Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Board index Malware Removal ForumsInfected? Virus, malware, adware, ransomware, oh my!

Bright coloured static, looping sound, system lock

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
Topic locked

Bright coloured static, looping sound, system lock

Unread postby The Horror » March 18th, 2009, 12:11 am

This is going to be a long post. My problem started 2-3 weeks ago. I started trying to troubleshoot on my own, then asked some questions at the techsupportforums.com, followed by help at the Corsair support forums. I have closed the queries in those places as my options there have been exhausted.

Requested information from stickied threads: I connect to the internet via a secure wireless connection.

The problem: I want to verify that be 100% certain that malware is not causing the troubles I am experiencing. Following is a full detailed list of what I have observed, and what I have attempted over the last few weeks. At the end of this post I will copy my HijackThis log as requested.

---------------------------------------------------------------------------------------

My system specs:

Motherboard: Asus Maximus Extreme
Processor: Intel Core 2 Quad Q9400
Memory: 4096 MB (2x2048 DDR3-SDRAM) TW3X4G1600C9DHX
Video Card: NVIDIA GeForce GTX 280
HDD1: Western Digital Caviar 300 GB
HDD2: Western Digital Caviar 750 GB
PSU: Corsair CMPSU-850TX 850W
Soundcard: SoundMAX Integrated Digital HD Audio
Monitor: Dell 27"
OS: Windows Vista Home Premium SP1 (32 bit)


About two weeks ago I was playing CODWAW when the screen turned into a pink static mess, with a green static filled box somewhere on the screen. The computer became totally unresponsive and I was forced to hit the restart button. The next day the problem returned, only this time it was occuring every time I booted the computer with static filling my screen just before the desktop image appeared. Windows safe mode worked fine, and after 3-4 restarts windows booted up normally. The colour of the static is generally pink with a small green static box somewhere on the screen, or green with a small yellow box somewhere on the screen.

Virus and malware checkers came up clean (McAfee antivirus, Spybot S&D, Adaware). Hard drive, CPU and GPU temperatures appeared normal even during stress tests. Scan of the HDD revealed no bad sectors. Memtest came up clear. I opened up the computer and blew out as much dirt as I could with compressed air. The computer booted up normally after that.

Later that night I booted up the computer and the problem returned every start up once again. After several restarts I managed to get into windows in normal mode. From then on that night the computer would boot up ok, but would crash a few minutes into any graphics intensive game. I opened up my computer, popped out my RAM sticks, checked for dirt and reinserted them back in. Problem remained.

Fearing windows corruption I backed up much of my data and wiped the main drive. Reinstalled Vista, updated all hardware drivers and reinstalled EVE Online. After that the computer stopped crashing during startup. However it continued to crash when I either ran EVE, or when I ran video files on VLC media player. It did not crash when I ran audio files on VLC media player. The crash was happening within 1-2 seconds of turning on the video player, or of activating EVE Online. When crashed the keyboard appeared to remain responsive - caps lock and num lock could be activated on the keyboard display when the keys were pressed, though there was a delay of 0.5-1 second between key press and response. Because the crash to static coloured screen was now finally reproducible I took note of the time and triggered a crash by opening a video file on VLC. The error was induced at 9:14:00 plus or minus a second or two. The event log lists the following events:

Note: The ID 10 error occurs every time the computer is booted, regardless of whether the computer crashes or not during startup.

Time: 9:15:39
ID 6008: Event Log
The previous system shutdown at 9:13:59 PM on 3/8/2009 was unexpected.

Time: 9:15:42
ID 1101: Event Log
Audit events have been dropped by the transport. The real time backup file was corrupt due to improper shutdown.

Time: 9:15:40
ID 15016: HttpEvent
Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.

Time: 9:16:51
ID 10: WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


The time of these events suggest to me that the event log is not detecting the cause of the error. There are also no registered hardware errors in the event viewer.

It was at this point that I made a query at the techsupportforums.com. The recommendation was for me to upgrade my PSU. At the time I had a Thermaltake Toughpower 600W ATX 12V 2.2 PSU installed in the computer. I replaced the PSU with my current Corsair 850W PSU. After replacing the PSU the problem disappeared entirely for 3 days. It then returned, though it was sporadic at best. Sometimes the computer would lock up during play of video files or during play of EVE Online, the screen filling up with static and the sound looping endlessly. Once the error appeared when I ran the dxdiag command in the vista start menu. Every graphics card and cpu stress test I have run so far has not resulted in a crash or in abnormal temperatures.

A day or two later the crash occurred twice over the course of one hour. After the second time I rebooted the computer and disabled the sound card in the device manager. The crash still occurred again even with the sound card disabled. I tested the caps lock and num lock keys again, but this time they were completely unresponsive (a week ago when the crash occurred those keys were responsive).

At this point I moved the query to the Corsair support forums. I wanted to clear my RAM from any problems. I received no feedback there, though I did get the latest version of Memtest. Memtest86+ v2.11 came up completely clean with no errors after two passes.

Today the same error occurred when I opened the recycle bin. It was exactly the same error. The computer screen turned to bright pink static again, though this time the mouse remained responsive for a short time before cutting out. While it was responsive I noticed that the smaller static box (the green box) was actually the mouse cursor, and that it responded to my movements albeit with a delay of about half a second.

Upon restarting the computer windows popped up a window with the following error: Windows Host Process (Rundll32) stopped working and was closed.

This was the error message from the event viewer:

--------------------------------------------------------
Faulting application rundll32.exe, version 6.0.6000.16386, time stamp 0x4549b0e1, faulting module USER32.dll, version 6.0.6001.18000, time stamp 0x4791a7a6, exception code 0xc0000142, fault offset 0x00009cac, process id 0x7cc, application start time 0x01c9a772913d610f.

- System
- Provider
[ Name] Application Error
- EventID 1000
[ Qualifiers] 0
Level 2
Task 100
Keywords 0x80000000000000
- TimeCreated
[ SystemTime] 2009-03-18T02:38:23.000Z
EventRecordID 2561
- EventData
rundll32.exe
6.0.6000.16386
4549b0e1
USER32.dll
6.0.6001.18000
4791a7a6
c0000142
00009cac
7cc
01c9a772913d610f
----------------------------------------------

To check if the error could be duplicated I opened the recycle bin again. Exactly the same thing happened. This time however the computer did not respond to a restart. The screen changed to a bright red colour (no static). The motherboard emitted one beep followed by three short beeps which indicates that no VGA was detected. The monitor then displayed an error message that I did not write down, but which mentioned something about VGA on it. I turned off the power to the computer, waited a few minutes and rebooted. When windows loaded up again the same rundll32 error message was present. Rather foolishly I emptied the recycle bin, so now I can no longer duplicate this error consistently by attempting to open it.

Searching through the web for rundll32 errors I found that this file is often associated with malware. Hence I have moved my query here to the malwareremoval forums.

Spybot S&D and McAfee still pick up nothing.

Following is a copy of my HijackThis log.

EDIT: The rundll32 error has now appeared when the computer was restarted from a clean shutdown. That is, the computer did not crash before the startup. This may indicate that whatever the problem is, that it may have corrupted a critical file in the system. Task manager shows two processes running with the name of rundll32. One is a windows host process, the other has no label.

EDIT 2: Error began happening more frequently again, whenever I opened a video file with VLC. I uninstalled my graphics drivers and reverted them back to a November 2008 version. Error was still present. Uninstalled a couple of older programs, and installed more drivers for chipset and audio. After too much playing around the error was worse than ever, happening every time any video file was activated, or sometimes triggering for no reason in windows. At this point I performed a system restore to a point 3 days ago. The system is now relatively stable again, with the static error only appearing intermittently. This is the updated HijackThis log with a more recent scan. I have the one done when I first made this topic also saved if you need to look through it.

EDIT 3: Restored my BIOS settings to default. Problem remains when activating video files or games. Downloaded and ran a video memory stress test. Video RAM came up clear with no errors. Pulled out and reinserted video and sound cards. Problem remains. I still need to rule out malware. After that I will probably start buying random computer components and try replacing them one by one.

EDIT 4: Ran Prime95 test on all four cores for 1 hour 42 minutes. No errors, temperature stable at 52C.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:00:25 PM, on 3/18/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe
C:\Program Files\ASUS\AASP\1.00.59\aaCenter.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\EVEMon\EVEMon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundTray] C:\Program Files\Analog Devices\SoundMAX\SoundTray.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Launch LgDevAgt] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EVEMon] "C:\Program Files\EVEMon\EVEMon.exe" -startMinimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard..lnk = C:\Program Files\Common Files\VistaRunApp.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: bw+0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: offline-8876480 - {93306614-061E-4879-9A65-FD51813F6B9B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HDD & SSD access service - BinarySense Ltd. - C:\Program Files\Common Files\BinarySense\disksvc.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 21395 bytes
The Horror
Active Member
 
Posts: 1
Joined: March 17th, 2009, 10:53 pm
Top
Advertisement
Register to Remove

Re: Bright coloured static, looping sound, system lock

Unread postby NonSuch » April 7th, 2009, 4:19 pm

We are sorry you have waited so long for a response. As you can see, we are quite busy as are all the other help forums. Also, it is possible that you received no response because there was no malware evident in your HijackThis log.

If you still require help, please start a new topic and post a fresh HijackThis log, along with a complete description of all symptoms you are currently experiencing that make you feel your system is infected with malware. Also, in the same post, please include an Uninstall List.

To create an Uninstall List, open HijackThis and, from the Main Menu > click on the "Open the Misc Tools section" button > click "Open Uninstall Manager" > click "Save List." Save the list to your Desktop or any convenient location. Next, copy the contents of the Uninstall List and paste it into the same post as your HijackThis log.

This topic is now closed. Please start a new topic by following the HijackThis Guideline posted here, and be sure to include your Uninstall List: >Guideline for posting your HijackThis log<
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Top
Topic locked

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 531 guests

The teamDelete all board cookiesAll times are UTC - 5 hours [ DST ]

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware

Board index