1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Mass Emails being sent from winlogin.exe

Discussion in 'Virus & Other Malware Removal' started by Skimanner, Dec 7, 2005.

Thread Status:
Not open for further replies.
  1. Skimanner

    Skimanner Thread Starter

    Joined:
    Dec 5, 2005
    Messages:
    3
    Ok it's kinda complicated to explain so I will do my best.

    My computer has been sending out mass emails for about a week now, I only know this because norton pops up all over the place telling me that its scanning emails, sometimes it stops for a while and sometimes it's sending them nonstop. I've ran a dozen virus scans with a dozen different scanners, includeing a registered norton antivurus.

    The only hint I'm going on after all this time now is a program called TCPView that I downloaded and ran that shows winlogon.exe all over the place all different ports when emails start going out. The worm(guessing its a worm) is useing its own SMTP because I don't have one setup on my computer.

    A friend of mine that works in tech. support has been over doing alot to the computer also but he can't figure it out, he was useing hijack this I've never used it, but gonna load it real quick and put a copy of the log into here, since I see you guys always asking for a copy of a log. the computer is not currently sending out emails thou. Also this TCPView program never shows Winlogin.exe unless emails are going out. I'll give you a copy of the TCPView looking normal first, then a copy of it when emails are going out, and then a log of hijackthis

    [System Process]:0 TCP abd-60d9dc4a92c:1076 localhost:1029 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c:1077 localhost:1029 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c:1078 localhost:1029 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c:1083 localhost:1029 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c:1085 localhost:1029 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c:1096 localhost:1029 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c:1108 localhost:1029 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c:11526 localhost:1099 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c:11526 localhost:1063 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c:11526 localhost:1129 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1079 berp-mc06.dial.aol.com:5190 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1080 reachability.aol.com:http TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1081 berp-mc10.dial.aol.com:5190 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1086 baym-cs246.msgr.hotmail.com:1863 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1097 www-vd02.evip.aol.com:http TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c:11526 localhost:1127 TIME_WAIT
    aim.exe:3176 TCP abd-60d9dc4a92c:5180 abd-60d9dc4a92c:0 LISTENING
    aim.exe:3176 TCP abd-60d9dc4a92c:1110 localhost:1029 ESTABLISHED
    aim.exe:3176 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1116 oam-m06b.blue.aol.com:5190 ESTABLISHED
    aim.exe:3176 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1121 64.236.43.86:http ESTABLISHED
    aim.exe:3176 UDP abd-60d9dc4a92c:1112 *:*
    alg.exe:3044 TCP abd-60d9dc4a92c:1036 abd-60d9dc4a92c:0 LISTENING
    AOLDial.exe:2772 UDP abd-60d9dc4a92c:1100 *:*
    AOLServiceHost.exe:2808 TCP abd-60d9dc4a92c:1087 localhost:1029 ESTABLISHED
    aoltpspd.exe:200 TCP abd-60d9dc4a92c:11500 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:200 TCP abd-60d9dc4a92c:11526 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:200 TCP abd-60d9dc4a92c:11527 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:200 TCP abd-60d9dc4a92c:11528 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:200 TCP abd-60d9dc4a92c:11529 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:200 TCP abd-60d9dc4a92c:11530 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:200 TCP abd-60d9dc4a92c:11531 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:200 TCP abd-60d9dc4a92c:11532 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:200 TCP abd-60d9dc4a92c:11533 abd-60d9dc4a92c:0 LISTENING
    bsa.exe:292 TCP abd-60d9dc4a92c:1026 abd-60d9dc4a92c:0 LISTENING
    bsa.exe:292 UDP abd-60d9dc4a92c:9595 *:*
    CCAPP.EXE:3680 TCP abd-60d9dc4a92c:1090 abd-60d9dc4a92c:0 LISTENING
    CCPROXY.EXE:176 TCP abd-60d9dc4a92c:1029 abd-60d9dc4a92c:0 LISTENING
    CCPROXY.EXE:176 TCP abd-60d9dc4a92c:1029 localhost:1087 ESTABLISHED
    CCPROXY.EXE:176 TCP abd-60d9dc4a92c:1029 localhost:1110 ESTABLISHED
    CCPROXY.EXE:176 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1088 64.236.43.85:http ESTABLISHED
    CCPROXY.EXE:176 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1111 64.12.25.86:5190 ESTABLISHED
    LogitechDesktopMessenger.exe:3424 UDP abd-60d9dc4a92c:9370 *:*
    lsass.exe:804 UDP abd-60d9dc4a92c:isakmp *:*
    lsass.exe:804 UDP abd-60d9dc4a92c:4500 *:*
    msmsgs.exe:3016 UDP abd-60d9dc4a92c:1089 *:*
    svchost.exe:1028 TCP abd-60d9dc4a92c:epmap abd-60d9dc4a92c:0 LISTENING
    svchost.exe:1124 UDP abd-60d9dc4a92c:ntp *:*
    svchost.exe:1124 UDP abd-60d9dc4a92c.kntnny.adelphia.net:ntp *:*
    svchost.exe:1244 UDP abd-60d9dc4a92c:1082 *:*
    svchost.exe:1244 UDP abd-60d9dc4a92c:1033 *:*
    svchost.exe:1288 UDP abd-60d9dc4a92c:1900 *:*
    svchost.exe:1288 UDP abd-60d9dc4a92c.kntnny.adelphia.net:1900 *:*
    System:4 TCP abd-60d9dc4a92c:microsoft-ds abd-60d9dc4a92c:0 LISTENING
    System:4 TCP abd-60d9dc4a92c.kntnny.adelphia.net:netbios-ssn abd-60d9dc4a92c:0 LISTENING
    System:4 UDP abd-60d9dc4a92c:microsoft-ds *:*
    System:4 UDP abd-60d9dc4a92c.kntnny.adelphia.net:netbios-dgm *:*
    System:4 UDP abd-60d9dc4a92c.kntnny.adelphia.net:netbios-ns *:*
    Win32sl.exe:1864 TCP abd-60d9dc4a92c:1028 abd-60d9dc4a92c:0 LISTENING
    =========================================================
    =========================================================

    Now here is a log of TCPView when emails are going out.... Only thing that seems to change is CCAPP and winlogin.exe shows up alot, CCAPP seems to be norton scanning the emails for virus's

    =========================================================
    =========================================================

    [System Process]:0 TCP abd-60d9dc4a92c:11526 localhost:2643 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c:11526 localhost:2421 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c:11526 localhost:2950 TIME_WAIT
    [System Process]:0 TCP abd-60d9dc4a92c:11526 localhost:2788 TIME_WAIT
    aim.exe:1540 TCP abd-60d9dc4a92c:5180 abd-60d9dc4a92c:0 LISTENING
    alg.exe:2888 TCP abd-60d9dc4a92c:1037 abd-60d9dc4a92c:0 LISTENING
    AOLServiceHost.exe:1728 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1050 64.236.41.120:http CLOSE_WAIT
    AOLServiceHost.exe:3080 TCP abd-60d9dc4a92c:1709 localhost:11527 CLOSE_WAIT
    aoltpspd.exe:204 TCP abd-60d9dc4a92c:11500 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:204 TCP abd-60d9dc4a92c:11526 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:204 TCP abd-60d9dc4a92c:11527 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:204 TCP abd-60d9dc4a92c:11528 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:204 TCP abd-60d9dc4a92c:11529 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:204 TCP abd-60d9dc4a92c:11530 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:204 TCP abd-60d9dc4a92c:11531 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:204 TCP abd-60d9dc4a92c:11532 abd-60d9dc4a92c:0 LISTENING
    aoltpspd.exe:204 TCP abd-60d9dc4a92c:11533 abd-60d9dc4a92c:0 LISTENING
    bsa.exe:300 TCP abd-60d9dc4a92c:1026 abd-60d9dc4a92c:0 LISTENING
    bsa.exe:300 UDP abd-60d9dc4a92c:9595 *:*
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 abd-60d9dc4a92c:0 LISTENING
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3030 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:2627 smtp-01.servidoresdns.net:smtp ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3004 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3020 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:2982 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:2997 scanner4.spamcow.com:smtp ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:2999 scanner4.spamcow.com:smtp ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3019 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3000 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3001 scanner4.spamcow.com:smtp SYN_SENT
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3003 scanner4.spamcow.com:smtp SYN_SENT
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3005 scanner4.spamcow.com:smtp SYN_SENT
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3014 mail.kpit.com:smtp SYN_SENT
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3016 mail.kpit.com:smtp SYN_SENT
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3021 mail2.kpit.com:smtp SYN_SENT
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3022 mail2.kpit.com:smtp SYN_SENT
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3023 mail.kpit.com:smtp SYN_SENT
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3029 mail.kpit.com:smtp SYN_SENT
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3031 mail2.kpit.com:smtp SYN_SENT
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3037 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3036 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3002 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3018 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3028 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3012 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3044 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3013 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3050 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3038 mail.kpit.com:smtp SYN_SENT
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3039 mail.kpit.com:smtp SYN_SENT
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:2991 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3048 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:3046 ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c:1048 localhost:2592 CLOSE_WAIT
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3045 204.146.55.140:smtp ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3047 204.146.55.140:smtp ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3049 204.146.55.140:smtp ESTABLISHED
    CCAPP.EXE:3572 TCP abd-60d9dc4a92c.kntnny.adelphia.net:3051 204.146.55.140:smtp ESTABLISHED
    CCPROXY.EXE:176 TCP abd-60d9dc4a92c:1030 abd-60d9dc4a92c:0 LISTENING
    lsass.exe:804 UDP abd-60d9dc4a92c:isakmp *:*
    lsass.exe:804 UDP abd-60d9dc4a92c:4500 *:*
    msmsgs.exe:1584 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1046 baym-cs296.msgr.hotmail.com:1863 ESTABLISHED
    msmsgs.exe:1584 UDP abd-60d9dc4a92c:1047 *:*
    svchost.exe:1032 TCP abd-60d9dc4a92c:epmap abd-60d9dc4a92c:0 LISTENING
    svchost.exe:1128 UDP abd-60d9dc4a92c:ntp *:*
    svchost.exe:1128 UDP abd-60d9dc4a92c.kntnny.adelphia.net:ntp *:*
    svchost.exe:1248 UDP abd-60d9dc4a92c:2430 *:*
    svchost.exe:1248 UDP abd-60d9dc4a92c:2431 *:*
    svchost.exe:1248 UDP abd-60d9dc4a92c:2435 *:*
    svchost.exe:1248 UDP abd-60d9dc4a92c:1873 *:*
    svchost.exe:1248 UDP abd-60d9dc4a92c:1028 *:*
    svchost.exe:1248 UDP abd-60d9dc4a92c:2428 *:*
    svchost.exe:1248 UDP abd-60d9dc4a92c:2432 *:*
    svchost.exe:1248 UDP abd-60d9dc4a92c:2429 *:*
    svchost.exe:1248 UDP abd-60d9dc4a92c:2433 *:*
    svchost.exe:1248 UDP abd-60d9dc4a92c:2434 *:*
    svchost.exe:1292 UDP abd-60d9dc4a92c:1900 *:*
    svchost.exe:1292 UDP abd-60d9dc4a92c.kntnny.adelphia.net:1900 *:*
    System:4 TCP abd-60d9dc4a92c:microsoft-ds abd-60d9dc4a92c:0 LISTENING
    System:4 TCP abd-60d9dc4a92c.kntnny.adelphia.net:netbios-ssn abd-60d9dc4a92c:0 LISTENING
    System:4 UDP abd-60d9dc4a92c:microsoft-ds *:*
    System:4 UDP abd-60d9dc4a92c.kntnny.adelphia.net:netbios-ns *:*
    System:4 UDP abd-60d9dc4a92c.kntnny.adelphia.net:netbios-dgm *:*
    waol.exe:1112 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1072 berp-fc09.dial.aol.com:5190 ESTABLISHED
    waol.exe:1112 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1078 64.12.25.158:5190 ESTABLISHED
    waol.exe:1112 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1610 game1.pogo.com:5162 CLOSE_WAIT
    waol.exe:1112 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1663 game1.pogo.com:5224 CLOSE_WAIT
    waol.exe:1112 TCP abd-60d9dc4a92c.kntnny.adelphia.net:1671 game1.pogo.com:5162 CLOSE_WAIT
    waol.exe:1112 UDP abd-60d9dc4a92c:1091 *:*
    Win32sl.exe:1836 TCP abd-60d9dc4a92c:1029 abd-60d9dc4a92c:0 LISTENING
    winlogon.exe:748 TCP abd-60d9dc4a92c:2592 localhost:1048 FIN_WAIT2
    winlogon.exe:748 TCP abd-60d9dc4a92c:2982 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:2991 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3000 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3002 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3004 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3012 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3013 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3018 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3019 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3020 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3028 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3030 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3036 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3037 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3044 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3046 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3048 localhost:1048 ESTABLISHED
    winlogon.exe:748 TCP abd-60d9dc4a92c:3050 localhost:1048 ESTABLISHED
    ====================================================
    ====================================================

    Post is too long, so I will post Hijack this post in next post
     
  2. Skimanner

    Skimanner Thread Starter

    Joined:
    Dec 5, 2005
    Messages:
    3
    Logfile of HijackThis v1.99.1
    Scan saved at 6:27:26 PM, on 12/7/2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\WINDOWS\System32\CTSvcCDA.EXE
    C:\WINDOWS\ehome\ehSched.exe
    C:\Program Files\Intel\BootStrap Agent\Bsa.exe
    C:\Program Files\Intel\LDCM\bin\IIDS.exe
    C:\Program Files\Norton Internet Security\ISSVC.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
    C:\WINDOWS\system32\slserv.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\Program Files\Intel\DMI\BIN\WIN32SL.EXE
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
    C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    C:\Program Files\AIM\aim.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Common Files\AOL\1102527769\EE\AOLHostManager.exe
    C:\Program Files\Common Files\AOL\1102527769\EE\AOLServiceHost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Hewlett-Packard\AiO\hp officejet 5100 series\Bin\hpoant07.exe
    C:\Program Files\Hewlett-Packard\AiO\hp officejet 5100 series\FRU\Remind32.exe
    c:\program files\common files\aol\1102527769\ee\services\antiSpywareApp\ver2_0_7\AOLSP Scheduler.exe
    C:\Program Files\Common Files\AOL\1102527769\EE\AOLServiceHost.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
    C:\WINDOWS\System32\HPZipm12.exe
    C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
    C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
    C:\Program Files\America Online 9.0b\waol.exe
    C:\Program Files\America Online 9.0b\shellmon.exe
    C:\WINDOWS\system32\slrundll.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\OPScan.exe
    C:\Documents and Settings\denise brosaus\Desktop\Tcpview.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\denise brosaus\Desktop\****ed\HijackThis.exe

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://companion.logitech.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [User Space Manager] C:\Program Files\Intel\LDCM\Bin\USM.exe
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
    O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1102527769\EE\AOLHostManager.exe
    O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
    O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0b\AOL.EXE" -b
    O4 - Startup: Hewlett-Packard Recorder.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet 5100 series\FRU\Remind32.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HPAiODevice(hp officejet 5100 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet 5100 series\Bin\hpoant07.exe
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: 6th Street Omaha Poker by pogo - http://game1.pogo.com/applet-6.4.3.36/omaha/omaha-ob-assets.cab
    O16 - DPF: Aces Up! by pogo - http://game1.pogo.com/applet-6.3.4.49/aces/aces-ob-assets.cab
    O16 - DPF: Ali Baba Slots TM by pogo - http://game1.pogo.com/applet-6.3.0.53/slots/alibaba-ob-assets.cab
    O16 - DPF: Backgammon by pogo - http://game1.pogo.com/applet-6.3.3.38/backgammon/backgammon-ob-assets.cab
    O16 - DPF: Blackjack by pogo - http://game1.pogo.com/applet-6.4.2.23/blackjack/blackjack-ob-assets.cab
    O16 - DPF: Buckaroo Blackjack TM by pogo - http://game1.pogo.com/applet-6.4.0.41/videoblackjack/videoblackjack-ob-assets.cab
    O16 - DPF: Canasta by pogo - http://game1.pogo.com/applet-6.4.2.30/canasta/canasta-ob-assets.cab
    O16 - DPF: Checkers by pogo - http://game1.pogo.com/applet-6.4.0.34/checkers2/checkers-ob-assets.cab
    O16 - DPF: Cribbage by pogo - http://game1.pogo.com/applet-6.4.0.48/cribbage/cribbage-ob-assets.cab
    O16 - DPF: Dice Derby by pogo - http://game1.pogo.com/applet-6.3.4.64/checkeredflag/checkeredflag-ob-assets.cab
    O16 - DPF: Dominoes by pogo - http://game1.pogo.com/applet-6.4.3.28/domino/domino-ob-assets.cab
    O16 - DPF: Double Deuce Poker by pogo - http://game1.pogo.com/applet-6.4.0.34/videopoker2/doubledeuce-ob-assets.cab
    O16 - DPF: Euchre by pogo - http://game1.pogo.com/applet-6.3.3.27/euchre/euchre-ob-assets.cab
    O16 - DPF: First Class Solitaire by pogo - http://game1.pogo.com/applet-6.3.3.38/solitaire2/solitaire2-ob-assets.cab
    O16 - DPF: Fortune Bingo by pogo - http://game1.pogo.com/applet-6.4.1.46/superbingo/superbingo-ob-assets.cab
    O16 - DPF: Greenback Bayou by pogo - http://game1.pogo.com/applet-6.4.1.46/greenback/greenback-ob-assets.cab
    O16 - DPF: High Stakes Poker by pogo - http://game1.pogo.com/applet-6.4.0.41/drawpoker/drawpoker-ob-assets.cab
    O16 - DPF: Jigsaw Detective by pogo - http://game1.pogo.com/applet-6.4.1.46/jigsaw/jigsaw-ob-assets.cab
    O16 - DPF: Jokers Wild Poker by pogo - http://game1.pogo.com/applet-6.3.2.25/videopoker2/jokerswild-ob-assets.cab
    O16 - DPF: Jungle Gin by pogo - http://game1.pogo.com/applet-6.3.4.49/gin/gin-ob-assets.cab
    O16 - DPF: Lottso by pogo - http://game1.pogo.com/applet-6.3.4.64/lottso/lottso-ob-assets.cab
    O16 - DPF: Mah Jong Garden by pogo - http://game1.pogo.com/applet-6.4.3.36/mahjong/mahjong-ob-assets.cab
    O16 - DPF: Multiline Slots by pogo - http://game1.pogo.com/applet-6.3.3.27/mlslots/mlslots-ob-assets.cab
    O16 - DPF: Payday FreeCell by pogo - http://game1.pogo.com/applet-6.3.4.49/freecell/freecell-ob-assets.cab
    O16 - DPF: Penguin Blocks by pogo - http://game1.pogo.com/applet-6.4.1.46/penguins/penguins-ob-assets.cab
    O16 - DPF: Phlinx by pogo - http://game1.pogo.com/applet-6.3.2.25/flinger/flinger-ob-assets.cab
    O16 - DPF: Pinochle by pogo - http://game1.pogo.com/applet-6.4.1.46/pinochle/pinochle-ob-assets.cab
    O16 - DPF: Pop Fu by pogo - http://game1.pogo.com/applet-6.4.2.30/popfu/popfu-ob-assets.cab
    O16 - DPF: PoppaZoppa by pogo - http://game1.pogo.com/applet-6.4.2.30/poppazoppa/poppazoppa-ob-assets.cab
    O16 - DPF: Poppit by pogo - http://game1.pogo.com/applet-6.4.2.30/poppit2/poppit2-ob-assets.cab
    O16 - DPF: Quick Quack by pogo - http://game1.pogo.com/applet-6.4.3.28/hotstreak/hotstreak-ob-assets.cab
    O16 - DPF: QWERTY by pogo - http://game1.pogo.com/applet-6.4.1.46/squares/squares-ob-assets.cab
    O16 - DPF: SciFi Slots by pogo - http://game1.pogo.com/applet-6.3.3.27/slots/scifi-ob-assets.cab
    O16 - DPF: Squelchies by pogo - http://game1.pogo.com/applet-6.3.4.49/squelchies/squelchies-ob-assets.cab
    O16 - DPF: Stax by pogo - http://game1.pogo.com/applet-6.3.4.49/stax/stax-ob-assets.cab
    O16 - DPF: Stellar Sweeper by pogo - http://game1.pogo.com/applet-6.4.3.28/sweeper/sweeper-ob-assets.cab
    O16 - DPF: Sweet Tooth TM by pogo - http://game1.pogo.com/applet-6.4.3.28/sweettooth/sweettooth-ob-assets.cab
    O16 - DPF: Texas Hold'em Poker by pogo - http://game1.pogo.com/applet-6.3.4.49/holdem/holdem-ob-assets.cab
    O16 - DPF: Tri-Peaks by pogo - http://game1.pogo.com/applet-6.4.0.48/peaks/peaks-ob-assets.cab
    O16 - DPF: Turbo 21 TM by pogo - http://game1.pogo.com/applet-6.4.1.53/turbo21/turbo21-ob-assets.cab
    O16 - DPF: Word Whomp by pogo - http://game1.pogo.com/applet-6.4.1.46/wordwhomp2/whomp2-ob-assets.cab
    O16 - DPF: Word Whomp Whackdown by pogo - http://game1.pogo.com/applet-6.4.0.48/whackdown/whackdown-ob-assets.cab
    O16 - DPF: WordJong by pogo - http://game1.pogo.com/applet-6.4.0.34/wordjong/wordjong-ob-assets.cab
    O16 - DPF: World Class Solitaire by pogo - http://game1.pogo.com/applet-6.4.2.23/worldclass/worldclass-ob-assets.cab
    O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/MyFunCardsFWBInitialSetup1.0.0.15.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1133197099687
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
    O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
    O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Install3.0/Installer.exe
    O16 - DPF: {C77FB8C0-8B6D-440E-AC26-2BD39E97E8F2} (SpdTCtl Class) - http://speedtest.adelphia.net/customerdiag/speedtest/SPEEDTESTACTIVEX.CAB
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4635/mcfscan.cab
    O18 - Protocol: bw+0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {5B54DD6D-8E1E-43EF-8326-E870A9559E51} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
    O23 - Service: Intel Bootstrap Agent - Intel Corporation - C:\Program Files\Intel\BootStrap Agent\Bsa.exe
    O23 - Service: Intel CI Manager - Intel(R) Corporation - C:\Program Files\Intel\LDCM\ci\cimgr\CiMgrLdr.exe
    O23 - Service: Intel IIDS - Intel(R) Corporation - C:\Program Files\Intel\LDCM\bin\IIDS.exe
    O23 - Service: Intel SSM - Intel(R) Corporation - C:\Program Files\Intel\LDCM\bin\ssm.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: PrismXL - Lanovation - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    O23 - Service: win32sl - Smart Technology Enablers - C:\Program Files\Intel\DMI\BIN\WIN32SL.EXE
     
  3. Skimanner

    Skimanner Thread Starter

    Joined:
    Dec 5, 2005
    Messages:
    3
    Another couple things too note that may or may not help is that the problem dissapeared for past 2 days, havent sent any emails, and then it just started back up again. Also it seems that it only sends emails to @yahoo addresses (at least thats the only ones I get errors from Norton from)
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Mass Emails being
  1. pegleg
    Replies:
    36
    Views:
    1,909
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/423303

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice