My hijack this log. Please help!

Hellasweet · 05-09-2007, 08:29 PM

Hi, I got a system32 corruption message when I tried to restart my computer. I ran the log. Let me know if I need to take anything out. Thanks again!

p.s. - I gotta split it into THREE parts because it says its too long to post.

Here's the first part...

Logfile of HijackThis v1.99.1
Scan saved at 1:21:35 PM, on 5/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Canon\BJPV\TVMon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.ex e
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Nathan\Desktop\hijackthis_sfx.exe
C:\Documents and Settings\Nathan\Desktop\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BJPD HID Control] C:\Program Files\Canon\BJPV\TVMon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O18 - Protocol: bw+0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop

Hellasweet · 05-09-2007, 08:30 PM

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop

Hellasweet · 05-09-2007, 08:30 PM

Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: offline-8876480 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.ex e
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

ECTech · 05-09-2007, 09:01 PM

oh geez, you should definatly remove the Logitech Desktop Messanger.

next, run a chkdsk.

Hellasweet · 05-09-2007, 10:13 PM

Quote:

Originally Posted by ECTech

oh geez, you should definatly remove the Logitech Desktop Messanger.

next, run a chkdsk.

Why the logitech manager?

Osiris · 05-09-2007, 10:59 PM

what is the complete error message for system32?

Hellasweet · 05-09-2007, 11:14 PM

Quote:

Originally Posted by Warez Monster

what is the complete error message for system32?

It was pretty short. It said:

"Cannot start windows because system32 is corrupted or missing."

I had to use the original windows disk to start it up.

Hellasweet · 05-09-2007, 11:16 PM

Also, why is my hijackthis log so long?

Osiris · 05-09-2007, 11:18 PM

SYMPTOMS:

When you try to start or restart your Windows XP-based computer, you may receive one of the following error messages:
Windows XP could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SYSTEM
Windows XP could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SOFTWARE

Stop: c0000218 {Registry File Failure} The registry cannot load the hive (file): \SystemRoot\System32\Config\SOFTWARE or its log or alternate

CAUSE
This issue can occur if the System or Software hive for the Windows XP installation is missing or damaged.

RESOLUTION:
To resolve this issue, use one of the following methods.

Use the Recovery Console Tool:
To restore a damaged registry hive, use the Recovery Console to restore the backup copy of the hive from the Repair folder. The Repair folder contains a copy of the system's registry hives that were created after the first successful startup of Windows XP.

WARNING : Although data should not be affected by the following procedure, you may need to restore changes you previously made to programs or system settings since the first time you successfully started Windows XP.

To replace the damaged registry hive and restore the backup copy of the hive from the Repair folder: Start your computer to the Recovery Console.

Determine if the file that is mentioned in the "Symptoms" section of this article is present, and if it is, rename it:

In Recovery Console, change to the c:\Windows folder.

Type cd system32\config , and then press ENTER.

Type dir system , and then press ENTER.

If you cannot run the preceding command successfully (because the file is missing), skip to step 3. If you can run the preceding command successfully, type ren system system.bak , and then press ENTER.

NOTE : If the message that you received referred to the software file, replace "system" with "software" in the preceding command. For example, you would type ren software software.bak (instead of ren system system.bak ), and then press ENTER.

Type copy c:\windows\repair\system , and then press ENTER.

NOTE : If the message that you received referred to the software file, replace "system" with "software" in the preceding command. For example, you would type copy c:\windows\repair\software (instead of copy c:\windows\repair\system ), and then press ENTER.

You should receive a "One file copied" informational message. For additional information about how to use Recovery Console during startup, click the article number below to view the article in the Microsoft Knowledge Base:
Q307654 HOW TO: Install and Use the Recovery Console for Windows XP

IMPORTANT : If you encounter problems when you run the preceding commands, you may need to use the Change Directory command ( cd ) one folder at a time before you run the preceding commands. For example, type cd system32 , press ENTER, type cd config , and then press ENTER.

Type exit , and then press ENTER to quit Recovery Console and restart the computer.

You Cannot Start from the Windows XP CD-ROM or Use Recovery Console
If you cannot start from the Windows XP CD-ROM or use Recovery Console and you are using the FAT file system (not the NTFS file system):
Use a startup disk from one of the following operating systems to start your computer to a command prompt:

Microsoft Windows Millennium Edition (Me)

Microsoft Windows 98

Microsoft Windows 95

At the command prompt, type c:\windows .

Follow the steps in the "Use the Recovery Console Tool" section of this article, beginning with step 2b (type cd sytem32\config , and then press ENTER).

IMPORTANT : After you complete the steps in the "Use the Recovery Console Tool" section of this article, remove the startup disk, and then restart the computer.

Use System Restore to Revert to the Most-Recent Restore Point
You may want to use System Restore to revert to the most-recent restore point if you have replaced the specific registry hive, but the issue has not been resolved.
For additional information about how to use System Restore to revert to the most-recent restore point, click the article number below to view the article in the Microsoft Knowledge Base:
Q307545 How to Recover from a Corrupted Registry
Run a Repair Installation of Windows XP
You may need to run a repair installation. For additional information about how to do so, click the article number below to view the article in the Microsoft Knowledge Base: Q312369 You May Lose Data or Program Settings After Reinstalling, Repairing, or Upgrading Windows XP

MORE INFORMATION
By default, the administrative password for Windows XP Home Edition is blank.

Hellasweet · 05-15-2007, 12:39 AM

I've restarted the computer and it started alright so I am going to repair the system32 thing when I have some time.

But seriously, why is my hijack log so long? And what should I get rid of guys?

05-09-2007, 08:29 PM	#1 (permalink)
Hellasweet Junior Techie Join Date: Nov 2005 Posts: 61	My hijack this log. Please help! Hi, I got a system32 corruption message when I tried to restart my computer. I ran the log. Let me know if I need to take anything out. Thanks again! p.s. - I gotta split it into THREE parts because it says its too long to post. Here's the first part... Logfile of HijackThis v1.99.1 Scan saved at 1:21:35 PM, on 5/9/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Canon\BJPV\TVMon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.ex e C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Nathan\Desktop\hijackthis_sfx.exe C:\Documents and Settings\Nathan\Desktop\HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [BJPD HID Control] C:\Program Files\Canon\BJPV\TVMon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll O18 - Protocol: bw+0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop

05-09-2007, 08:30 PM	#2 (permalink)
Hellasweet Junior Techie Join Date: Nov 2005 Posts: 61	Re: My hijack this log. Please help! Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop

05-09-2007, 08:30 PM	#3 (permalink)
Hellasweet Junior Techie Join Date: Nov 2005 Posts: 61	Re: My hijack this log. Please help! Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: offline-8876480 - {BA9F3EC6-B3A3-4DAD-B75C-48AB3B55DAFE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.ex e O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

05-09-2007, 09:01 PM	#4 (permalink)
ECTech Ultra Techie Join Date: Jul 2005 Posts: 576	Re: My hijack this log. Please help! oh geez, you should definatly remove the Logitech Desktop Messanger. next, run a chkdsk.

05-09-2007, 10:59 PM	#6 (permalink)
Osiris Security/Hacking Mod Join Date: Jan 2005 Location: USA Posts: 23,035	Re: My hijack this log. Please help! what is the complete error message for system32?

05-09-2007, 11:16 PM	#8 (permalink)
Hellasweet Junior Techie Join Date: Nov 2005 Posts: 61	Re: My hijack this log. Please help! Also, why is my hijackthis log so long?

05-09-2007, 11:18 PM	#9 (permalink)
Osiris Security/Hacking Mod Join Date: Jan 2005 Location: USA Posts: 23,035	Re: My hijack this log. Please help! SYMPTOMS: When you try to start or restart your Windows XP-based computer, you may receive one of the following error messages: Windows XP could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SYSTEM Windows XP could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SOFTWARE Stop: c0000218 {Registry File Failure} The registry cannot load the hive (file): \SystemRoot\System32\Config\SOFTWARE or its log or alternate CAUSE This issue can occur if the System or Software hive for the Windows XP installation is missing or damaged. RESOLUTION: To resolve this issue, use one of the following methods. Use the Recovery Console Tool: To restore a damaged registry hive, use the Recovery Console to restore the backup copy of the hive from the Repair folder. The Repair folder contains a copy of the system's registry hives that were created after the first successful startup of Windows XP. WARNING : Although data should not be affected by the following procedure, you may need to restore changes you previously made to programs or system settings since the first time you successfully started Windows XP. To replace the damaged registry hive and restore the backup copy of the hive from the Repair folder: Start your computer to the Recovery Console. Determine if the file that is mentioned in the "Symptoms" section of this article is present, and if it is, rename it: In Recovery Console, change to the c:\Windows folder. Type cd system32\config , and then press ENTER. Type dir system , and then press ENTER. If you cannot run the preceding command successfully (because the file is missing), skip to step 3. If you can run the preceding command successfully, type ren system system.bak , and then press ENTER. NOTE : If the message that you received referred to the software file, replace "system" with "software" in the preceding command. For example, you would type ren software software.bak (instead of ren system system.bak ), and then press ENTER. Type copy c:\windows\repair\system , and then press ENTER. NOTE : If the message that you received referred to the software file, replace "system" with "software" in the preceding command. For example, you would type copy c:\windows\repair\software (instead of copy c:\windows\repair\system ), and then press ENTER. You should receive a "One file copied" informational message. For additional information about how to use Recovery Console during startup, click the article number below to view the article in the Microsoft Knowledge Base: Q307654 HOW TO: Install and Use the Recovery Console for Windows XP IMPORTANT : If you encounter problems when you run the preceding commands, you may need to use the Change Directory command ( cd ) one folder at a time before you run the preceding commands. For example, type cd system32 , press ENTER, type cd config , and then press ENTER. Type exit , and then press ENTER to quit Recovery Console and restart the computer. You Cannot Start from the Windows XP CD-ROM or Use Recovery Console If you cannot start from the Windows XP CD-ROM or use Recovery Console and you are using the FAT file system (not the NTFS file system): Use a startup disk from one of the following operating systems to start your computer to a command prompt: Microsoft Windows Millennium Edition (Me) Microsoft Windows 98 Microsoft Windows 95 At the command prompt, type c:\windows . Follow the steps in the "Use the Recovery Console Tool" section of this article, beginning with step 2b (type cd sytem32\config , and then press ENTER). IMPORTANT : After you complete the steps in the "Use the Recovery Console Tool" section of this article, remove the startup disk, and then restart the computer. Use System Restore to Revert to the Most-Recent Restore Point You may want to use System Restore to revert to the most-recent restore point if you have replaced the specific registry hive, but the issue has not been resolved. For additional information about how to use System Restore to revert to the most-recent restore point, click the article number below to view the article in the Microsoft Knowledge Base: Q307545 How to Recover from a Corrupted Registry Run a Repair Installation of Windows XP You may need to run a repair installation. For additional information about how to do so, click the article number below to view the article in the Microsoft Knowledge Base: Q312369 You May Lose Data or Program Settings After Reinstalling, Repairing, or Upgrading Windows XP MORE INFORMATION By default, the administrative password for Windows XP Home Edition is blank.

05-15-2007, 12:39 AM	#10 (permalink)
Hellasweet Junior Techie Join Date: Nov 2005 Posts: 61	Re: My hijack this log. Please help! I've restarted the computer and it started alright so I am going to repair the system32 thing when I have some time. But seriously, why is my hijack log so long? And what should I get rid of guys?

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
hijack this(log)	Skeeg	HijackThis Logs (finished)	15	05-16-2007 01:43 PM
Hijack This Log	mayaseattle	HijackThis Logs (finished)	11	05-01-2007 03:11 PM
Hijack This Log	Sobriquet.	HijackThis Logs (finished)	25	04-27-2007 06:07 PM
Hijack This log	Xskull	HijackThis Logs (finished)	17	04-25-2007 05:33 PM
Please check my hijack log	maroon1	HijackThis Logs (finished)	14	04-05-2007 03:41 AM