Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

DrWatson Postmortem Debugger [resolved]


  • This topic is locked This topic is locked

#1
thatguy22

thatguy22

    Member

  • Member
  • PipPip
  • 30 posts
well im to the point where i wanna pull out my hair with this problem my yahoo messenger gets as fas as the smilely bouncing and it closes and says it has encountered an error and needs to close and soon after the drwatson error message comes up well this is my log..........

Logfile of HijackThis v1.99.1
Scan saved at 5:28:55 PM, on 3/14/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\devldr32.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ts2.us/fo...dex.php?act=idx
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://boxden.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 200.99.111.160:6588
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akama...meInstaller.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • 0

Advertisements


#2
Guest_thatman_*

Guest_thatman_*
  • Guest
Hi thatguy22

Welcomr to geekstogo ;)

Please run the following free, online virus scans.

http://housecall.tre.../start_corp.asp
http://www.pandasoft...n_principal.htm

Please post the logs From both virus scans and HJT.log we will need them to remove previous infections that have left files on your system.

Kc :tazz:
  • 0

#3
thatguy22

thatguy22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
not tryin to be difficult or anything but is the scanning with those online virus scanners i had a very bad experience with one of those a while and really messed up my computer.....
  • 0

#4
Guest_thatman_*

Guest_thatman_*
  • Guest
Hi thatguy22

I have used both programs and have not had any problems.

So I leave that up to you.

Kc :tazz:
  • 0

#5
thatguy22

thatguy22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
ok ill get on it.......
  • 0

#6
Guest_thatman_*

Guest_thatman_*
  • Guest
Hi thatguy22

Try the panda scan first

Kc :tazz:
  • 0

#7
thatguy22

thatguy22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
OK HERE IS THE RESULTS FROM TREND MICRO, SHOULD I CLICK NEXT FOR THE CLEANING OPTION......


Results:
We have detected 6 infected file(s) with 7 virus(es) on your computer.
Detected File Associated Virus Name
C:\Documents and Settings\CEO\Desktop\Appz\cr-wss30.zip
- start.exe TROJ_BRIDGE.A
C:\Documents and Settings\CEO\Desktop\Appz\lcdevc10.zip
- start.exe TROJ_BRIDGE.A
C:\HJT\backups\backup-20050311-201818-342.inf INF_DLOADER.A
C:\Program Files\PestPatrol\Quarantine\20040916011907733.zip
- WINDOWS\system32\bridge.dll TROJ_BRIDGE.A
C:\Program Files\PestPatrol\Quarantine\20040924193631017.zip
- Documents and Settings\CEO\Local Settings\Temporary Internet Files\Content.IE5\4XQRG1AJ\bdl14025[1].exe TROJ_REVOP.F
- WINDOWS\system32\bridge.dll TROJ_BRIDGE.A
C:\Program Files\PestPatrol\Quarantine\20041102112716204.zip
- WINDOWS\system32\bridge.dll TROJ_BRIDGE.A
  • 0

#8
thatguy22

thatguy22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
WELL I CLEAN THE ABOVE STUFF FROM MY COMPUTER

Results:
We have detected 6 infected file(s) with 7 virus(es) on your computer: - 0 virus(es) passed, 0 virus(es) no action available
- 0 virus(es) cleaned, 0 virus(es) uncleanable
- 7 virus(es) deleted, 0 virus(es) undeletable
- 0 virus(es) not found, 0 virus(es) unaccessible
Detected File Associated Virus Name Action taken
C:\Documents and Settings\CEO\Desktop\Appz\cr-wss30.zip
- start.exe TROJ_BRIDGE.A Deletion successful
C:\Documents and Settings\CEO\Desktop\Appz\lcdevc10.zip
- start.exe TROJ_BRIDGE.A Deletion successful
C:\HJT\backups\backup-20050311-201818-342.inf INF_DLOADER.A Deletion successful
C:\Program Files\PestPatrol\Quarantine\20040916011907733.zip
- WINDOWS\system32\bridge.dll TROJ_BRIDGE.A Deletion successful
C:\Program Files\PestPatrol\Quarantine\20040924193631017.zip
- Documents and Settings\CEO\Local Settings\Temporary Internet Files\Content.IE5\4XQRG1AJ\bdl14025[1].exe TROJ_REVOP.F Deletion successful
- WINDOWS\system32\bridge.dll TROJ_BRIDGE.A Deletion successful
C:\Program Files\PestPatrol\Quarantine\20041102112716204.zip
- WINDOWS\system32\bridge.dll TROJ_BRIDGE.A Deletion successful
  • 0

#9
Guest_thatman_*

Guest_thatman_*
  • Guest
Hi thatguy22

Post a new HJT.log, let me know how your pc in running

Kc :tazz:
  • 0

#10
thatguy22

thatguy22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Panda scan results


Incident Status Location

Adware:Adware/SaveNow No disinfected C:\Documents and Settings\CEO\Local Settings\Temp\is-9R9HF.tmp\WhenU\SaveInst.exe
Virus:Exploit/CodeBase.A Disinfected C:\install.htm
Adware:Adware/WeatherCast No disinfected C:\Program Files\PestPatrol\Quarantine\20040930042344874.zip[vvsn.exe]
Adware:Adware/TopRebates No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[djtopr1150.exe]
Adware:Adware/TopMoxie No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[README.txt]
Adware:Adware/TopRebates No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[webrebates1.exe]
Adware:Adware/TopRebates No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[webrebates0.exe]
Adware:Adware/TopRebates No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[disp1150.exe]
Adware:Adware/TopRebates No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[webrebates0.to_be_deleted]
Adware:Adware/TopRebates No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[webrebates1.to_be_deleted]
Spyware:Spyware/New.net No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[newdotnet3_88.dll]
Spyware:Spyware/New.net No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[uninstall3_88.exe]
Adware:Adware/QuickSearch No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[QuickSearchBar1_27.dll]
Spyware:Spyware/New.net No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[newdotnet3_88.to_be_deleted]
Spyware:Spyware/New.net No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[newdotnet3_88.to_be_deleted_x]
Spyware:Spyware/New.net No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[newdotnet3_88.to_be_deleted]
Adware:Adware/QuickSearch No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[QuickSearchBar1_27.to_be_deleted]
Adware:Adware/QuickSearch No disinfected C:\Program Files\PestPatrol\Quarantine\20041005161457405.zip[QuickSearchBar1_27.to_be_deleted_x]
Spyware:Spyware/BargainBuddy No disinfected C:\Program Files\PestPatrol\Quarantine\20050210192036.zip[cdt_bbi8016.exe]
Virus:Trj/Downloader.MR Disinfected C:\sextxsp.chm
  • 0

Advertisements


#11
thatguy22

thatguy22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
Logfile of HijackThis v1.99.1
Scan saved at 2:47:46 PM, on 3/15/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Failes\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Adobe\Acrobat 4.0\Reader\AcroRd32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ts2.us/fo...dex.php?act=idx
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://boxden.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 200.99.111.160:6588
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall-bet...all/xscan60.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoft.../as5/asinst.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
  • 0

#12
Guest_thatman_*

Guest_thatman_*
  • Guest
Hi thatguy22

Well that will keep you busy cleaning that little lot

Your HJT.log is still clean

When you have clean up that malware.

Rpost the freashh.logs again I will be on it in a flash

Kc :tazz:
  • 0

#13
thatguy22

thatguy22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
well did those two scan delete the infections or do i have to d/l another program to get rid of them
  • 0

#14
thatguy22

thatguy22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
bump.....
  • 0

#15
thatguy22

thatguy22

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts
just bring this back again....
  • 0






Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP