1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Trojan Horse Virus

Discussion in 'Virus & Other Malware Removal' started by Ghostly_Knight, Jul 8, 2007.

Thread Status:
Not open for further replies.
  1. Ghostly_Knight

    Ghostly_Knight Thread Starter

    Joined:
    Jul 8, 2007
    Messages:
    5
    Lately when I go to launch my Counter Strike 1.6 from Steam I get a message from Nortan saying there is a virus. It comes up twice, both file names seperate and are being held in the C:\DOCUME~1\TYLERB~1\LOCALS~1\Temp folder. However, when I look in that folder those files aren't in there. I just wiped out my entire partition and reloaded windows xp.

    Here is a copy of my HiJackThis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:32:34 AM, on 7/8/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\nvraidservice.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\MSI\Common\RaUI.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\Common Files\Symantec Shared\NMain.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\PROGRA~1\NORTON~1\navw32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O18 - Protocol: bw+0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {94F9E033-3F76-4739-811F-F405F8CEF6E5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

    --
    End of file - 19388 bytes
     
  2. Ghostly_Knight

    Ghostly_Knight Thread Starter

    Joined:
    Jul 8, 2007
    Messages:
    5
    I have once again wiped my entire partition on my hard drive and reinstalled Windows XP. I have also done a Vundo Scan a SuperAntiSpyware Scan and a Norton Antivrus scan all of which have not found any viruses or spyware. But still, when I launch two unusually named temp files pop up due to norton saying Trojan Horse. Here is an updated HiJackThis Log.
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:20:16 PM, on 7/8/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\MSI\Common\RaUI.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
    O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

    --
    End of file - 4195 bytes


    I have also been reading other forum entries related to my own and am updating this post so that it will help those who help me. I have done another scan using ComboFix and here is the log left from it.

    "Tyler Bramer" - 2007-07-08 13:50:08 - ComboFix 07-07-09 - Service Pack 2


    ((((((((((((((((((((((((( Files Created from 2007-06-08 to 2007-07-08 )))))))))))))))))))))))))))))))


    2007-07-08 13:49 51,200 --a------ C:\WINDOWS\nircmd.exe
    2007-07-08 13:41 <DIR> d-------- C:\VundoFix Backups
    2007-07-08 13:25 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
    2007-07-08 13:25 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2007-07-08 13:25 <DIR> d-------- C:\DOCUME~1\TYLERB~1\APPLIC~1\SUPERAntiSpyware.com
    2007-07-08 13:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SUPERAntiSpyware.com
    2007-07-08 13:18 <DIR> d-------- C:\Program Files\Steam
    2007-07-08 13:15 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe
    2007-07-08 13:15 <DIR> d-------- C:\WINDOWS\nview
    2007-07-08 13:15 <DIR> d-------- C:\WINDOWS\NV336644.TMP
    2007-07-08 13:14 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
    2007-07-08 13:14 <DIR> d-------- C:\WINDOWS\LastGood
    2007-07-08 13:09 <DIR> d-------- C:\Program Files\Trend Micro
    2007-07-08 12:53 <DIR> d-------- C:\DOCUME~1\TYLERB~1\APPLIC~1\Symantec
    2007-07-08 12:50 48,776 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
    2007-07-08 12:50 115,000 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2007-07-08 12:50 10,344 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys
    2007-07-08 12:50 <DIR> d-------- C:\Program Files\Norton AntiVirus
    2007-07-08 12:49 <DIR> d-------- C:\Program Files\Symantec
    2007-07-08 12:49 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
    2007-07-08 12:49 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    2007-07-08 12:45 73,728 --a------ C:\WINDOWS\system32\GER_AP.dll
    2007-07-08 12:45 73,728 --a------ C:\WINDOWS\system32\FRA_AP.dll
    2007-07-08 12:45 69,632 --a------ C:\WINDOWS\system32\JAP_AP.dll
    2007-07-08 12:45 65,536 --a------ C:\WINDOWS\system32\CHT_AP.dll
    2007-07-08 12:45 65,536 --a------ C:\WINDOWS\system32\CHS_AP.dll
    2007-07-08 12:45 363,008 --a------ C:\WINDOWS\system32\drivers\rt61.sys
    2007-07-08 12:45 311,296 --a------ C:\WINDOWS\system32\AegisI5.exe
    2007-07-08 12:45 290,918 --a------ C:\WINDOWS\system32\Install7x.dll
    2007-07-08 12:45 252,928 --a------ C:\WINDOWS\system32\drivers\rt73.sys
    2007-07-08 12:45 242,432 --a------ C:\WINDOWS\system32\drivers\rt2500usb.SYS
    2007-07-08 12:45 20,747 --a------ C:\WINDOWS\system32\drivers\AegisP.sys
    2007-07-08 12:45 2,048 --a------ C:\WINDOWS\system32\drivers\rt73.bin
    2007-07-08 12:45 110,592 --a------ C:\WINDOWS\system32\FRA.dll
    2007-07-08 12:45 106,496 --a------ C:\WINDOWS\system32\GER.dll
    2007-07-08 12:45 102,400 --a------ C:\WINDOWS\system32\JAP.dll
    2007-07-08 12:45 102,400 --a------ C:\WINDOWS\system32\CHT.dll
    2007-07-08 12:45 102,400 --a------ C:\WINDOWS\system32\CHS.dll
    2007-07-08 12:45 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
    2007-07-08 12:44 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
    2007-07-08 12:44 <DIR> d-------- C:\Program Files\MSI
    2007-07-08 12:44 <DIR> d-------- C:\Program Files\Common Files\InstallShield
    2007-07-08 12:42 786,432 --ah----- C:\DOCUME~1\TYLERB~1\NTUSER.DAT
    2007-07-08 12:42 229,376 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT
    2007-07-08 12:42 229,376 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT
    2007-07-08 12:42 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
    2007-07-08 12:42 <DIR> d-------- C:\WINDOWS\Prefetch
    2007-07-08 12:40 229,376 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT
    2007-07-08 12:40 <DIR> d-------- C:\WINDOWS\system32\xircom
    2007-07-08 12:40 <DIR> d-------- C:\Program Files\microsoft frontpage
    2007-07-08 12:39 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
    2007-07-08 12:39 0 -rahs---- C:\MSDOS.SYS
    2007-07-08 12:39 0 -rahs---- C:\IO.SYS
    2007-07-08 12:39 0 --a------ C:\CONFIG.SYS
    2007-07-08 12:39 0 --a------ C:\AUTOEXEC.BAT
    2007-07-08 12:39 <DIR> dr------- C:\WINDOWS\Offline Web Pages
    2007-07-08 12:39 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM
    2007-07-08 12:39 <DIR> d--h----- C:\WINDOWS\$hf_mig$
    2007-07-08 12:39 <DIR> d--h----- C:\Program Files\WindowsUpdate
    2007-07-08 12:39 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files
    2007-07-08 12:38 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
    2007-07-08 12:38 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
    2007-07-08 12:38 64,512 --a------ C:\WINDOWS\system32\acctres.dll
    2007-07-08 12:38 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
    2007-07-08 12:38 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
    2007-07-08 12:38 430,592 --a------ C:\WINDOWS\system32\wuapi.dll
    2007-07-08 12:38 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
    2007-07-08 12:38 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
    2007-07-08 12:38 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
    2007-07-08 12:38 36,864 --a------ C:\WINDOWS\system32\wups.dll
    2007-07-08 12:38 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
    2007-07-08 12:38 183,296 --a------ C:\WINDOWS\system32\wuaueng1.dll
    2007-07-08 12:38 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
    2007-07-08 12:38 165,888 --a------ C:\WINDOWS\system32\wuauclt1.exe
    2007-07-08 12:38 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
    2007-07-08 12:38 120,320 --a------ C:\WINDOWS\system32\wuweb.dll
    2007-07-08 12:38 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
    2007-07-08 12:38 112,640 --a------ C:\WINDOWS\system32\wucltui.dll
    2007-07-08 12:38 111,104 --a------ C:\WINDOWS\system32\wuauclt.exe
    2007-07-08 12:38 11,264 --a------ C:\WINDOWS\system32\atrace.dll
    2007-07-08 12:38 1,134,592 --a------ C:\WINDOWS\system32\wuaueng.dll
    2007-07-08 12:38 <DIR> d---s---- C:\WINDOWS\Tasks
    2007-07-08 12:38 <DIR> d-------- C:\WINDOWS\system32\Macromed
    2007-07-08 12:38 <DIR> d-------- C:\WINDOWS\system32\DirectX
    2007-07-08 12:38 <DIR> d-------- C:\WINDOWS\srchasst
    2007-07-08 12:38 <DIR> d-------- C:\Program Files\Common Files\MSSoap
    2007-07-08 12:37 81,920 --a------ C:\WINDOWS\system32\isign32.dll
    2007-07-08 12:37 81,920 --a------ C:\WINDOWS\system32\ils.dll
    2007-07-08 12:37 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
    2007-07-08 12:37 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
    2007-07-08 12:37 69,632 --a------ C:\WINDOWS\system32\msconf.dll
    2007-07-08 12:37 678,400 --a------ C:\WINDOWS\system32\inetcomm.dll
    2007-07-08 12:37 67,584 --a------ C:\WINDOWS\system32\srclient.dll
    2007-07-08 12:37 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
    2007-07-08 12:37 48,128 --a------ C:\WINDOWS\system32\inetres.dll
    2007-07-08 12:37 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
    2007-07-08 12:37 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
    2007-07-08 12:37 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
    2007-07-08 12:37 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
    2007-07-08 12:37 274,944 --a------ C:\WINDOWS\system32\mstask.dll


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))



    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}]
    2007-05-23 12:13 140912 --a------ C:\Program Files\Norton AntiVirus\NavShExt.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-22 22:19]
    "nwiz"="nwiz.exe" []

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 01:06]
    "Steam"="C:\Program Files\Steam\Steam.exe" [2007-07-08 13:18]
    "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 13:55]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

    *Newly Created Service* - NVSVC
    *Newly Created Service* - SASDIFSV
    *Newly Created Service* - SASENUM
    *Newly Created Service* - SASKUTIL

    Contents of the 'Scheduled Tasks' folder
    2007-07-08 17:55:36 C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Tyler Bramer.job

    **************************************************************************

    catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-07-08 13:50:29
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************

    Completion time: 2007-07-08 13:50:40

    --- E O F ---



    I have also done a SDFix and here is the log.


    SDFix: Version 1.90

    Run by Tyler Bramer on Sun 07/08/2007 at 02:25 PM

    Microsoft Windows XP [Version 5.1.2600]

    Running From: C:\SDFix

    Safe Mode:
    Checking Services:






    Restoring Windows Registry Values
    Restoring Windows Default Hosts File
    Restoring Missing SharedAccess Service

    Rebooting...


    Normal Mode:
    Checking Files:

    No Trojan Files Found




    Removing Temp Files...

    ADS Check:

    Checking C:\WINDOWS
    C:\WINDOWS
    No streams found.

    Checking C:\WINDOWS\system32
    C:\WINDOWS\system32
    No streams found.

    Checking C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    No streams found.

    Checking C:\WINDOWS\system32\ntoskrnl.exe
    C:\WINDOWS\system32\ntoskrnl.exe
    No streams found.



    Final Check:

    Remaining Services:
    ------------------



    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"

    Remaining Files:
    ---------------


    Files with Hidden Attributes:


    Finished
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/593112

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice