1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Cannot get to Microsoft update sites via IE6

Discussion in 'Virus & Other Malware Removal' started by nemas, Jul 16, 2006.

Thread Status:
Not open for further replies.
Advertisement
  1. nemas

    nemas Thread Starter

    Joined:
    Jul 15, 2006
    Messages:
    7
    Problem: Cannot get to Microsoft sites for updates or request help via Internet Explorer v6.
    I am also starting to suspect I cannot get to Mcafee for updates.

    Env: WindowsXP, Microsoft Office 2003, Mcafee Internet Security Suite 2006
    More recently: Spyware Doctor and Registry Mechanic

    The Mcafeehelp Forum guys recommended that I send you a logfle for analysis and help.

    1) A week ago I had to install a Belkin Wireless G+ MIMO ADSL router as my previous Belkin G router got fried by lightning strike.

    2) IE6 kept crashing;-
    • I could spasmodically surf either wirelessly or by LAN line.
    • would frequently go into 'not responding ' mode
    • would not go to favourite sites
    • would not close properly with the window 'x' icon - had to minimise and then use right click to 'Close'.
    • displayed 2 processes in the Task Bar.
    • frequently froze mouse and keyboard
    • kept being diverted to uta.edu whenever I attempted to go to Microsoft sites for updates.

    Mcafee full VirusScan did not show up a virus.

    3) After buying Spyware Doctor and Registry Mechanic, 73 infections - CWS, Tracking Cookies, Common components for SBSoft, ZeroPopup Bar(EmailFlooder.Win32.popup(Kaspersky).
    I had also changed Personal Firewall Security level from Standard to Trusted sites to attempt to get to Microsoft.

    4) After Spyware Doctor cleanup, IE6 actually worked.
    I switched to Mozilla Firefox default but that appears to be vunerable now - according to your forum.
    I have enabled the Universal Plug and Play on the Router according to Belkin Help instructions.
    I have sent my logfile to PCTools via Malware Detective in Spyware Doctor.

    5) Using IE6 just to get to Microsft updates still does not work. I suspect I cannot get to Mcafee updates as it checks for a long time with nothing happening.

    6) I include my logfile for analysis - as recommended by the Mcafee Forum guys.
    Currently Mcafee VirusScan says no infection in Safe Mode as does Spyware Doctor.

    7) Are you able to say whether the malware attack was before 7th of July (New Router installed) and had lay dormant until then? I had no trouble with IE6 before that. I am attempting to obtain a contract on e.g. Jobserve as this is a Business Laptop.

    8) Are you able to please help me diagnose what has attacked, clean it up and help me prevent further attacks?

    9) Is Spyware Doctor strong enough to immunise my laptop or do you recommend even more robust Anti Spyware software? I am wary/chary of which freebie software to trust.

    10) Using the link from McafeeHelp, seemed to indicate a slight contretemps for Hijackthis so I downloaded it from your site.

    Many future thanks if you can help me with this.

    Logfile of HijackThis v1.99.1
    Scan saved at 10:10:05, on 16/07/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
    C:\Acer\Empowering Technology\admServ.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
    C:\WINDOWS\Explorer.EXE
    c:\program files\mcafee.com\vso\mcvsshld.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
    c:\program files\mcafee.com\agent\mcagent.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    c:\program files\mcafee.com\vso\mcvsmap.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Acer\Acer Arcade\PCMService.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\acer\Empowering Technology\ePower\epm-dm.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    C:\Acer\Empowering Technology\admtray.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\Program Files\Spyware Doctor\sdhelp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0R2.EXE
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
    C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
    C:\WINDOWS\MXOALDR.EXE
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
    C:\PROGRA~1\mcafee.com\mps\mscifapp.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\PROGRA~1\SPYWAR~1\swdoctor.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\WINDOWS\System32\alg.exe
    C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
    C:\PROGRA~1\RETROS~1\RETROS~1.1\retrorun.exe
    C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Program Files\Hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0

    \ActiveX\AcroIEHelper.dll
    O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\program

    files\mcafee.com\mps\mcbrhlpr.dll
    O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program

    files\mcafee.com\mps\popupkiller.dll
    O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program

    files\mcafee\spamkiller\mcapfbho.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1

    \tools\iesdpb.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON

    Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-

    To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1

    \mcafee.com\vso\mcvsshl.dll
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [EPM-DM] c:\acer\Empowering Technology\ePower\epm-dm.exe
    O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe

    boot
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-

    Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [EPSON Stylus C86 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0R2.EXE /P23

    "EPSON Stylus C86 Series" /O6 "USB001" /M "Stylus C86"
    O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
    O4 - HKLM\..\Run: [MXOBG] C:\WINDOWS\MXOALDR.EXE
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
    O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe
    O4 - HKLM\..\Run: [MPSExe] c:\PROGRA~1\mcafee.com\mps\mscifapp.exe /embedding
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [RetroExpress] C:\PROGRA~1\RETROS~1\RETROS~1.1\RetroExpress.exe /h
    O4 - HKLM\..\Run: [F5D9050] C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480

    \Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Spyware Doctor] C:\PROGRA~1\SPYWAR~1\swdoctor.exe /Q
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480

    \Program\LDMConf.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send To &Bluetooth - c:\Program Files\WIDCOMM\Bluetooth

    Software\btsendto_ie_ctx.htm
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1

    \tools\iesdpb.dll
    O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program

    files\mcafee\spamkiller\mcapfbho.dll
    O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program

    files\mcafee\spamkiller\mcapfbho.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11

    \REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

    Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.amiuptodate.com
    O15 - Trusted Zone: http://www.bbc.co.uk
    O15 - Trusted Zone: world.belkin.com
    O15 - Trusted Zone: http://www.belkin.com
    O15 - Trusted Zone: *.belkin.com
    O15 - Trusted Zone: http://www.dogpile.co.uk
    O15 - Trusted Zone: *.jobserve.com
    O15 - Trusted Zone: http://*.mcafee.com
    O15 - Trusted Zone: http://www.mcafeehelp.com
    O15 - Trusted Zone: http://*.msn.com
    O15 - Trusted Zone: http://www.multimap.com
    O15 - Trusted Zone: www.pctools.com
    O15 - Trusted Zone: www.roscoweb.com
    O15 - Trusted Zone: www.theaa.com
    O15 - Trusted IP range: 192.168.2.1
    O15 - Trusted IP range: 192.168.2.254
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) -

    http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

    http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1145698921734
    O18 - Protocol: bw+0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {DA329C6D-3027-4880-A435-6A2BBC0E815E} - C:\Program Files\Logitech\Desktop

    Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - AppInit_DLLs: WIKI.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth

    Software\bin\btwdins.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program

    Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer

    Arcade\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer

    Arcade\Kernel\CLML_NTService\CLMLServer.exe
    O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common

    files\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program

    files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1

    \McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1

    \McAfee.com\PERSON~1\MpfService.exe
    O23 - Service: McAfee SpamKiller Server (MskService) - McAfee Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - EMC Dantz - C:\PROGRA~1\RETROS~1

    \RETROS~1.1\retrorun.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program

    Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%

    \WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program

    Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware

    Doctor\sdhelp.exe
     
  2. Blink182

    Blink182 Banned

    Joined:
    Jul 8, 2006
    Messages:
    602
    First lets make sure that McAfee is up to date.

    Do you have Virus Scan 10? If so:

    1. Right Click "M" icon
    2. Select Virus Scan > About
    3. Tell me what it says for:

    Engine Version
    DAT Version
    DAT File Created.
     
  3. nemas

    nemas Thread Starter

    Joined:
    Jul 15, 2006
    Messages:
    7
    VirusScan V 10.0 Bld 10.0.27, Engine 4450, Dat version 4805, dat file created 12/07/20
    Privacy service V 8.1.0.136
    Personal firewall plus Build 7.1.113
    Spamkiller Version 7.0.23
     
  4. Blink182

    Blink182 Banned

    Joined:
    Jul 8, 2006
    Messages:
    602
    ohh... you're two days out for McAfee Virus Scan 10
     
  5. Blink182

    Blink182 Banned

    Joined:
    Jul 8, 2006
    Messages:
    602
    What it should look like:

    McAfee Virus Scan 10

    Version: 10.0
    Build: 10.0.27
    DAT Version: 4807
    DAT File Created: 7/14/2006.

    KEY:

    Lime = Virus Scan is OK
    Red = Virus Scan is out of date.
     
  6. nemas

    nemas Thread Starter

    Joined:
    Jul 15, 2006
    Messages:
    7
    See my first posting, my trouble began 7th July.
    With the cleaning up, I started to suspect I may not be able to get to as the 'Check now' on Mcafee security Centre updates flickers on for a very long time until I get fed up - half an hour plus. I have started one going to check if any improvement.
     
  7. Blink182

    Blink182 Banned

    Joined:
    Jul 8, 2006
    Messages:
    602
    You can get the updates from McAfee website too.
     
  8. nemas

    nemas Thread Starter

    Joined:
    Jul 15, 2006
    Messages:
    7
    Firefox will not go to www.mcaffee.com or www.mcafee.co.uk . Just 'Loading' forever message.
    When the Security Centre has finished checking, it says I am up to date.
    Can you recommend a Virus Scan updating site without the word mcafee in the site name?
     
  9. nemas

    nemas Thread Starter

    Joined:
    Jul 15, 2006
    Messages:
    7
  10. Blink182

    Blink182 Banned

    Joined:
    Jul 8, 2006
    Messages:
    602
    yes my mcafee link it mcafee online scan
     
  11. nemas

    nemas Thread Starter

    Joined:
    Jul 15, 2006
    Messages:
    7
    Please can someone tell me what has hijacked my laptop and how to get rid of it.

    I cannot get to Microsoft updates since 7th July

    and more recently

    (14/07) cannot get to VirusScan updates (any Mcafee) sites.

    The viruscan.nl.nu link from Blink 182 has a status of loading --- and 'waiting for us.mcafee.com' at the bottom of the window.
    If I do 'updates via Security centre' same things happens.

    The mcafeehelp guys have said: Posted: Sun Jul 16, 2006 3:24 pm
    'This "infection" is probably preventing you, assuming that your IE6 security settings are at the default level as are the Advanced settings. You DAT should be 4807 I believe.

    I wouldn't worry too much about that until they can figure out what it is that's hijacking your browser.'

    So I am relying on you TechSupportguys.
     
  12. Blink182

    Blink182 Banned

    Joined:
    Jul 8, 2006
    Messages:
    602
  13. pm1941

    pm1941

    Joined:
    Mar 31, 2005
    Messages:
    190
    I'm trying to help nemas at the McAfee website. We can't get the updates to work until a suspected infection is removed...is there anything in his HJT log that would indicate malware?
     
  14. Blink182

    Blink182 Banned

    Joined:
    Jul 8, 2006
    Messages:
    602
    Only just getting trained to read logs...
     
  15. pm1941

    pm1941

    Joined:
    Mar 31, 2005
    Messages:
    190
    Then I'll tell him to post in some other HJT groups as well, just in case...no offence.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/483599

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice