Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

DrWatsons Problem


  • Please log in to reply

#106
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
The script did not recognize the services listed below.
This does not mean that they are a problem.

To copy the entire contents of this document for posting:
At the top of this window click "Edit" then "Select All"
Next click "Edit" again then "Copy"
Now right click in the forum post box then click "Paste"

########################################

ServiceFilter 1.1
by rand1038

Microsoft Windows XP Professional
Version: 5.1.2600 Service Pack 2
Apr 9, 2005 3:51:40 AM


===> Begin Service Listing <===

Unknown Service #1
Service Name: DefWatch
Display Name: Symantec AntiVirus Definition Watcher
Start Mode: Auto
Start Name: LocalSystem
Description: Monitors and maintains virus ...
Service Type: Own Process
Path: "c:\program files\symantec client security\symantec antivirus\defwatch.exe"
State: Running
Process ID: 1572
Started: True
Exit Code: 0
Accept Pause: False
Accept Stop: True

Unknown Service # 2
Service Name: ewido security suite control
Display Name: ewido security suite control
Start Mode: Auto
Start Name: LocalSystem
Description: ...
Service Type: Own Process
Path: c:\program files\ewido\security suite\ewidoctrl.exe
State: Running
Process ID: 1624
Started: True
Exit Code: 0
Accept Pause: False
Accept Stop: True

Unknown Service # 3
Service Name: ewido security suite guard
Display Name: ewido security suite guard
Start Mode: Auto
Start Name: LocalSystem
Description: ...
Service Type: Own Process
Path: c:\program files\ewido\security suite\ewidoguard.exe
State: Running
Process ID: 3588
Started: True
Exit Code: 0
Accept Pause: False
Accept Stop: True

Unknown Service # 4
Service Name: SavRoam
Display Name: SAVRoam
Start Mode: Manual
Start Name: LocalSystem
Description: Symantec AntiVirus Roaming ...
Service Type: Own Process
Path: "c:\program files\symantec client security\symantec antivirus\savroam.exe"
State: Stopped
Process ID: 0
Started: False
Exit Code: 1077
Accept Pause: False
Accept Stop: False

Unknown Service #5
Service Name: SwPrv
Display Name: MS Software Shadow Copy Provider
Start Mode: Manual
Start Name: LocalSystem
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this ...
Service Type: Own Process
Path: c:\windows\system32\dllhost.exe /processid:{02786f07-c235-40bf-984e-318673bad088}
State: Stopped
Process ID: 0
Started: False
Exit Code: 1077
Accept Pause: False
Accept Stop: False

Unknown Service # 6
Service Name: Symantec AntiVirus
Display Name: Symantec AntiVirus
Start Mode: Auto
Start Name: LocalSystem
Description: Provides real-time virus scanning, reporting, and management functionality for Symantec ...
Service Type: Own Process
Path: "c:\program files\symantec client security\symantec antivirus\rtvscan.exe"
State: Stopped
Process ID: 0
Started: False
Exit Code: 1067
Accept Pause: False
Accept Stop: False

Unknown Service # 7
Service Name: SymSecurePort
Display Name: Symantec SecurePort
Start Mode: Auto
Start Name: LocalSystem
Description: Symantec SecurePort ...
Service Type: Own Process
Path: "c:\program files\symantec client security\symantec client firewall\symsport.exe"
State: Running
Process ID: 628
Started: True
Exit Code: 0
Accept Pause: False
Accept Stop: True

---> End Service Listing <---

There are 92 Win32 services on this machine.
7 were unrecognized.

Script Execution Time: 3.09375 seconds.
  • 0

Advertisements


#107
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
*Double-click on Killbox.exe to start the program.
*In the killbox program, select the Delete on Reboot option.
*In the field labeled Full Path of File to Delete enter the items listed below:

C:\WINDOWS\inf\unregmp2.exe

Press the button that looks like a red circle with a white X in it after each one. When it asks if you would like to delete on reboot, press the YES button, when it asks if you want to reboot now, press the NO button.

Then I need you to go to Start > Run - type in:

regedit

Click OK.

Navigate to this key - DELETE IT (just the item in bold - kb837272)
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\kb837272

Exit regedit and reboot your computer!
  • 0

#108
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
kb837272 is not in that folder... i can delete that folder but i dont see that file anywhere
  • 0

#109
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Go ahead and restart your computer so that killbox kills that file, then shut your computer down.

I think that's all I'm going to be able to do tonight - I'm worn out! :tazz:

Try to stay off the Internet and keep your computer shutdown as much as possible because the stuff you have in your system makes it extremely accessible to hackers. Personally, I wouldn't log-in to any accounts, use credit cards, or anything else like that.

I'll be on in the morning.
  • 0

#110
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
ok cya then
  • 0

#111
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Good news is you may not have a rootkit! The driver I saw could have been used by Trojan Hunter, but it had the same name and location as the rootkit (whew!)

Now, we have to try to find the troublemakers.

On line scans:

http://security.syma...com/default.asp?
http://housecall.trendmicro.com/
http://www.ravantivirus.com/scan/
http://www3.ca.com/virusinfo/
http://www.bitdefend...can/licence.php
http://www.commandon.../eval/index.cfm
http://www.freedom.n...viruscheck.html
http://info.ahnlab.com/english/
http://www.pcpitstop...tiVirusCntr.asp

You don't have to do all of them (right now anyway!), but hopefully at least a couple of these will locate any hidden malware!

Post any results you get from the online scans you perform.
  • 0

#112
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
Ran Bitdefender and the symantec one, both came up clean so far im about to start the ahnlab one
  • 0

#113
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
ahn came up clean too
  • 0

#114
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
Ok, let's make sure that you don't have a rootkit.

Download RootKitRevealer, (link to download at the bottom of that page) unzip it and run it. Then post the results here. (It may act like it's freezing up, but it is actually working, just let it do it).
  • 0

#115
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
SOFTWARE 0 bytes Error dumping hive: Insufficient system resources exist to complete the requested service.
  • 0

Advertisements


#116
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
Not sure if its related but my sound has gone now too, it says the driver is working properly, and the only warning i can get is through winamp: Bad DirectSound Driver. Please install proper drivers or select another device in configuration Error code: 88780078,
sorry for going off topic
  • 0

#117
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
hmmm, ok, I'm going to have to think about our next course of action...

Michelle :tazz:
  • 0

#118
neon

neon

    New Member

  • Member
  • Pip
  • 3 posts
Hi, I was told that I may have the DrWatsons Problem on my computer. :tazz:

I was reading through on how you were helping all these people and was wondering if you might be able to help me. I really am clueless as to how most of the stuff in this topic are working, but I can download things if need be.

Thank you for taking the time out to read this.
  • 0

#119
Pantrwrstl

Pantrwrstl

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 172 posts
would it hurt to reinstall windows ??
  • 0

#120
Michelle

Michelle

    Malware Removal Goddess

  • Retired Staff
  • 8,928 posts
A re-format and clean install of XP would not hurt at all. It would certainly take care of your problems! But, that is completely up to you because we can keep going to try to find out what's causing the problems. Let me know what you decide to do so I know whether or not I still need to work on cleaning your system.

Michelle :tazz:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP