•
•
•
•
What is DaniWeb IT Discussion Community?
You're currently browsing the Viruses, Spyware and other Nasties section within the Tech Talk category of DaniWeb, a massive community of 426,456 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 2,229 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our Viruses, Spyware and other Nasties advertiser: Programming Forums
Views: 835 | Replies: 1
 |
| |
•
•
Join Date: May 2005
Posts: 1
Reputation: 
Rep Power: 0
Solved Threads: 0
Newbie Poster
VX2/F problem along with other issues... Here is my hijackthis log....
Logfile of HijackThis v1.99.1
Scan saved at 11:52:55 PM, on 5/13/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PowerDVD\powerdvd5\PDVDServ.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\documents and settings\david bavdekar\local settings\temp\sSm.exe
C:\documents and settings\david bavdekar\local settings\temp\CqkE.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Winamp5\Winamp\winampa.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\??oolsv.exe
C:\Documents and Settings\David Bavdekar\Application Data\mslo.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\BitTorrent\btdownloadgui.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\DAVIDB~1\LOCALS~1\Temp\Rar$EX01.948\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F1 - win.ini: load=c:\creative\bin\01comm32.exe
O2 - BHO: (no name) - {00000000-167B-41bc-95FF-86A07B14712C} - C:\WINDOWS\System32\he3bbcff.dll (file missing)
O2 - BHO: (no name) - {00000000-2565-4c5b-A455-A74C8A2247AB} - C:\WINDOWS\System32\wmcbaaca.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spyboot\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Documents and Settings\David Bavdekar\Local Settings\Temp\68Imz1.dll
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: (no name) - {C6C9AF3E-05ED-8601-0691-AEF19DC48E9A} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [hpsysconf1] C:\WINDOWS\System32\sqpmikp.exe
O4 - HKLM\..\Run: [LzioMediaUpdater] C:\WINDOWS\System32\LzioMediaUpdater.exe
O4 - HKLM\..\Run: [he3bbcff] rundll32.exe C:\WINDOWS\System32\he3bbcff.dll,EnableRunDLL32
O4 - HKLM\..\Run: [wmcbaaca] rundll32.exe C:\WINDOWS\System32\wmcbaaca.dll,EnableRunDLL32
O4 - HKLM\..\Run: [icddefff] rundll32.exe C:\WINDOWS\System32\icddefff.dll,EnableRunDLL32
O4 - HKLM\..\Run: [ielcaabe] rundll32.exe C:\WINDOWS\System32\ielcaabe.dll,EnableRunDLL32
O4 - HKLM\..\Run: [iel2cde8] rundll32.exe C:\WINDOWS\System32\ielcaabe.dll,EnableRunDLL32
O4 - HKLM\..\Run: [SrchfstUpdate] C:\WINDOWS\srchupdt.exe
O4 - HKLM\..\Run: [icdd7ee6] rundll32.exe C:\WINDOWS\System32\icddefff.dll,EnableRunDLL32
O4 - HKLM\..\Run: [RemoteControl] C:\PowerDVD\powerdvd5\PDVDServ.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [towfezv] C:\WINDOWS\Lbczxs.exe
O4 - HKLM\..\Run: [rp9g36W] h5metup.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [sSm] C:\documents and settings\david bavdekar\local settings\temp\sSm.exe
O4 - HKLM\..\Run: [CqkE] C:\documents and settings\david bavdekar\local settings\temp\CqkE.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Winamp5\Winamp\winampa.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [aEqmRWamQ] indtery.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Tsa2] C:\PROGRA~1\COMMON~1\tsa\tsm2.exe
O4 - HKCU\..\Run: [Pafsfcc] C:\WINDOWS\System32\??oolsv.exe
O4 - HKCU\..\Run: [Skype] "C:\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sorr] C:\Documents and Settings\David Bavdekar\Application Data\mslo.exe
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yaho...st20040510.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yaho...opper1_4us.cab
O18 - Protocol: bw+0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\System32\catsrvut.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
My system is very slow with all the spywares, I guess. I can't get rid of VX2/F problem.
Can someone please suggest any remedies by looking at the log?
I appreciate your help.
Thanks!
Logfile of HijackThis v1.99.1
Scan saved at 11:52:55 PM, on 5/13/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\PowerDVD\powerdvd5\PDVDServ.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe
C:\documents and settings\david bavdekar\local settings\temp\sSm.exe
C:\documents and settings\david bavdekar\local settings\temp\CqkE.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\LVComS.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\Winamp5\Winamp\winampa.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\??oolsv.exe
C:\Documents and Settings\David Bavdekar\Application Data\mslo.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\BitTorrent\btdownloadgui.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\DAVIDB~1\LOCALS~1\Temp\Rar$EX01.948\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F1 - win.ini: load=c:\creative\bin\01comm32.exe
O2 - BHO: (no name) - {00000000-167B-41bc-95FF-86A07B14712C} - C:\WINDOWS\System32\he3bbcff.dll (file missing)
O2 - BHO: (no name) - {00000000-2565-4c5b-A455-A74C8A2247AB} - C:\WINDOWS\System32\wmcbaaca.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spyboot\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Documents and Settings\David Bavdekar\Local Settings\Temp\68Imz1.dll
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: (no name) - {C6C9AF3E-05ED-8601-0691-AEF19DC48E9A} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [hpsysconf1] C:\WINDOWS\System32\sqpmikp.exe
O4 - HKLM\..\Run: [LzioMediaUpdater] C:\WINDOWS\System32\LzioMediaUpdater.exe
O4 - HKLM\..\Run: [he3bbcff] rundll32.exe C:\WINDOWS\System32\he3bbcff.dll,EnableRunDLL32
O4 - HKLM\..\Run: [wmcbaaca] rundll32.exe C:\WINDOWS\System32\wmcbaaca.dll,EnableRunDLL32
O4 - HKLM\..\Run: [icddefff] rundll32.exe C:\WINDOWS\System32\icddefff.dll,EnableRunDLL32
O4 - HKLM\..\Run: [ielcaabe] rundll32.exe C:\WINDOWS\System32\ielcaabe.dll,EnableRunDLL32
O4 - HKLM\..\Run: [iel2cde8] rundll32.exe C:\WINDOWS\System32\ielcaabe.dll,EnableRunDLL32
O4 - HKLM\..\Run: [SrchfstUpdate] C:\WINDOWS\srchupdt.exe
O4 - HKLM\..\Run: [icdd7ee6] rundll32.exe C:\WINDOWS\System32\icddefff.dll,EnableRunDLL32
O4 - HKLM\..\Run: [RemoteControl] C:\PowerDVD\powerdvd5\PDVDServ.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [towfezv] C:\WINDOWS\Lbczxs.exe
O4 - HKLM\..\Run: [rp9g36W] h5metup.exe
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\msnappau.exe"
O4 - HKLM\..\Run: [sSm] C:\documents and settings\david bavdekar\local settings\temp\sSm.exe
O4 - HKLM\..\Run: [CqkE] C:\documents and settings\david bavdekar\local settings\temp\CqkE.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Winamp5\Winamp\winampa.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [aEqmRWamQ] indtery.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Tsa2] C:\PROGRA~1\COMMON~1\tsa\tsm2.exe
O4 - HKCU\..\Run: [Pafsfcc] C:\WINDOWS\System32\??oolsv.exe
O4 - HKCU\..\Run: [Skype] "C:\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sorr] C:\Documents and Settings\David Bavdekar\Application Data\mslo.exe
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yaho...st20040510.cab
O16 - DPF: {BAC01377-73DD-4796-854D-2A8997E3D68A} (Yahoo! Photos Easy Upload Tool Class) - http://us.dl1.yimg.com/download.yaho...opper1_4us.cab
O18 - Protocol: bw+0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {53613169-50DC-4753-AE45-9B5250B9076F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\System32\catsrvut.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
My system is very slow with all the spywares, I guess. I can't get rid of VX2/F problem.
Can someone please suggest any remedies by looking at the log?
I appreciate your help.
Thanks!
•
•
Join Date: Feb 2004
Location: Oztralya
Posts: 7,816
Reputation:
Rep Power: 22
Solved Threads: 431
Hi and welcome to Daniweb 
.
You are running hijackthis from a temporary folder, can you please create a new folder on your desktop and move hijackthis into it and run it from there.
Go here to TrendMicro for an on-line scan & set it to autoclean for you. When it completes, post back the full filename of any files that cannot be cleaned or deleted.
Try this scan at Panda as well.
The scan here does not require an active X install, but uses java instead.
http://fr.trendmicro-europe.com/cons...all_launch.php
Run the PurityScan uninstaller.
1. Download and install Ad-Aware SE, keeping the default options. However, some of the settings will need to be changed before your first scan
2.Close ALL windows except Ad-Aware SE
3. Click on the‘world’ icon at the top right of the Ad-Aware SE window and let AdAware SE update the reference list for the adware and malware.
4. Once the update is finished click on the ‘Gear’ icon (second from the left at the top of the window) to access the preferences/settings window
1) In the ‘General’ window make sure the following are selected in green:
*Automatically save log-file
*Automatically quarantine objects prior to removal
*Safe Mode (always request confirmation)
Under Definitions:
*Prompt to udate outdated definitions - set the number of days
2) Click on the ‘Scanning’ button on the left and select in green :
Under Driver, Folders & Files:
*Scan Within Archives
Under Select drives & folders to scan -
*choose all hard drives
Under Memory & Registry: all green
*Scan Active Processes
*Scan Registry
*Deep Scan Registry
*Scan my IE favorites for banned URL’s
*Scan my Hosts file
3) Click on the ‘Advanced’ button on the left and select in green:
Under Shell Integration:
*Move deleted files to recycle bin
Under Logfile Detail Level: (all green)
*include addtional object information
*DESELECT - include negligible objects information
*include environment information
Under Alternate Data Streams:
*Don't log streams smaller than 0 bytes
*Don't log ADS with the following names: CA_INOCULATEIT
4) Click the ‘Tweak’ button and select in green:
Under the ‘Scanning Engine’:
*Unload recognized processes during scanning
*Scan registry for all users instead of current user only
Under the ‘Cleaning Engine’:
*Let Windows remove files in use at next reboot
Under the Log Files:
*Include basic Ad-aware SE settings in logfile
*Include additional Ad-aware SE settings in logfile
*Please do not check or make green: Include Module list in logfile
5. Click on ‘Proceed’ to save the settings.
6. Click ‘Start’
*Choose:'Perform Full System Scan'
*DESELECT "Search for negligible risk entries", as negligible risk entries (MRU's) are not considered to be a threat.
7. Click ‘Next’ and Ad-Aware SE will scan your hard drive(s) with the options you have selected and clean automatically.
8. If Ad-Aware SE finds bad entries, you will receive a list of what it found in the window
9. Save the log file when it asks and then click ‘finish’
10. REBOOT to complete the removal of what Ad-Aware SE found
Download & instal Spybot S&D 1.3 from here. Update it before scanning.
After the scan is complete, have spybot fix everything marked RED.
On the page that first opens when you start Spybot there is an option to immunise, you should do this. In the immunise section there is also a link to download Spywareblaster. This program will prevent the install of bad activex controls that it has knowledge of. Download that & you can keep it updated by selecting the same link that you use to download it. Reboot
download the VX cleaner plug in for Adaware. Install it, then open Adaware & go to *add-ons* & run the plug-in. If anything is found, select *clean system* & when done, reboot & run Adaware & let it finish the clean-up. Reboot again.
http://www.lavasoftusa.com/software/...2cleaner.shtml
After the last reboot, rescan with hijackthis and post another log please.
. You are running hijackthis from a temporary folder, can you please create a new folder on your desktop and move hijackthis into it and run it from there.
Go here to TrendMicro for an on-line scan & set it to autoclean for you. When it completes, post back the full filename of any files that cannot be cleaned or deleted.
Try this scan at Panda as well.
The scan here does not require an active X install, but uses java instead.
http://fr.trendmicro-europe.com/cons...all_launch.php
Run the PurityScan uninstaller.
1. Download and install Ad-Aware SE, keeping the default options. However, some of the settings will need to be changed before your first scan
2.Close ALL windows except Ad-Aware SE
3. Click on the‘world’ icon at the top right of the Ad-Aware SE window and let AdAware SE update the reference list for the adware and malware.
4. Once the update is finished click on the ‘Gear’ icon (second from the left at the top of the window) to access the preferences/settings window
1) In the ‘General’ window make sure the following are selected in green:
*Automatically save log-file
*Automatically quarantine objects prior to removal
*Safe Mode (always request confirmation)
Under Definitions:
*Prompt to udate outdated definitions - set the number of days
2) Click on the ‘Scanning’ button on the left and select in green :
Under Driver, Folders & Files:
*Scan Within Archives
Under Select drives & folders to scan -
*choose all hard drives
Under Memory & Registry: all green
*Scan Active Processes
*Scan Registry
*Deep Scan Registry
*Scan my IE favorites for banned URL’s
*Scan my Hosts file
3) Click on the ‘Advanced’ button on the left and select in green:
Under Shell Integration:
*Move deleted files to recycle bin
Under Logfile Detail Level: (all green)
*include addtional object information
*DESELECT - include negligible objects information
*include environment information
Under Alternate Data Streams:
*Don't log streams smaller than 0 bytes
*Don't log ADS with the following names: CA_INOCULATEIT
4) Click the ‘Tweak’ button and select in green:
Under the ‘Scanning Engine’:
*Unload recognized processes during scanning
*Scan registry for all users instead of current user only
Under the ‘Cleaning Engine’:
*Let Windows remove files in use at next reboot
Under the Log Files:
*Include basic Ad-aware SE settings in logfile
*Include additional Ad-aware SE settings in logfile
*Please do not check or make green: Include Module list in logfile
5. Click on ‘Proceed’ to save the settings.
6. Click ‘Start’
*Choose:'Perform Full System Scan'
*DESELECT "Search for negligible risk entries", as negligible risk entries (MRU's) are not considered to be a threat.
7. Click ‘Next’ and Ad-Aware SE will scan your hard drive(s) with the options you have selected and clean automatically.
8. If Ad-Aware SE finds bad entries, you will receive a list of what it found in the window
9. Save the log file when it asks and then click ‘finish’
10. REBOOT to complete the removal of what Ad-Aware SE found
Download & instal Spybot S&D 1.3 from here. Update it before scanning.
After the scan is complete, have spybot fix everything marked RED.
On the page that first opens when you start Spybot there is an option to immunise, you should do this. In the immunise section there is also a link to download Spywareblaster. This program will prevent the install of bad activex controls that it has knowledge of. Download that & you can keep it updated by selecting the same link that you use to download it. Reboot
download the VX cleaner plug in for Adaware. Install it, then open Adaware & go to *add-ons* & run the plug-in. If anything is found, select *clean system* & when done, reboot & run Adaware & let it finish the clean-up. Reboot again.
http://www.lavasoftusa.com/software/...2cleaner.shtml
After the last reboot, rescan with hijackthis and post another log please.
Proud member of ASAP (Alliance of Security analysis Professionals).
Opera How you got infected AVAST anti-virus Comodo Firewall Spywareblaster
Please do not PM me for help. Instead, post in the public forum where others may benefit.
Opera How you got infected AVAST anti-virus Comodo Firewall Spywareblaster
Please do not PM me for help. Instead, post in the public forum where others may benefit.
|
•
•
•
•
•
•
•
•
DaniWeb Viruses, Spyware and other Nasties Marketplace
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Hybrid Mode
- help with form/ display issues (ColdFusion)
- Can't get rid of VX2!! (Viruses, Spyware and other Nasties)
- DSO Exploit + VX2/F problem along with brower home page problem (Viruses, Spyware and other Nasties)
Other Threads in the Viruses, Spyware and other Nasties Forum
- Previous Thread: iserror.txt popping up in random spots
- Next Thread: HELP with spy / ad ware
