Infected with malware Antivirus 2009

Discussion in 'Windows - Virus and spyware problems' started by whiteshoe, Dec 7, 2008.

  1. whiteshoe

    whiteshoe Member

    Joined:
    Aug 12, 2008
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    11
    My son's computer is infected with the malware "Antivirus 2009". I've read other posts and it seems that each needs to submit their own thread, so here's mine. Thank you in advance for you help!

    I had him install mbam and it's running now and I'll post the log when it's finished. Will you please advise if there's a different course of action to take first, and/or what to do next?
     
    whiteshoe, Dec 7, 2008
    #1
  2. whiteshoe

    whiteshoe Member

    Joined:
    Aug 12, 2008
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    11
    Here's the mbam log:

    mbam-log-2008-12-06 (19-15-49).txt

    Malwarebytes' Anti-Malware 1.31
    Database version: 1470
    Windows 5.1.2600 Service Pack 2

    12/6/2008 7:15:49 PM
    mbam-log-2008-12-06 (19-15-49).txt

    Scan type: Full Scan (C:\|)
    Objects scanned: 93329
    Time elapsed: 1 hour(s), 17 minute(s), 59 second(s)

    Memory Processes Infected: 1
    Memory Modules Infected: 4
    Registry Keys Infected: 42
    Registry Values Infected: 6
    Registry Data Items Infected: 3
    Folders Infected: 3
    Files Infected: 16

    Memory Processes Infected:
    C:\Program Files\GetModule\GetModule31.exe (Trojan.Agent) -> Unloaded process successfully.

    Memory Modules Infected:
    C:\WINDOWS\system32\isddhlco.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\ljJYRLEU.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\geBrsQih.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\bsooxo.dll (Trojan.Vundo) -> Delete on reboot.

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4d534398-600b-4eb1-9c42-ae9bd6a2d51c} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{4d534398-600b-4eb1-9c42-ae9bd6a2d51c} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gebrsqih (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f71b506a-62cc-4e53-b77a-65d67f4c41f8} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{f71b506a-62cc-4e53-b77a-65d67f4c41f8} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f71b506a-62cc-4e53-b77a-65d67f4c41f8} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4d534398-600b-4eb1-9c42-ae9bd6a2d51c} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\wallpaper.wallpapermanager (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\wallpaper.wallpapermanager.1 (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{85e06077-c824-43d0-a8dc-5efb17bc348a} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{29c5a3b6-9a8d-4fa0-b5ad-3e20f4aa5c00} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{5937cd7f-1c0b-41e1-9075-60ebdf3c7d34} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f919fbd3-a96b-4679-af26-f551439bb5fd} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{29c5a3b6-9a8d-4fa0-b5ad-3e20f4aa5c00} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d3b4c621-6024-410b-9f0f-22cbd6981f5e} (Rogue.Multiple) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{288c5f13-7e52-4ada-a32e-f5bf9d125f99} (Trojan.Downloader) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{99410cde-6f16-42ce-9d49-3807f78f0287} (Adware.180Solutions) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8109fd3d-d891-4f80-8339-50a4913ace6f} (Adware.Zango) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\icheck (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\GetModule (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_FOPF (Rogue.AVSystemShield) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Security Tools (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Messenger Service (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video ActiveX Solution (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3060efa9 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{29c5a3b6-9a8d-4fa0-b5ad-3e20f4aa5c00} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{29c5a3b6-9a8d-4fa0-b5ad-3e20f4aa5c00} (Trojan.Zlob) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\getmodule31 (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\user32.dll (Trojan.Zlob) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\ljjyrleu -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\ljjyrleu -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Trojan.Agent) -> Data: digeste.dll -> Quarantined and deleted successfully.

    Folders Infected:
    C:\Program Files\iCheck (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\GetModule (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Kathy Cluff\Application Data\GetModule (Trojan.Agent) -> Quarantined and deleted successfully.

    Files Infected:
    C:\WINDOWS\system32\ljJYRLEU.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\UELRYJjl.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\UELRYJjl.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\geBrsQih.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\bsooxo.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\isddhlco.dll (Trojan.Vundo.H) -> Delete on reboot.
    C:\WINDOWS\system32\oclhddsi.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Kathy Cluff\Local Settings\Temporary Internet Files\Content.IE5\0VAS6JH4\zc113432[1] (Trojan.Vundo.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Kathy Cluff\Local Settings\Temporary Internet Files\Content.IE5\0VAS6JH4\mslog[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Kathy Cluff\Local Settings\Temporary Internet Files\Content.IE5\H3RFL7ZY\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\twyiypkx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Program Files\iCheck\Uninstall.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Program Files\GetModule\GetModule31.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\wpv801228549770.cpx (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\digeste.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Kathy Cluff\Favorites\Online Security Test.url (Rogue.Link) -> Quarantined and deleted successfully.
     
    whiteshoe, Dec 7, 2008
    #2
  3. whiteshoe

    whiteshoe Member

    Joined:
    Aug 12, 2008
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    11
    And here's the log from HijackThis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:00:29 PM, on 12/6/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Support.com\bin\tgcmd.exe
    C:\Program Files\Java\j2re1.4.2_15\bin\jusched.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Symantec AntiVirus\SavRoam.exe
    C:\PROGRA~1\SYMANT~1\VPTray.exe
    C:\Program Files\Java\j2re1.4.2_15\bin\jucheck.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lds.org/ldsorg/v/index.jsp?vgnextoid=e419fb40e21cef00VgnVCM1000001f5e340aRCRD
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\j2re1.4.2_15\bin\jusched.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKLM\..\Policies\Explorer\Run: [rare] C:\Program Files\Video ActiveX Access\imsmain.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_15\bin\npjpi142_15.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_15\bin\npjpi142_15.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab
    O20 - AppInit_DLLs: bsooxo.dll
    O22 - SharedTaskScheduler: exultet - {4f5f16ef-af9d-4fe6-8410-f0670b58979d} - C:\WINDOWS\system32\gusur.dll (file missing)
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O24 - Desktop Component 0: (no name) - http://images.google.com/images?q=t...synet.co.uk/~iany/patterns/images/cheetah.jpg
    O24 - Desktop Component 1: (no name) - http://images.google.com/images?q=t...oo.org/animalbytes/images/cheetah_running.jpg

    --
    End of file - 7385 bytes
     
    whiteshoe, Dec 7, 2008
    #3
  4. whiteshoe

    whiteshoe Member

    Joined:
    Aug 12, 2008
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    11
    I haven't received any response to this. Have I done something incorrectly?
     
    whiteshoe, Dec 17, 2008
    #4

Share This Page