Jump to content

Unable to run any virus and Malware software

naggamuffin
 Share

Recommended Posts

naggamuffin

naggamuffin

Posted
Posted

Please help,

I have been trying to remove a virus from my pc for the last 2 days...I have a deadline I have to complete and is unable to do so...Please help...

I am getting error can't find mbam.exe when trying to run malwarebytes software. I was able to run spybot and it said it removed the virus but it did not...I am unable to open control panel or any other documents and files directly.

I did run combofix and here are the results:

ComboFix 09-10-26.03 - Connie 2009-10-27 11:23.4.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1082 [GMT -4:00]

Running from: c:\documents and settings\Connie\Desktop\ComboFix.exe

AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\kmd.exe

c:\program files\Shared

c:\windows\kb913800.exe

c:\windows\system32\dayahiba.dll

c:\windows\system32\gunosibi.dll.tmp

c:\windows\system32\kawokame.dll

c:\windows\system32\larayuka.dll

c:\windows\system32\luravufa.dll

c:\windows\system32\mepepora.dll

c:\windows\system32\mumonuwi.dll

c:\windows\system32\parahuri.dll

.

((((((((((((((((((((((((( Files Created from 2009-09-27 to 2009-10-27 )))))))))))))))))))))))))))))))

.

2009-10-27 13:47 . 2009-10-27 13:55 -------- d-----w- C:\Malwarebytes' Anti-Malware

2009-10-27 07:11 . 2009-10-27 07:11 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache

2009-10-08 03:27 . 2009-10-08 03:27 -------- d-----w- c:\program files\Family Toolbar

2009-10-02 00:51 . 2009-10-02 00:51 -------- d-----w- c:\program files\iPod

2009-10-02 00:51 . 2009-10-02 00:52 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

2009-10-02 00:48 . 2009-10-02 00:48 -------- d-----w- c:\program files\QuickTime

2009-10-02 00:41 . 2009-10-02 00:41 -------- d-----w- c:\documents and settings\Connie\Application Data\Amazon

2009-10-02 00:40 . 2009-10-02 00:40 -------- d-----w- c:\program files\Amazon

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-10-27 15:35 . 2006-11-15 14:10 -------- d-----w- c:\program files\Symantec AntiVirus

2009-10-27 15:08 . 2009-05-20 08:50 -------- d-----w- c:\documents and settings\Connie\Application Data\HPAppData

2009-10-27 14:09 . 2009-08-29 18:02 256 ----a-w- c:\windows\system32\pool.bin

2009-10-03 04:17 . 2009-03-02 16:08 952 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys

2009-10-02 00:57 . 2008-05-21 02:09 -------- d-----w- c:\documents and settings\Connie\Application Data\Apple Computer

2009-10-02 00:52 . 2009-03-14 12:28 -------- d-----w- c:\program files\iTunes

2009-10-02 00:51 . 2008-05-14 12:30 -------- d-----w- c:\program files\Common Files\Apple

2009-09-17 18:27 . 2009-08-29 17:42 -------- d-----w- c:\program files\Common Files\Research In Motion

2009-09-13 13:10 . 2009-09-13 13:10 -------- d-----w- c:\documents and settings\Andrew\Application Data\Research In Motion

2009-09-13 13:10 . 2009-09-13 13:10 -------- d-----w- c:\documents and settings\Andrew\Application Data\Malwarebytes

2009-09-13 13:09 . 2009-09-13 13:09 -------- d-----w- c:\documents and settings\Andrew\Application Data\InstallShield

2009-09-13 06:56 . 2008-02-09 13:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-09-13 06:56 . 2008-02-09 13:26 -------- d-----w- c:\program files\Spybot - Search & Destroy

2009-09-13 06:38 . 2009-09-13 06:31 -------- d-----w- c:\program files\PC MightyMax 2009

2009-09-13 06:34 . 2009-09-13 06:31 -------- d-----w- c:\documents and settings\Connie\Application Data\PCMM2009

2009-09-13 06:32 . 2009-09-13 06:32 -------- d-----w- c:\documents and settings\Connie\Application Data\licenses

2009-09-11 14:18 . 2006-08-30 03:21 136192 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-08 16:18 . 2009-09-03 16:51 -------- d-----w- c:\program files\Photodex

2009-09-08 13:18 . 2006-11-17 22:50 -------- d-----w- c:\documents and settings\Connie\Application Data\NetMedia Providers

2009-09-08 12:49 . 2007-10-23 23:36 -------- d-----w- c:\program files\Vstplugins

2009-09-08 12:49 . 2006-11-18 01:44 -------- d-----w- c:\program files\Sony Setup

2009-09-05 06:53 . 2009-09-05 06:53 -------- d-----w- c:\documents and settings\Connie\Application Data\InstallShield Installation Information

2009-09-05 06:53 . 2009-09-05 06:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Fellowes

2009-09-05 06:52 . 2009-09-05 06:52 -------- d-----w- c:\program files\Fellowes

2009-09-05 06:51 . 2009-09-05 06:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations

2009-09-04 21:03 . 2006-08-30 03:21 58880 ----a-w- c:\windows\system32\msasn1.dll

2009-09-03 18:07 . 2009-09-03 16:51 -------- d-----w- c:\documents and settings\Connie\Application Data\Photodex

2009-09-03 16:52 . 2007-10-29 22:36 -------- d-----w- c:\program files\Photodex Presenter

2009-08-29 18:22 . 2009-08-29 17:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Roxio

2009-08-29 18:20 . 2009-08-29 18:20 -------- d-----w- c:\documents and settings\LocalService\Application Data\Roxio

2009-08-29 18:20 . 2009-08-29 18:20 -------- d-----w- c:\documents and settings\Connie\Application Data\Roxio

2009-08-29 18:19 . 2009-08-29 18:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Research In Motion

2009-08-29 18:17 . 2009-08-29 18:02 -------- d-----w- c:\documents and settings\Connie\Application Data\Research In Motion

2009-08-29 18:03 . 2006-11-14 22:27 57128 -c--a-w- c:\documents and settings\Connie\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-08-29 17:56 . 2007-09-19 02:50 -------- d-----w- c:\documents and settings\Connie\Application Data\InstallShield

2009-08-29 17:56 . 2009-08-29 17:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Sonic

2009-08-29 17:54 . 2009-08-29 17:43 -------- d-----w- c:\program files\Common Files\Roxio Shared

2009-08-29 17:53 . 2009-08-29 17:53 -------- d-----w- c:\program files\Roxio

2009-08-29 17:53 . 2009-08-29 17:53 -------- d-----w- c:\program files\Common Files\Sonic Shared

2009-08-29 17:45 . 2006-08-30 05:40 -------- d-----w- c:\program files\Common Files\InstallShield

2009-08-29 17:44 . 2009-08-29 17:42 -------- d-----w- c:\program files\Research In Motion

2009-08-29 08:08 . 2006-08-30 03:22 916480 ----a-w- c:\windows\system32\wininet.dll

2009-08-26 08:00 . 2006-08-30 03:22 247326 ------w- c:\windows\system32\strmdll.dll

2009-08-20 19:09 . 2009-08-20 19:09 1193832 ----a-w- c:\windows\system32\FM20.DLL

2009-08-05 09:01 . 2006-08-30 03:21 204800 ------w- c:\windows\system32\mswebdvd.dll

2009-08-05 00:44 . 2006-08-30 03:21 2189184 ------w- c:\windows\system32\ntoskrnl.exe

2009-08-04 14:20 . 2004-08-03 22:59 2066048 ------w- c:\windows\system32\ntkrnlpa.exe

2009-08-04 13:23 . 2009-05-20 07:16 186376 ----a-w- c:\windows\hpwins23.dat

2009-07-27 07:12 . 2009-07-27 07:12 51200 --sha-w- c:\windows\system32\hisozega.dll

2009-07-27 07:11 . 2009-07-27 07:11 51200 --sha-w- c:\windows\system32\sipaneya.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}"= "c:\program files\Family Toolbar\tbhelper.dll" [2009-05-07 355840]

[HKEY_CLASSES_ROOT\clsid\{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}]

[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook.1]

[HKEY_CLASSES_ROOT\TypeLib\{1EA6B471-CAD2-419a-9539-0586EEFE2D09}]

[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]

2009-05-07 21:46 2642432 ----a-w- c:\program files\Family Toolbar\tbcore3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]

[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]

[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]

[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]

[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2008-02-04 65536]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-04 39408]

"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2008-10-24 206112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2008-02-04 64512]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2008-02-04 1694208]

"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2008-02-04 1121280]

"THotkey"="c:\program files\Toshiba\Toshiba Applet\thotkey.exe" [2008-02-04 356352]

"PadTouch"="c:\program files\TOSHIBA\Touch and Launch\PadExe.exe" [2008-02-04 1077322]

"Pinger"="c:\toshiba\ivp\ism\pinger.exe" [2008-02-04 151552]

"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-02-04 48800]

"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2008-02-04 85744]

"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2008-10-24 206112]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136]

"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2008-02-04 1121280]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2008-02-04 57344]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 144784]

"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2008-01-27 316728]

"Corel Photo Downloader"="c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2008-08-08 532808]

"Corel File Shell Monitor"="c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2008-08-08 16712]

"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]

"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]

"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-07-03 623960]

"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2009-04-11 236016]

"MediaFace Integration"="c:\program files\Fellowes\MediaFACE 5.0\SetHook.exe" [2009-02-02 53248]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-05-05 16206848]

"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\agrsmmsg.exe [2006-03-04 88204]

"TPSMain"="TPSMain.exe" - c:\windows\system32\TPSMain.exe [2005-06-01 282624]

"TFncKy"="TFncKy.exe" [bU]

"NDSTray.exe"="NDSTray.exe" [bU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-09-28 443968]

c:\documents and settings\Connie\Start Menu\Programs\Startup\

Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-8-30 385024]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-8-9 113664]

Desktop Manager.lnk - c:\program files\Research In Motion\BlackBerry\DesktopMgr.exe [2009-7-3 1717592]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

RAMASST.lnk - c:\windows\system32\RAMASST.exe [2006-8-30 155648]

WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2006-11-15 106560]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"iPod Service"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\{FA0F0A01-4631-4161-A6C2-948BF694382E}\\setup\\hpznui01.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\iPod\\bin\\iPodService.exe"=

R2 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [2005-12-21 169200]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-08-29 102448]

--- Other Services/Drivers In Memory ---

*Deregistered* - mbr

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

2009-06-17 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.verizon.net/central/appmanager/portal/vzcentral#Scene_1

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

mStart Page = hxxp://search.myheritage.com

uInternet Connection Wizard,ShellNext = hxxp://www.toshibadirect.com/dpdstart

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000

IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm

IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm

IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm

DPF: Web-Based Email Tools - hxxps://email.secureserver.net/Download.CAB

.

- - - - ORPHANS REMOVED - - - -

HKLM-Run-Malwarebytes Anti-Malware (reboot) - c:\program files\Malwarebytes' Anti-Malware\mbam.exe

AddRemove-_{707EB912-C597-49D8-9460-46CC9AB03EBE} - c:\program files\Corel\Corel Painter Photo Essentials 4\MSILauncher {707EB912-C597-49D8-9460-46CC9AB03EBE}

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-10-27 11:37

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(608)

c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(464)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\TPwrCfg.DLL

c:\windows\system32\TPwrReg.dll

c:\windows\system32\TPSTrace.DLL

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe

c:\program files\Common Files\Symantec Shared\ccSetMgr.exe

c:\program files\Common Files\Symantec Shared\SNDSrvc.exe

c:\program files\Lavasoft\Ad-Aware\aawservice.exe

c:\windows\system32\Ati2evxx.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe

c:\program files\Symantec AntiVirus\DefWatch.exe

c:\windows\system32\DVDRAMSV.exe

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Microsoft LifeCam\MSCamS32.exe

c:\program files\Common Files\Protexis\License Service\PsiService_2.exe

c:\combofix\CF23907.exe

c:\program files\TOSHIBA\ConfigFree\NDSTray.exe

c:\windows\system32\TPSBattM.exe

c:\program files\Symantec AntiVirus\Rtvscan.exe

c:\program files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

c:\windows\ehome\mcrdsvc.exe

c:\program files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe

c:\program files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe

c:\windows\system32\dllhost.exe

c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

c:\windows\eHome\ehmsas.exe

c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe

c:\program files\HP\Digital Imaging\bin\hpqbam08.exe

c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe

c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

c:\program files\Java\jre1.6.0_04\bin\jucheck.exe

c:\combofix\PEV.cfxxe

.

**************************************************************************

.

Completion time: 2009-10-27 11:47 - machine was rebooted

ComboFix-quarantined-files.txt 2009-10-27 15:47

ComboFix2.txt 2008-02-08 21:44

Pre-Run: 18,167,787,520 bytes free

Post-Run: 18,037,497,856 bytes free

- - End Of File - - 7B86A7C78F1233E09A6A697D2F86576B

Please Help

Naggamuffin

Link to post
Share on other sites
naggamuffin

naggamuffin

Posted
  • Author
Posted
Please help,

I have been trying to remove a virus from my pc for the last 2 days...I have a deadline I have to complete and is unable to do so...Please help...

I am getting error can't find mbam.exe when trying to run malwarebytes software. I was able to run spybot and it said it removed the virus but it did not...I am unable to open control panel or any other documents and files directly.

I did run combofix and here are the results:

ComboFix 09-10-26.03 - Connie 2009-10-27 11:23.4.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1082 [GMT -4:00]

Running from: c:\documents and settings\Connie\Desktop\ComboFix.exe

AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\kmd.exe

c:\program files\Shared

c:\windows\kb913800.exe

c:\windows\system32\dayahiba.dll

c:\windows\system32\gunosibi.dll.tmp

c:\windows\system32\kawokame.dll

c:\windows\system32\larayuka.dll

c:\windows\system32\luravufa.dll

c:\windows\system32\mepepora.dll

c:\windows\system32\mumonuwi.dll

c:\windows\system32\parahuri.dll

.

((((((((((((((((((((((((( Files Created from 2009-09-27 to 2009-10-27 )))))))))))))))))))))))))))))))

.

2009-10-27 13:47 . 2009-10-27 13:55 -------- d-----w- C:\Malwarebytes' Anti-Malware

2009-10-27 07:11 . 2009-10-27 07:11 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache

2009-10-08 03:27 . 2009-10-08 03:27 -------- d-----w- c:\program files\Family Toolbar

2009-10-02 00:51 . 2009-10-02 00:51 -------- d-----w- c:\program files\iPod

2009-10-02 00:51 . 2009-10-02 00:52 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

2009-10-02 00:48 . 2009-10-02 00:48 -------- d-----w- c:\program files\QuickTime

2009-10-02 00:41 . 2009-10-02 00:41 -------- d-----w- c:\documents and settings\Connie\Application Data\Amazon

2009-10-02 00:40 . 2009-10-02 00:40 -------- d-----w- c:\program files\Amazon

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-10-27 15:35 . 2006-11-15 14:10 -------- d-----w- c:\program files\Symantec AntiVirus

2009-10-27 15:08 . 2009-05-20 08:50 -------- d-----w- c:\documents and settings\Connie\Application Data\HPAppData

2009-10-27 14:09 . 2009-08-29 18:02 256 ----a-w- c:\windows\system32\pool.bin

2009-10-03 04:17 . 2009-03-02 16:08 952 --sha-w- c:\documents and settings\All Users\Application Data\KGyGaAvL.sys

2009-10-02 00:57 . 2008-05-21 02:09 -------- d-----w- c:\documents and settings\Connie\Application Data\Apple Computer

2009-10-02 00:52 . 2009-03-14 12:28 -------- d-----w- c:\program files\iTunes

2009-10-02 00:51 . 2008-05-14 12:30 -------- d-----w- c:\program files\Common Files\Apple

2009-09-17 18:27 . 2009-08-29 17:42 -------- d-----w- c:\program files\Common Files\Research In Motion

2009-09-13 13:10 . 2009-09-13 13:10 -------- d-----w- c:\documents and settings\Andrew\Application Data\Research In Motion

2009-09-13 13:10 . 2009-09-13 13:10 -------- d-----w- c:\documents and settings\Andrew\Application Data\Malwarebytes

2009-09-13 13:09 . 2009-09-13 13:09 -------- d-----w- c:\documents and settings\Andrew\Application Data\InstallShield

2009-09-13 06:56 . 2008-02-09 13:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-09-13 06:56 . 2008-02-09 13:26 -------- d-----w- c:\program files\Spybot - Search & Destroy

2009-09-13 06:38 . 2009-09-13 06:31 -------- d-----w- c:\program files\PC MightyMax 2009

2009-09-13 06:34 . 2009-09-13 06:31 -------- d-----w- c:\documents and settings\Connie\Application Data\PCMM2009

2009-09-13 06:32 . 2009-09-13 06:32 -------- d-----w- c:\documents and settings\Connie\Application Data\licenses

2009-09-11 14:18 . 2006-08-30 03:21 136192 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-08 16:18 . 2009-09-03 16:51 -------- d-----w- c:\program files\Photodex

2009-09-08 13:18 . 2006-11-17 22:50 -------- d-----w- c:\documents and settings\Connie\Application Data\NetMedia Providers

2009-09-08 12:49 . 2007-10-23 23:36 -------- d-----w- c:\program files\Vstplugins

2009-09-08 12:49 . 2006-11-18 01:44 -------- d-----w- c:\program files\Sony Setup

2009-09-05 06:53 . 2009-09-05 06:53 -------- d-----w- c:\documents and settings\Connie\Application Data\InstallShield Installation Information

2009-09-05 06:53 . 2009-09-05 06:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Fellowes

2009-09-05 06:52 . 2009-09-05 06:52 -------- d-----w- c:\program files\Fellowes

2009-09-05 06:51 . 2009-09-05 06:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations

2009-09-04 21:03 . 2006-08-30 03:21 58880 ----a-w- c:\windows\system32\msasn1.dll

2009-09-03 18:07 . 2009-09-03 16:51 -------- d-----w- c:\documents and settings\Connie\Application Data\Photodex

2009-09-03 16:52 . 2007-10-29 22:36 -------- d-----w- c:\program files\Photodex Presenter

2009-08-29 18:22 . 2009-08-29 17:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Roxio

2009-08-29 18:20 . 2009-08-29 18:20 -------- d-----w- c:\documents and settings\LocalService\Application Data\Roxio

2009-08-29 18:20 . 2009-08-29 18:20 -------- d-----w- c:\documents and settings\Connie\Application Data\Roxio

2009-08-29 18:19 . 2009-08-29 18:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Research In Motion

2009-08-29 18:17 . 2009-08-29 18:02 -------- d-----w- c:\documents and settings\Connie\Application Data\Research In Motion

2009-08-29 18:03 . 2006-11-14 22:27 57128 -c--a-w- c:\documents and settings\Connie\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

2009-08-29 17:56 . 2007-09-19 02:50 -------- d-----w- c:\documents and settings\Connie\Application Data\InstallShield

2009-08-29 17:56 . 2009-08-29 17:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Sonic

2009-08-29 17:54 . 2009-08-29 17:43 -------- d-----w- c:\program files\Common Files\Roxio Shared

2009-08-29 17:53 . 2009-08-29 17:53 -------- d-----w- c:\program files\Roxio

2009-08-29 17:53 . 2009-08-29 17:53 -------- d-----w- c:\program files\Common Files\Sonic Shared

2009-08-29 17:45 . 2006-08-30 05:40 -------- d-----w- c:\program files\Common Files\InstallShield

2009-08-29 17:44 . 2009-08-29 17:42 -------- d-----w- c:\program files\Research In Motion

2009-08-29 08:08 . 2006-08-30 03:22 916480 ----a-w- c:\windows\system32\wininet.dll

2009-08-26 08:00 . 2006-08-30 03:22 247326 ------w- c:\windows\system32\strmdll.dll

2009-08-20 19:09 . 2009-08-20 19:09 1193832 ----a-w- c:\windows\system32\FM20.DLL

2009-08-05 09:01 . 2006-08-30 03:21 204800 ------w- c:\windows\system32\mswebdvd.dll

2009-08-05 00:44 . 2006-08-30 03:21 2189184 ------w- c:\windows\system32\ntoskrnl.exe

2009-08-04 14:20 . 2004-08-03 22:59 2066048 ------w- c:\windows\system32\ntkrnlpa.exe

2009-08-04 13:23 . 2009-05-20 07:16 186376 ----a-w- c:\windows\hpwins23.dat

2009-07-27 07:12 . 2009-07-27 07:12 51200 --sha-w- c:\windows\system32\hisozega.dll

2009-07-27 07:11 . 2009-07-27 07:11 51200 --sha-w- c:\windows\system32\sipaneya.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}"= "c:\program files\Family Toolbar\tbhelper.dll" [2009-05-07 355840]

[HKEY_CLASSES_ROOT\clsid\{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}]

[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook.1]

[HKEY_CLASSES_ROOT\TypeLib\{1EA6B471-CAD2-419a-9539-0586EEFE2D09}]

[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]

2009-05-07 21:46 2642432 ----a-w- c:\program files\Family Toolbar\tbcore3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]

[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]

[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]

[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]

[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]

[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2008-02-04 65536]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-04 39408]

"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2008-10-24 206112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2008-02-04 64512]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2008-02-04 1694208]

"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2008-02-04 1121280]

"THotkey"="c:\program files\Toshiba\Toshiba Applet\thotkey.exe" [2008-02-04 356352]

"PadTouch"="c:\program files\TOSHIBA\Touch and Launch\PadExe.exe" [2008-02-04 1077322]

"Pinger"="c:\toshiba\ivp\ism\pinger.exe" [2008-02-04 151552]

"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-02-04 48800]

"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2008-02-04 85744]

"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2008-10-24 206112]

"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136]

"MSKDetectorExe"="c:\program files\McAfee\SpamKiller\MSKDetct.exe" [2008-02-04 1121280]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2008-02-04 57344]

"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 144784]

"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2008-01-27 316728]

"Corel Photo Downloader"="c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2008-08-08 532808]

"Corel File Shell Monitor"="c:\program files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2008-08-08 16712]

"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]

"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]

"BlackBerryAutoUpdate"="c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-07-03 623960]

"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2009-04-11 236016]

"MediaFace Integration"="c:\program files\Fellowes\MediaFACE 5.0\SetHook.exe" [2009-02-02 53248]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440]

"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-05-05 16206848]

"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\agrsmmsg.exe [2006-03-04 88204]

"TPSMain"="TPSMain.exe" - c:\windows\system32\TPSMain.exe [2005-06-01 282624]

"TFncKy"="TFncKy.exe" [bU]

"NDSTray.exe"="NDSTray.exe" [bU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-09-28 443968]

c:\documents and settings\Connie\Start Menu\Programs\Startup\

Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2008-8-30 385024]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Adobe Gamma Loader.exe.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-8-9 113664]

Desktop Manager.lnk - c:\program files\Research In Motion\BlackBerry\DesktopMgr.exe [2009-7-3 1717592]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

RAMASST.lnk - c:\windows\system32\RAMASST.exe [2006-8-30 155648]

WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2006-11-15 106560]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"iPod Service"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=

"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\{FA0F0A01-4631-4161-A6C2-948BF694382E}\\setup\\hpznui01.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\iPod\\bin\\iPodService.exe"=

R2 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [2005-12-21 169200]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-08-29 102448]

--- Other Services/Drivers In Memory ---

*Deregistered* - mbr

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HPService REG_MULTI_SZ HPSLPSVC

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

2009-06-17 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.verizon.net/central/appmanager/portal/vzcentral#Scene_1

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

mStart Page = hxxp://search.myheritage.com

uInternet Connection Wizard,ShellNext = hxxp://www.toshibadirect.com/dpdstart

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000

IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm

IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm

IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm

DPF: Web-Based Email Tools - hxxps://email.secureserver.net/Download.CAB

.

- - - - ORPHANS REMOVED - - - -

HKLM-Run-Malwarebytes Anti-Malware (reboot) - c:\program files\Malwarebytes' Anti-Malware\mbam.exe

AddRemove-_{707EB912-C597-49D8-9460-46CC9AB03EBE} - c:\program files\Corel\Corel Painter Photo Essentials 4\MSILauncher {707EB912-C597-49D8-9460-46CC9AB03EBE}

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-10-27 11:37

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(608)

c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(464)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\TPwrCfg.DLL

c:\windows\system32\TPwrReg.dll

c:\windows\system32\TPSTrace.DLL

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe

c:\program files\Common Files\Symantec Shared\ccSetMgr.exe

c:\program files\Common Files\Symantec Shared\SNDSrvc.exe

c:\program files\Lavasoft\Ad-Aware\aawservice.exe

c:\windows\system32\Ati2evxx.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe

c:\program files\Symantec AntiVirus\DefWatch.exe

c:\windows\system32\DVDRAMSV.exe

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Microsoft LifeCam\MSCamS32.exe

c:\program files\Common Files\Protexis\License Service\PsiService_2.exe

c:\combofix\CF23907.exe

c:\program files\TOSHIBA\ConfigFree\NDSTray.exe

c:\windows\system32\TPSBattM.exe

c:\program files\Symantec AntiVirus\Rtvscan.exe

c:\program files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

c:\windows\ehome\mcrdsvc.exe

c:\program files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe

c:\program files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe

c:\windows\system32\dllhost.exe

c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

c:\program files\iPod\bin\iPodService.exe

c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

c:\windows\eHome\ehmsas.exe

c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe

c:\program files\HP\Digital Imaging\bin\hpqbam08.exe

c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe

c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

c:\program files\Java\jre1.6.0_04\bin\jucheck.exe

c:\combofix\PEV.cfxxe

.

**************************************************************************

.

Completion time: 2009-10-27 11:47 - machine was rebooted

ComboFix-quarantined-files.txt 2009-10-27 15:47

ComboFix2.txt 2008-02-08 21:44

Pre-Run: 18,167,787,520 bytes free

Post-Run: 18,037,497,856 bytes free

- - End Of File - - 7B86A7C78F1233E09A6A697D2F86576B

Please Help

Naggamuffin

Here is my hijackthis file:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:53, on 2009-10-27

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\acs.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program Files\Symantec AntiVirus\DefWatch.exe

C:\WINDOWS\system32\DVDRAMSV.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Microsoft LifeCam\MSCamS32.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe

C:\WINDOWS\system32\TPSMain.exe

C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe

C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\PROGRA~1\SYMANT~1\VPTray.exe

C:\WINDOWS\system32\TPSBattM.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe

C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe

C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe

C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

C:\WINDOWS\vVX1000.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe

C:\Program Files\Symantec AntiVirus\SavRoam.exe

C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe

C:\Program Files\QuickTime\QTTask.exe

C:\WINDOWS\system32\svchost.exe

c:\TOSHIBA\IVP\swupdate\swupdtmr.exe

C:\Program Files\Symantec AntiVirus\Rtvscan.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\WINDOWS\system32\RAMASST.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe

C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

C:\WINDOWS\explorer.exe

C:\Program Files\internet explorer\iexplore.exe

C:\Program Files\internet explorer\iexplore.exe

C:\Program Files\internet explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.verizon.net/central/appmanager/...central#Scene_1

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.toshibadirect.com/dpdstart

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

R3 - URLSearchHook: MHURLSearchHook Class - {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - C:\Program Files\Family Toolbar\tbhelper.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: MHTBPos00 - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files\Family Toolbar\tbcore3.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: Family Toolbar - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files\Family Toolbar\tbcore3.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe

O4 - HKLM\..\Run: [TPSMain] TPSMain.exe

O4 - HKLM\..\Run: [TFncKy] TFncKy.exe

O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe

O4 - HKLM\..\Run: [iSUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"

O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot

O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup

O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"

O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [blackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 5.0\SetHook.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')

O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Desktop Manager.lnk = C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm

O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.toshibadirect.com/dpdstart

O16 - DPF: Web-Based Email Tools - https://email.secureserver.net/Download.CAB

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab

O16 - DPF: {25365FF3-2746-4230-9DA7-163CCA318309} (Automatic Driver Installation Control) - http://inst.c-wss.com/n020p/EN/install/gtdownlr.cab

O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.0.6.5.cab

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.costcophotocenter.com/CostcoActivia.cab

O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} - http://apps.corel.com/nos_dl_manager_dev/p...IEGetPlugin.ocx

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.3.7.cab

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase5483.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1206285055515

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab

O16 - DPF: {CB50428B-657F-47DF-9B32-671F82AA73F7} (Photodex Presenter AX control) - http://www.photodex.com/pxplay.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.photobiz.com/controlpanel/uploa...geUploader4.cab

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe

O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe

O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe

--

End of file - 18451 bytes

Link to post
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept