTION - executable file)
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.e3e (CAUTION - executable file) /STARTUP
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.e3e (CAUTION - executable file)" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .e3e (CAUTION - executable file)
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.e3e (CAUTION - executable file) -cnetwait.odl
O4 - Startup: Folding@Home 5.03.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.e3e (CAUTION - executable file)
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.e3e (CAUTION - executable file)
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.e3e (CAUTION - executable file)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.e3e (CAUTION - executable file)/3000
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.e3e (CAUTION - executable file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.e3e (CAUTION - executable file)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.e3e (CAUTION - executable file)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1155959531250
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O18 - Protocol: bw+0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {B81F3FF7-F5CD-45B6-B09E-2C576E64DC51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.e3e (CAUTION - executable file)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.e3e (CAUTION - executable file)
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.e3e (CAUTION - executable file)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.e3e (CAUTION - executable file)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.e3e (CAUTION - executable file)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.e3e (CAUTION - executable file)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.e3e (CAUTION - executable file)
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.e3e (CAUTION - executable file)



AVG found two trojans and I would like someone to take a look at this log real fast if you can to make sure the two are gone.

Thank you
r3dh3adkid is offline   Reply With Quote


Old 08-26-2006, 09:47 AM   #2 (permalink)
Diamond Member
 
PC eye's Avatar
 
Join Date: Apr 2006
Location: Inside a pc
Posts: 18,922
Default
C:\Program Files\AIM\aim.e3e (CAUTION - executable file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Viewpoint\Viewpoint Toolbar V35\ViewBar.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.e3e (CAUTION - executable file) -cnetwait.odl
O4 - Startup: Folding@Home 5.03.lnk = ?

These reg values point at two toolbars which love adwares. The AIM is also something not so great. AVG will point out the names of the trojans as well as where on the drive they are located. In most cases you can use Windows Explorer to go to them and send them on their to the recycle bin. Just remember to use the trash compactor there.
PC eye is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Hijack Log... help me please... Dr Studly Computer Security 8 07-24-2006 12:40 PM
a little help foxtrot Computer Security 8 03-13-2006 01:38 PM
My Computer is also sick! beergoggles Computer Security 12 02-26-2006 10:51 PM
trojans and spyware, oh my. Check my HJT log plz lynx6200 Computer Security 10 10-29-2005 08:47 PM
wireless connection fails after spyware removal mikekelly Laptop and Handheld Computers 5 08-27-2005 06:36 PM


All times are GMT +1. The time now is 05:36 AM.

Contact Us - Computer Forum - Sitemap - Top

Powered by: vBulletin Version 3.7.2
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.1.0 ©2007, Crawlability, Inc.
Copyright © 2002-2007 Computer Forum and Web Design Forum