Jump to content

chrisb

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Everything seems to be working back to normal. I was really worried because I use this for work, and was thinking the worst, while hoping for the best. I am so greatful that you were here yesterday and that I was able to get the help and the fix in no time! Again, you are a LIFE SAVER! chris
  2. Hi Tigger I just did it and it was quarentined and deleted successfully! Thank you so much for all of your help, I really appreciate that you spent the time helping me. Malwarebytes' Anti-Malware 1.31 Database version: 1597 Windows 5.1.2600 Service Pack 3 1/2/2009 10:49:53 AM mbam-log-2009-01-02 (10-49-53).txt Scan type: Quick Scan Objects scanned: 56629 Time elapsed: 2 minute(s), 57 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  3. Sorry, I meant to say, that I ran it, tried to remove it, restarted and they are still there.
  4. Process Explorer.EXE killed successfully! [Registry - Safe List] Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ not found. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ not found. Registry value HKEY_USERS\S-1-5-21-3280077785-104498234-1438945308-1006\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ not found. Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\Contains\Files\ not found. not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully. [Files/Folders - Created Within 30 Days] C:\Documents and Settings\Chrisb\Desktop\VirtumundoBeGone.exe moved successfully. [Files/Folders - Modified Within 30 Days] File move failed. C:\WINDOWS\Temp\Perflib_Perfdata_73c.dat scheduled to be moved on reboot. File C:\Documents and Settings\Chrisb\Desktop\VirtumundoBeGone.exe not found! C:\WINDOWS\System32\rolojaho moved successfully. [Purity] Purity scan complete. [Empty Temp Folders] File delete failed. C:\Documents and Settings\Chrisb\Local Settings\Temp\~DF92CF.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_73c.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. RecycleBin -> emptied. Explorer started successfully < End of fix log > OTScanIt2 by OldTimer - Version 1.0.4.2 fix logfile created on 01012009_152310 Files moved on Reboot... File C:\WINDOWS\Temp\Perflib_Perfdata_73c.dat not found! File C:\Documents and Settings\Chrisb\Local Settings\Temp\~DF92CF.tmp not found! File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot. Registry entries deleted on Reboot...
  5. I cleaned up, and I then ran Malwarebytes and it is still showing up. Malwarebytes' Anti-Malware 1.31 Database version: 1589 Windows 5.1.2600 Service Pack 3 1/1/2009 1:58:54 PM mbam-log-2009-01-01 (13-58-54).txt Scan type: Quick Scan Objects scanned: 52508 Time elapsed: 33 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  6. Thanks for all your help. I really appreciate it ComboFix 08-12-31.01 - Chrisb 2009-01-01 13:30:04.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2037.1480 [GMT -8:00] Running from: c:\documents and settings\Chrisb\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Chrisb\Desktop\CFScript.txt AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) * Created a new restore point FILE :: c:\windows\Tasks\xflurnwa.job . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\VundoFix Backups c:\windows\Tasks\xflurnwa.job . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_ndfvmc ((((((((((((((((((((((((( Files Created from 2008-12-01 to 2009-01-01 ))))))))))))))))))))))))))))))) . 2009-01-01 10:54 . 2009-01-01 10:54 <DIR> d-------- c:\program files\Trend Micro 2009-01-01 09:23 . 2009-01-01 09:23 <DIR> d-------- c:\program files\Panda Security 2009-01-01 09:23 . 2008-06-19 17:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys 2008-12-31 19:15 . 2009-01-01 10:51 <DIR> d-------- c:\program files\Enigma Software Group 2008-12-31 16:25 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll 2008-12-31 16:25 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui 2008-12-29 21:20 . 2008-10-16 12:38 6,066,176 --------- c:\windows\system32\dllcache\ieframe.dll 2008-12-29 21:20 . 2007-04-17 01:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat 2008-12-29 21:20 . 2007-03-07 21:10 991,232 --------- c:\windows\system32\dllcache\ieframe.dll.mui 2008-12-29 21:20 . 2008-10-16 12:38 459,264 --------- c:\windows\system32\dllcache\msfeeds.dll 2008-12-29 21:20 . 2008-10-16 12:38 383,488 --------- c:\windows\system32\dllcache\ieapfltr.dll 2008-12-29 21:20 . 2008-10-16 12:38 267,776 --------- c:\windows\system32\dllcache\iertutil.dll 2008-12-29 21:20 . 2008-10-16 12:38 63,488 --------- c:\windows\system32\dllcache\icardie.dll 2008-12-29 21:20 . 2008-10-16 12:38 52,224 --------- c:\windows\system32\dllcache\msfeedsbs.dll 2008-12-29 21:20 . 2008-10-16 05:11 13,824 --------- c:\windows\system32\dllcache\ieudinit.exe 2008-12-29 20:42 . 2008-12-29 20:42 <DIR> d-------- c:\windows\system32\scripting 2008-12-29 20:42 . 2008-12-29 20:42 <DIR> d-------- c:\windows\system32\en 2008-12-29 20:42 . 2008-12-29 20:42 <DIR> d-------- c:\windows\system32\bits 2008-12-29 20:42 . 2008-12-29 20:42 <DIR> d-------- c:\windows\l2schemas 2008-12-29 20:41 . 2008-12-29 20:41 <DIR> d-------- c:\windows\ServicePackFiles 2008-12-29 20:38 . 2008-12-29 20:38 <DIR> d-------- c:\windows\EHome 2008-12-29 20:07 . 2008-09-08 02:41 333,824 --------- c:\windows\system32\dllcache\srv.sys 2008-12-29 20:06 . 2008-08-14 02:11 2,189,184 --------- c:\windows\system32\dllcache\ntoskrnl.exe 2008-12-29 20:06 . 2008-08-14 02:09 2,145,280 --------- c:\windows\system32\dllcache\ntkrnlmp.exe 2008-12-29 20:06 . 2008-08-14 01:33 2,066,048 --------- c:\windows\system32\dllcache\ntkrnlpa.exe 2008-12-29 20:06 . 2008-08-14 01:33 2,023,936 --------- c:\windows\system32\dllcache\ntkrpamp.exe 2008-12-29 20:06 . 2008-09-15 04:12 1,846,400 --------- c:\windows\system32\dllcache\win32k.sys 2008-12-29 20:06 . 2008-04-11 11:04 691,712 --------- c:\windows\system32\dllcache\inetcomm.dll 2008-12-29 20:06 . 2008-10-24 03:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys 2008-12-29 20:06 . 2008-05-01 06:33 331,776 --------- c:\windows\system32\dllcache\msadce.dll 2008-12-29 20:05 . 2008-09-04 09:15 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll 2008-12-29 20:05 . 2008-10-15 08:34 337,408 --------- c:\windows\system32\dllcache\netapi32.dll 2008-12-29 19:19 . 2008-12-29 19:19 410,984 --a------ c:\windows\system32\deploytk.dll 2008-12-29 19:19 . 2008-12-29 19:19 73,728 --a------ c:\windows\system32\javacpl.cpl 2008-12-28 17:32 . 2008-12-28 17:32 0 --a------ c:\windows\VPC32.INI 2008-12-28 16:58 . 2009-01-01 13:32 <DIR> d-------- c:\program files\Symantec AntiVirus 2008-12-28 16:58 . 2008-12-28 16:58 <DIR> d-------- c:\program files\Symantec 2008-12-28 16:58 . 2008-12-28 16:59 <DIR> d-------- c:\program files\Common Files\Symantec Shared 2008-12-28 16:58 . 2008-12-28 16:58 <DIR> d-------- c:\documents and settings\All Users\Application Data\Symantec 2008-12-28 16:58 . 2008-12-28 16:58 123,952 --a------ c:\windows\system32\drivers\SYMEVENT.SYS 2008-12-28 16:58 . 2008-12-28 16:58 60,800 --a------ c:\windows\system32\S32EVNT1.DLL 2008-12-28 16:58 . 2008-12-28 16:58 10,671 --a------ c:\windows\system32\drivers\SYMEVENT.CAT 2008-12-28 16:58 . 2008-12-28 16:58 805 --a------ c:\windows\system32\drivers\SYMEVENT.INF 2008-12-28 16:42 . 2008-12-28 16:42 <DIR> d-------- c:\program files\Lavasoft 2008-12-28 16:42 . 2008-12-28 16:42 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2008-12-28 16:42 . 2008-12-28 16:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2008-12-28 15:53 . 2008-12-29 19:33 <DIR> d-------- c:\program files\Windows Live Safety Center 2008-12-28 13:52 . 2008-12-31 21:10 <DIR> d-------- c:\program files\Spybot - Search & Destroy 2008-12-28 13:52 . 2008-12-28 13:52 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-12-28 13:41 . 2008-12-28 13:41 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-28 13:41 . 2008-12-28 13:41 <DIR> d-------- c:\documents and settings\Chrisb\Application Data\Malwarebytes 2008-12-28 13:41 . 2008-12-28 13:41 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-28 13:41 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-28 13:41 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-27 20:57 . 2008-12-27 20:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2008-12-27 20:56 . 2008-12-28 13:21 <DIR> d-------- c:\program files\SUPERAntiSpyware 2008-12-27 20:56 . 2008-12-28 13:21 <DIR> d-------- c:\documents and settings\Chrisb\Application Data\SUPERAntiSpyware.com . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-30 03:19 --------- d-----w c:\program files\Java 2008-12-29 00:41 238 ----a-w c:\program files\pecld.txt 2008-11-09 23:18 --------- d-----w c:\program files\Common Files\Adobe 2008-11-05 02:15 25,280 ----a-w c:\documents and settings\Chrisb\Application Data\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((( snapshot@2009-01-01_12.58.36.39 ))))))))))))))))))))))))))))))))))))))))) . + 2009-01-01 21:32:11 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_744.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-03-11 202544] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-13 142104] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-13 162584] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-06-13 138008] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-29 136600] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 1116920] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2007-09-17 124200] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-05-15 29744] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-03-11 202544] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-06-24 53096] "vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2008-09-30 125368] "RTHDCPL"="RTHDCPL.EXE" [2007-06-13 c:\windows\RTHDCPL.EXE] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-12 83360] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"= "c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"= "c:\\Program Files\\Juniper Networks\\Secure Application Manager\\dsSamProxy.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-01-01 28544] R1 NEOFLTR_600_13319;Juniper Networks TDI Filter Driver (NEOFLTR_600_13319);\??\c:\windows\system32\Drivers\NEOFLTR_600_13319.SYS [2008-06-24 64160] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-12-28 99376] S3 SavRoam;SAVRoam;"c:\program files\Symantec AntiVirus\SavRoam.exe" [2008-09-30 116664] . . ------- Supplementary Scan ------- . uStart Page = www.google.com/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 Trusted Zone: *.scripps.net Trusted Zone: vpn.scripps.org . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-01 13:32:31 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\h*NULL*a*NULL*u*NULL*s*NULL*a*NULL*u*NULL*f*NULL*g*NULL*a*NULL*b*NULL*e*NUL L*n*NULL*
  7. Thanks Tigger Here are those two logs: ComboFix 08-12-31.01 - Chrisb 2009-01-01 12:55:03.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2037.1418 [GMT -8:00] Running from: c:\documents and settings\Chrisb\Desktop\ComboFix.exe AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\IE4 Error Log.txt c:\windows\system32\x64 . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_PACKET -------\Service_seneka ((((((((((((((((((((((((( Files Created from 2008-12-01 to 2009-01-01 ))))))))))))))))))))))))))))))) . 2009-01-01 10:54 . 2009-01-01 10:54 <DIR> d-------- c:\program files\Trend Micro 2009-01-01 09:23 . 2009-01-01 09:23 <DIR> d-------- c:\program files\Panda Security 2009-01-01 09:23 . 2008-06-19 17:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys 2008-12-31 19:15 . 2009-01-01 10:51 <DIR> d-------- c:\program files\Enigma Software Group 2008-12-31 16:25 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll 2008-12-31 16:25 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui 2008-12-29 21:20 . 2008-10-16 12:38 6,066,176 --------- c:\windows\system32\dllcache\ieframe.dll 2008-12-29 21:20 . 2007-04-17 01:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat 2008-12-29 21:20 . 2007-03-07 21:10 991,232 --------- c:\windows\system32\dllcache\ieframe.dll.mui 2008-12-29 21:20 . 2008-10-16 12:38 459,264 --------- c:\windows\system32\dllcache\msfeeds.dll 2008-12-29 21:20 . 2008-10-16 12:38 383,488 --------- c:\windows\system32\dllcache\ieapfltr.dll 2008-12-29 21:20 . 2008-10-16 12:38 267,776 --------- c:\windows\system32\dllcache\iertutil.dll 2008-12-29 21:20 . 2008-10-16 12:38 63,488 --------- c:\windows\system32\dllcache\icardie.dll 2008-12-29 21:20 . 2008-10-16 12:38 52,224 --------- c:\windows\system32\dllcache\msfeedsbs.dll 2008-12-29 21:20 . 2008-10-16 05:11 13,824 --------- c:\windows\system32\dllcache\ieudinit.exe 2008-12-29 20:42 . 2008-12-29 20:42 <DIR> d-------- c:\windows\system32\scripting 2008-12-29 20:42 . 2008-12-29 20:42 <DIR> d-------- c:\windows\system32\en 2008-12-29 20:42 . 2008-12-29 20:42 <DIR> d-------- c:\windows\system32\bits 2008-12-29 20:42 . 2008-12-29 20:42 <DIR> d-------- c:\windows\l2schemas 2008-12-29 20:41 . 2008-12-29 20:41 <DIR> d-------- c:\windows\ServicePackFiles 2008-12-29 20:38 . 2008-12-29 20:38 <DIR> d-------- c:\windows\EHome 2008-12-29 20:07 . 2008-09-08 02:41 333,824 --------- c:\windows\system32\dllcache\srv.sys 2008-12-29 20:06 . 2008-08-14 02:11 2,189,184 --------- c:\windows\system32\dllcache\ntoskrnl.exe 2008-12-29 20:06 . 2008-08-14 02:09 2,145,280 --------- c:\windows\system32\dllcache\ntkrnlmp.exe 2008-12-29 20:06 . 2008-08-14 01:33 2,066,048 --------- c:\windows\system32\dllcache\ntkrnlpa.exe 2008-12-29 20:06 . 2008-08-14 01:33 2,023,936 --------- c:\windows\system32\dllcache\ntkrpamp.exe 2008-12-29 20:06 . 2008-09-15 04:12 1,846,400 --------- c:\windows\system32\dllcache\win32k.sys 2008-12-29 20:06 . 2008-04-11 11:04 691,712 --------- c:\windows\system32\dllcache\inetcomm.dll 2008-12-29 20:06 . 2008-10-24 03:21 455,296 --------- c:\windows\system32\dllcache\mrxsmb.sys 2008-12-29 20:06 . 2008-05-01 06:33 331,776 --------- c:\windows\system32\dllcache\msadce.dll 2008-12-29 20:05 . 2008-09-04 09:15 1,106,944 --------- c:\windows\system32\dllcache\msxml3.dll 2008-12-29 20:05 . 2008-10-15 08:34 337,408 --------- c:\windows\system32\dllcache\netapi32.dll 2008-12-29 19:26 . 2008-12-29 19:26 <DIR> d-------- C:\VundoFix Backups 2008-12-29 19:19 . 2008-12-29 19:19 410,984 --a------ c:\windows\system32\deploytk.dll 2008-12-29 19:19 . 2008-12-29 19:19 73,728 --a------ c:\windows\system32\javacpl.cpl 2008-12-28 17:32 . 2008-12-28 17:32 0 --a------ c:\windows\VPC32.INI 2008-12-28 16:58 . 2009-01-01 12:57 <DIR> d-------- c:\program files\Symantec AntiVirus 2008-12-28 16:58 . 2008-12-28 16:58 <DIR> d-------- c:\program files\Symantec 2008-12-28 16:58 . 2008-12-28 16:59 <DIR> d-------- c:\program files\Common Files\Symantec Shared 2008-12-28 16:58 . 2008-12-28 16:58 <DIR> d-------- c:\documents and settings\All Users\Application Data\Symantec 2008-12-28 16:58 . 2008-12-28 16:58 123,952 --a------ c:\windows\system32\drivers\SYMEVENT.SYS 2008-12-28 16:58 . 2008-12-28 16:58 60,800 --a------ c:\windows\system32\S32EVNT1.DLL 2008-12-28 16:58 . 2008-12-28 16:58 10,671 --a------ c:\windows\system32\drivers\SYMEVENT.CAT 2008-12-28 16:58 . 2008-12-28 16:58 805 --a------ c:\windows\system32\drivers\SYMEVENT.INF 2008-12-28 16:42 . 2008-12-28 16:42 <DIR> d-------- c:\program files\Lavasoft 2008-12-28 16:42 . 2008-12-28 16:42 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2008-12-28 16:42 . 2008-12-28 16:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2008-12-28 15:53 . 2008-12-29 19:33 <DIR> d-------- c:\program files\Windows Live Safety Center 2008-12-28 13:52 . 2008-12-31 21:10 <DIR> d-------- c:\program files\Spybot - Search & Destroy 2008-12-28 13:52 . 2008-12-28 13:52 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-12-28 13:41 . 2008-12-28 13:41 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2008-12-28 13:41 . 2008-12-28 13:41 <DIR> d-------- c:\documents and settings\Chrisb\Application Data\Malwarebytes 2008-12-28 13:41 . 2008-12-28 13:41 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-28 13:41 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-28 13:41 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2008-12-27 20:57 . 2008-12-27 20:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2008-12-27 20:56 . 2008-12-28 13:21 <DIR> d-------- c:\program files\SUPERAntiSpyware 2008-12-27 20:56 . 2008-12-28 13:21 <DIR> d-------- c:\documents and settings\Chrisb\Application Data\SUPERAntiSpyware.com . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-30 03:19 --------- d-----w c:\program files\Java 2008-12-29 00:41 238 ----a-w c:\program files\pecld.txt 2008-11-09 23:18 --------- d-----w c:\program files\Common Files\Adobe 2008-11-05 02:15 25,280 ----a-w c:\documents and settings\Chrisb\Application Data\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-03-11 202544] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-13 142104] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-13 162584] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-06-13 138008] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-29 136600] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920] "RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 1116920] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2007-09-17 124200] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-05-15 29744] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-03-11 202544] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-06-24 53096] "vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2008-09-30 125368] "RTHDCPL"="RTHDCPL.EXE" [2007-06-13 c:\windows\RTHDCPL.EXE] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-12 83360] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\CyberLink\\PowerDVD DX\\PowerDVD.exe"= "c:\\Program Files\\CyberLink\\PowerDVD DX\\PDVDDXSrv.exe"= "c:\\Program Files\\Juniper Networks\\Secure Application Manager\\dsSamProxy.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-01-01 28544] R1 NEOFLTR_600_13319;Juniper Networks TDI Filter Driver (NEOFLTR_600_13319);\??\c:\windows\system32\Drivers\NEOFLTR_600_13319.SYS [2008-06-24 64160] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-12-28 99376] S0 ndfvmc;ndfvmc;c:\windows\system32\drivers\zetz.sys [] S3 SavRoam;SAVRoam;"c:\program files\Symantec AntiVirus\SavRoam.exe" [2008-09-30 116664] *Newly Created Service* - PAVBOOT . Contents of the 'Scheduled Tasks' folder 2009-01-01 c:\windows\Tasks\xflurnwa.job - c:\windows\system32\rundll32.exe [2008-04-13 16:12] . - - - - ORPHANS REMOVED - - - - WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file) . ------- Supplementary Scan ------- . uStart Page = www.google.com/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 Trusted Zone: *.scripps.net Trusted Zone: vpn.scripps.org . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-01-01 12:57:34 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\h*NULL*a*NULL*u*NULL*s*NULL*a*NULL*u*NULL*f*NULL*g*NULL*a*NULL*b*NULL*e*NUL L*n*NULL*
  8. Hi Tigger I'm not really sure what you mean, my husband did give me an anti-spyware program. This is a brand new computer. Thanks
  9. Hi, Thanking you for any help you can provide. I have run several programs and cannot get rid of these two problems. I'm worried because I need to log on to my work VPN sometimes. I have read your introductory post and here are the logs that are requested. Thanks again for any help. Malwarebytes' Anti-Malware 1.31 Database version: 1572 Windows 5.1.2600 Service Pack 3 1/1/2009 9:04:16 AM mbam-log-2009-01-01 (09-04-16).txt Scan type: Quick Scan Objects scanned: 52566 Time elapsed: 2 minute(s), 8 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.BHO) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ******************************************************************************** *********** PANDA ANALYSIS: 2009-01-01 10:19:13 PROTECTIONS: 1 MALWARE: 3 SUSPECTS: 0 ;******************************************************************************* ******************************************************************************** * ******************* PROTECTIONS Description Version Active Updated ;=============================================================================== ================================================================================ = =================== Symantec Antivirus Corporate Edition 10.1 No Yes ;=============================================================================== ================================================================================ = =================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=============================================================================== ================================================================================ = =================== 00029434 spyware/virtumonde Spyware No 1 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} 00029434 spyware/virtumonde Spyware No 1 Yes No hkey_classes_root\clsid\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} 00519333 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Chrisb\Desktop\VirtumundoBeGone.exe 00519333 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\All Users\Documents\VirtumundoBeGone.exe 01895148 Malicious Packer SecRisk No 0 Yes No C:\RECYCLER\S-1-5-21-3280077785-104498234-1438945308-1006\Dc4\patch_and_keygen\keygen.exe ;=============================================================================== ================================================================================ = =================== SUSPECTS Sent Location O ;=============================================================================== ================================================================================ = =================== ;=============================================================================== ================================================================================ = =================== VULNERABILITIES Id Severity Description O ;=============================================================================== ================================================================================ = =================== ;=============================================================================== ================================================================================ = =================== Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:54:26 AM, on 1/1/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=1080515 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = partnerpage.google.com/smallbiz.dell.com/en_us?hl=en&client=dell-usuk&channel=us-smb&ibd=1080515 O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase6662.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1230700004218 O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://vpn.scripps.org/dana-cached/setup/J...perSetupSP1.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- End of file - 8087 bytes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.