You are here:

Computer Security & Viruses/explorer virus_i see your answer but...

Advertisement

Expert: - 2/1/2009


Question
QUESTION: hello Brian
when i open my widows task manager there is folder that its name is explorer and always is running and also i recive system32 erorr when i want to shut down my laptop.
i see your answer to Win in 2/13/2008 and i follow steps and now past my hijacklist for you to say me what to do?
thank you very much.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:01:40 ?.?, on 2009/01/31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesIntelWirelessBinEvtEng.exe
C:Program FilesIntelWirelessBinS24EvMon.exe
C:WINDOWSsystem32spoolsv.exe
c:program filescommon fileslogitechlvmvfmLVPrcSrv.exe
C:WINDOWSeHomeehRecvr.exe
C:WINDOWSeHomeehSched.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesMicrosoft SQL ServerMSSQL$VAIO_VEDBBinnsqlservr.exe
C:Program FilesIntelWirelessBinRegSrvc.exe
C:Program FilesCommon FilesSony SharedWMPlugInSonicStageMonitoring.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:Program FilesSonyVAIO Event ServiceVESMgr.exe
C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVCSWVCSW.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSsystem32igfxpers.exe
C:Program FilesApointApoint.exe
C:WINDOWSehomeehtray.exe
C:Program FilesJavajre1.5.0_06injusched.exe
C:Program FilesSonyVAIO Power ManagementSPMgr.exe
C:Program FilesSonyISB UtilityISBMgr.exe
C:Program FilesSonyVAIO Update 2VAIOUpdt.exe
C:Program FilesSonyWireless Switch Setting UtilitySwitcher.exe
C:Program FilesDISCDISCover.exe
C:Program FilesDISCDiscUpdMgr.exe
C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVzCdbVzCdbSvc.exe
C:WINDOWSWin32.dll.exe
C:WINDOWSsystem32LVCOMSX.EXE
C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVzCdbVzFw.exe
C:Program FilesLogitechVideoCameraAssistant.exe
C:WINDOWSsystem32ElkCtrl.exe
C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:Program FilesCommon FilesAOLS2706596eeAOLHostManager.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
C:Program FilesYahoo!MessengerYahooMessenger.exe
C:Program FilesCommon FilesAOLS2706596eeAOLServiceHost.exe
C:Program FilesWindows Media PlayerWMPNSCFG.exe
C:Program FilesSkypePhoneSkype.exe
C:Program FilesApointApntex.exe
C:WINDOWSsystem32ctfmon.exe
C:Documents and SettingsAll Userssmss.exe
C:Program FilesTrend MicroTmasTmas.exe
C:WINDOWSsystem32dllhost.exe
C:WINDOWSsystem32wscntfy.exe
C:Program FilesDISCDiscStreamHub.exe
C:Program FilesSkypePlugin ManagerskypePM.exe
C:WINDOWSeHomeehmsas.exe
C:WINDOWSsystem32wbemwmiapsrv.exe
C:Program FilesCommon FilesAOLS2706596eeAOLServiceHost.exe
C:Program FilesCommon FilesAOLS2706596eeAOLServiceHost.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
C:WINDOWSsystem32NOTEPAD.EXE
C:WINDOWSsystem32REG.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://en.allexperts.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:Program FilesAOLAOL Search EnhancementAOLSearch.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:Program FilesAOLAOL Search EnhancementAOLSearch.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:PROGRA~1MICROS~4Office12GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06inssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O4 - HKLM..Run: [igfxtray] C:WINDOWSsystem32igfxtray.exe
O4 - HKLM..Run: [igfxhkcmd] C:WINDOWSsystem32hkcmd.exe
O4 - HKLM..Run: [igfxpers] C:WINDOWSsystem32igfxpers.exe
O4 - HKLM..Run: [Apoint] C:Program FilesApointApoint.exe
O4 - HKLM..Run: [ehTray] C:WINDOWSehomeehtray.exe
O4 - HKLM..Run: [VAIO Recovery] C:WINDOWSSonysysVAIO RecoveryPartSeal.exe
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_06injusched.exe
O4 - HKLM..Run: [SonyPowerCfg] C:Program FilesSonyVAIO Power ManagementSPMgr.exe
O4 - HKLM..Run: [ISBMgr.exe] C:Program FilesSonyISB UtilityISBMgr.exe
O4 - HKLM..Run: [VAIO Update 2] "C:Program FilesSonyVAIO Update 2VAIOUpdt.exe" /Stationary
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [Switcher.exe] C:Program FilesSonyWireless Switch Setting UtilitySwitcher.exe
O4 - HKLM..Run: [DISCover] C:Program FilesDISCDISCover.exe
O4 - HKLM..Run: [DiscUpdateManager] C:Program FilesDISCDiscUpdMgr.exe
O4 - HKLM..Run: [VAIOSurvey] c:program filessonyvaio surveysurveysa.exe
O4 - HKLM..Run: [VAIOCameraUtility] "C:Program FilesSonyVAIO Camera UtilityVCUServe.exe"
O4 - HKLM..Run: [HostManager] C:Program FilesCommon FilesAOLS2706596eeAOLHostManager.exe
O4 - HKLM..Run: [PartSeal] C:WINDOWSSonysysVAIO RecoveryPartSeal.exe
O4 - HKLM..Run: [Shell] C:WINDOWSWin32.dll.exe
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE
O4 - HKLM..Run: [LogitechCameraAssistant] C:Program FilesLogitechVideoCameraAssistant.exe
O4 - HKLM..Run: [LogitechVideo[inspector]] C:Program FilesLogitechVideoInstallHelper.exe /inspect
O4 - HKLM..Run: [LogitechCameraService(E)] C:WINDOWSsystem32ElkCtrl.exe /automation
O4 - HKLM..Run: [GrooveMonitor] "C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe"
O4 - HKLM..Run: [SysUtils] C:Documents and SettingsAll Userssmss.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 - HKCU..Run: [Yahoo! Pager] "C:Program FilesYahoo!MessengerYahooMessenger.exe" -quiet
O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
O4 - HKCU..Run: [Skype] "C:Program FilesSkypePhoneSkype.exe" /nosplash /minimized
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [SysUtils] C:Documents and SettingsAll Userssmss.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:Program FilesTrend MicroTmasTmas.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:program filesaolaol toolbar 3.0
esourcesen-USlocalsearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~4Office12EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~4Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~4Office12ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:Program FilesAOLAOL Toolbar 3.0aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~4Office12REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O17 - HKLMSystemCCSServicesTcpip..{CFEC0A27-3C3C-4C92-921F-0B4E81DF3B9E}: NameServer = 217.218.65.2 217.218.127.105
O18 - Protocol: bw+0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:Program FilesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:PROGRA~1MICROS~4Office12GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {F5168522-AA71-4703-8000-B8845F87F290} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:Program FilesIntelWirelessBinEvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriverE0Intel 32IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:Program FilesSonyImage Converter 2IcVzMon.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:program filescommon fileslogitechlvmvfmLVPrcSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibMSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibPACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:Program FilesIntelWirelessBinRegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:Program FilesIntelWirelessBinS24EvMon.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:Program FilesCommon FilesSony SharedWMPlugInSonicStageMonitoring.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibSPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibSSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVzCsVzHardwareResourceManagerVzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:Program FilesSonyVAIO Event ServiceVESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:Program FilesSonyVAIO Media Integrated ServerVMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:Program FilesSonyVAIO Media Integrated ServerPlatformSV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:Program FilesSonyVAIO Media Integrated ServerPlatformUPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:Program FilesSonyVAIO Media Integrated ServerPlatformVmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVCSWVCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVzCdbVzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVzCdbVzFw.exe

--
End of file - 23766 bytes



ANSWER: Hi Bas

Please download Malwarebytes' Anti-Malware to your desktopfrom here:
http://www.besttechie.net/tools/mbam-setup.exe
Double-click mbam-setup.exe and follow the prompts to install the program.
 * At the end, be sure a checkmark is placed next to
       o Update Malwarebytes' Anti-Malware
       o and Launch Malwarebytes' Anti-Malware
 * then click Finish.
 * If an update is found, it will download and install the latest version.
 * Once the program has loaded, select Perform full scan, then click Scan.
 * When the scan is complete, click OK, then Show Results to view the results.
 * Be sure that everything is checked, and click Remove Selected.
 * When completed, a log will open in Notepad.
 * Post me a copy of that log, along with a new HJT log.

One other item...your HJT log is not formatted properly, and is difficult to read.  Entries such as:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
should look like:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
Please double check the log for formatting before posting your follow up.  Thanks.


Brian

---------- FOLLOW-UP ----------

QUESTION: mbam log:

Malwarebytes' Anti-Malware 1.33
Database version: 1654
Windows 5.1.2600 Service Pack 2

2/2/2009 12:17:10 AM
mbam-log-2009-02-02 (00-17-05).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|)
Objects scanned: 116829
Time elapsed: 29 minute(s), 47 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
C:\Documents and Settings\All Users\smss.exe (Trojan.Agent) -> No action taken.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysutils (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysutils (Trojan.Agent) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32.exe (Trojan.Agent) -> No action taken.
C:\autorun.inf (Heuristics.Malware) -> No action taken.
C:\RECYCLER\autoplay.exe (Heuristics.Malware) -> No action taken.
C:\Documents and Settings\bastam\smss.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\All Users\smss.exe (Trojan.Agent) -> No action taken.



NEW HJT LOG

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:18:04 AM, on 2/2/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\WINDOWS\Win32.dll.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\Program Files\Common Files\AOL\1232706596\ee\AOLHostManager.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\AOL\1232706596\ee\AOLServiceHost.exe
C:\Documents and Settings\All Users\smss.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\AOL\1232706596\ee\AOLServiceHost.exe
C:\WINDOWS\system32\REG.exe
C:\WINDOWS\system32\REG.exe
C:\WINDOWS\system32\REG.exe
C:\WINDOWS\system32\REG.exe
C:\WINDOWS\system32\REG.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.allexperts.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL Search Enhancement\AOLSearch.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdMgr.exe
O4 - HKLM\..\Run: [VAIOSurvey] c:\program files\sony\vaio survey\surveysa.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1232706596\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [PartSeal] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [Shell] C:\WINDOWS\Win32.dll.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SysUtils] C:\Documents and Settings\All Users\smss.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE
O4 - HKCU\..\Run: [SysUtils] C:\Documents and Settings\All Users\smss.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 3.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.trymedia.com (HKLM)
O18 - Protocol: bw+0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~4\Office12\GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {F5168522-AA71-4703-8000-B8845F87F290} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStageMonitoring - Sony Corporation - C:\Program Files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 23922 bytes


Answer
Hi Bas

The malware is still showing on the HJT log.  Your Malwarebytes scan showed several trojan viruses, but they read "No Action Taken".  As per my previous instructions:
* Be sure that everything is checked, and click Remove Selected.
Please rescan, remove the items, then post me a new HJT log.

Brian

Computer Security & Viruses

All Answers

Answers by Expert:

Ask Experts

Volunteer

Brian Benosky

Expertise

I will help you in eradicating malware and all forms of virus/trojans/adware. I can answer all PC-related hardware issues. I can also troubleshoot Windows OS errors (all versions) and other software problems. HijackThis logs are a MUST for virus related help. If you do not know how to do this, I have posted easy-to-follow instructions on the Ask a Question page. Every computer infection is different, so I will give you personal instructions on how to remove the malware, not a 'pat' answer. You can be assured of a prompt, polite, and knowledgeable response in all regards.

Experience

I have over 25 years experience in using, building, and repairing computers. I have helped over two thousand people here on AllExperts, with consistent Top Feedback Scores. Please look at my answers here: http://en.allexperts.com/q/Computer-Security-Viruses-1737/indexExp_84308.htm I am also a Top Contributor of General Computing answers in Yahoo! Questions.

Education/Credentials
College Educated Self-taught Computer Skills

©2012 About.com, a part of The New York Times Company. All rights reserved.