Thread: Spam emails being automatically sent
View Single Post
Old 12-06-2007, 04:24 PM   #4 (permalink)
dcards
Registered User
 
Join Date: Dec 2007
Posts: 15
OS: Windows XP


Re: Spam emails being automatically sent
Hi! Thanks for your reply. Below is the HijackThis log file and attched are the SDFix and Combofix reports.

Thanks for any help you can give.


SDFix: Version 1.117

Run by Administrator on Thu 12/06/2007 at 12:31 PM

Microsoft Windows XP [Version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:

Name:
fwdrv.sys
ICF

Path:
\??\C:\fwdrv.sys
C:\WINDOWS\system32\svchost.exe:exe.exe

fwdrv.sys - Deleted
ICF - Deleted



Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

C:\wintemp.log - Deleted
C:\WINDOWS\Casino.ico - Deleted
C:\WINDOWS\Free Online Dating.ico - Deleted
C:\WINDOWS\Spyware Remover.ico - Deleted
C:\WINDOWS\system32\kr_done1 - Deleted
C:\WINDOWS\system32\lt.res - Deleted
C:\WINDOWS\system32\sft.res - Deleted
C:\WINDOWS\wr.txt - Deleted



Folder C:\Documents and Settings\All Users\Documents\Settings - Removed

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
: ADS Found!

svchost.exe: deleted 51200 bytes in 1 streams.

Checking for remaining Streams

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-06 14:38:36
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

Remaining Files:
---------------

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes:

Wed 5 Nov 2003 6,473 A.SH. --- "C:\WINDOWS\SYSTEM32\kjkmp.bak1"
Wed 26 Nov 2003 6,513 A.SH. --- "C:\WINDOWS\SYSTEM32\kjkmp.bak2"
Wed 26 Nov 2003 6,472 A.SH. --- "C:\WINDOWS\SYSTEM32\yccdd.bak1"
Mon 26 Nov 2007 6,473 A.SH. --- "C:\WINDOWS\SYSTEM32\yccdd.bak2"
Wed 14 May 2003 43,008 ...H. --- "C:\Program Files\Common Files\Adobe\ESD\DLMCleanup.exe"
Wed 8 Aug 2007 400 A..H. --- "C:\Program Files\Common Files\Symantec Shared\COH\COH32LU.reg"
Wed 8 Aug 2007 403 A..H. --- "C:\Program Files\Common Files\Symantec Shared\COH\COHDLU.reg"

Finished!

ComboFix 07-12-05.2 - Louis Curti 2007-12-06 14:51:29.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.466 [GMT -8:00]
Running from: C:\Documents and Settings\Louis Curti\desktop\combofix.exe
Command switches used :: /killall
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\check_LSA7.txt
C:\Documents and Settings\All Users\Application Data\SystemDoctor
C:\Documents and Settings\Louis Curti\Application Data\PPPATC~1
C:\Documents and Settings\Louis Curti\Application Data\PPPATC~1\?ppPatch\
C:\Documents and Settings\Louis Curti\Application Data\SystemDoctor
C:\Documents and Settings\Louis Curti\Application Data\SystemDoctor\Logs\Activate.log
C:\Documents and Settings\Louis Curti\Application Data\SystemDoctor\Logs\update.log
C:\Documents and Settings\Louis Curti\Application Data\WinTouch
C:\Documents and Settings\Louis Curti\Application Data\WinTouch\wintouch.cfg
C:\Documents and Settings\Louis Curti\ResErrors.log
C:\Program Files\ISM
C:\Program Files\ISM\dictionary.gz
C:\Program Files\ISM\targets.gz
C:\Program Files\ISM\Uninstall.exe
C:\Program Files\racle~1
C:\Program Files\stem32~1
C:\WINDOWS\curity~1
C:\WINDOWS\curity~1\s?stem\
C:\WINDOWS\ecurit~1
C:\WINDOWS\smante~1
C:\WINDOWS\stem32~1
C:\WINDOWS\system32\drivers\fad.sys
C:\WINDOWS\system32\ssembl~1

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_ASC355
-------\LEGACY_ASC355O
-------\LEGACY_FWDRV.SYS
-------\LEGACY_NPF


((((((((((((((((((((((((( Files Created from 2007-11-06 to 2007-12-06 )))))))))))))))))))))))))))))))
.

2007-12-06 12:30 . 2007-12-06 12:30 <DIR> d-------- C:\WINDOWS\ERUNT
2007-12-06 12:16 . 2007-12-06 12:16 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Webroot
2007-12-02 14:35 . 2007-12-02 14:35 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2007-12-02 14:35 . 2007-12-02 14:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2007-12-02 14:35 . 2007-10-01 16:40 1,526,072 --a------ C:\WINDOWS\WRSetup.dll
2007-12-02 14:35 . 2007-10-01 16:24 163,640 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\ssidrv.sys
2007-12-02 14:35 . 2007-10-01 16:24 23,864 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\sskbfd.sys
2007-12-02 14:35 . 2007-10-01 16:24 21,816 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\sshrmd.sys
2007-12-02 14:35 . 2007-10-01 16:24 20,280 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\SSFS0BB9.sys
2007-12-02 14:34 . 2007-12-02 14:34 164 --a------ C:\install.dat
2007-12-02 14:32 . 2007-12-02 14:32 <DIR> d-------- C:\Documents and Settings\Louis Curti\Application Data\Webroot
2007-12-02 10:49 . 2007-12-02 10:49 <DIR> d-------- C:\Deckard
2007-12-01 13:15 . 2007-12-01 13:15 <DIR> d-------- C:\Documents and Settings\Louis Curti\Application Data\Wireshark
2007-12-01 12:55 . 2007-12-01 12:56 <DIR> d-------- C:\Program Files\Wireshark
2007-12-01 10:39 . 2007-12-01 14:36 <DIR> d-------- C:\WINDOWS\SYSTEM32\ActiveScan
2007-12-01 10:39 . 2007-12-01 13:35 30,590 --a------ C:\WINDOWS\SYSTEM32\pavas.ico
2007-11-30 20:38 . 2007-11-30 20:38 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-30 20:38 . 2007-11-30 20:38 <DIR> d-------- C:\Documents and Settings\Louis Curti\Application Data\SUPERAntiSpyware.com
2007-11-30 19:15 . 2007-11-30 19:15 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Grisoft
2007-11-30 19:09 . 2007-11-30 19:09 <DIR> d-------- C:\Documents and Settings\Louis Curti\Application Data\Grisoft
2007-11-30 19:09 . 2007-05-30 04:10 10,872 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AvgAsCln.sys
2007-11-30 17:29 . 2007-11-30 17:29 2 --a------ C:\WINDOWS\msoffice.ini
2007-11-26 20:48 . 2007-11-26 20:48 6,473 --ahs---- C:\WINDOWS\SYSTEM32\yccdd.bak2
2007-11-26 20:21 . 2007-07-09 05:09 584,192 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\rpcrt4.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-06 23:02 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-12-03 02:13 --------- d-----w C:\Documents and Settings\Louis Curti\Application Data\U3
2007-12-01 22:19 --------- d-----w C:\Program Files\SUPERAntiSpyware
2007-12-01 22:19 --------- d-----w C:\Program Files\QuickTime
2007-12-01 22:19 --------- d-----w C:\Program Files\Norton AntiVirus
2007-12-01 22:06 --------- d-----w C:\Program Files\iTunes
2007-12-01 22:04 --------- d-----w C:\Program Files\Dell AIO Printer A920
2007-12-01 21:26 --------- d-----w C:\Program Files\MSN Games
2007-12-01 21:23 --------- d-----w C:\Program Files\Viewpoint
2007-12-01 21:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-12-01 21:22 --------- d-----w C:\Program Files\Maxis
2007-12-01 21:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-01 21:21 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-01 18:50 --------- d-----w C:\Program Files\Common Files\Real
2007-12-01 01:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-01 01:33 --------- d-----w C:\Program Files\Common Files\Scanner
2007-12-01 01:30 --------- d-----w C:\Documents and Settings\Louis Curti\Application Data\Lavasoft
2007-12-01 01:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-12-01 01:26 --------- d-----w C:\Program Files\AIM
2007-12-01 01:26 --------- d-----w C:\Documents and Settings\Louis Curti\Application Data\Aim
2007-11-27 04:23 805 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-11-27 04:23 123,952 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-11-27 04:23 10,740 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-11-27 04:23 --------- d-----w C:\Program Files\Symantec
2003-11-06 00:44 6,473 --sha-w C:\WINDOWS\SYSTEM32\kjkmp.bak1
2003-11-27 00:00 6,513 --sha-w C:\WINDOWS\SYSTEM32\kjkmp.bak2
2003-11-27 03:44 6,472 --sha-w C:\WINDOWS\SYSTEM32\yccdd.bak1
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
2003-11-26 19:50 116088 --a------ C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 08:24]
"Iisigpp"="C:\WINDOWS\??stem32\r?gsvr32.exe" [2004-08-03 23:56]
"Huz"="C:\Program Files\??stem32\?hkdsk.exe" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-02-27 11:39]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 18:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 09:36]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-10-19 07:59]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-19 07:59]
"Dell AIO Printer A920"="C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe" [2003-04-10 03:52]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-08-24 21:07]
"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [2007-08-24 20:53]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2007-10-01 16:40]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-02-27 11:39 282624 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

R0 SSFS0BB9;Spy Sweeper File System Filer Driver: 0BB9;C:\WINDOWS\system32\Drivers\SSFS0BB9.SYS
R2 LiveUpdate Notice;LiveUpdate Notice;"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
R3 SymIMMP;SymIMMP;C:\WINDOWS\system32\DRIVERS\SymIM.sys
R3 WmaCDriverV32;WmaCDriverV32;C:\WINDOWS\system32\drivers\WmaCDriverV32.sys
S3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);C:\WINDOWS\system32\DRIVERS\A3AB.sys
S3 COH_Mon;COH_Mon;\??\C:\WINDOWS\system32\Drivers\COH_Mon.sys
S3 SymIM;Symantec Network Security Intermediate Filter Service;C:\WINDOWS\system32\DRIVERS\SymIM.sys

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{33622d6b-9dba-11da-8171-00038a000015}]
\Shell\AutoRun\command - F:\LaunchU3.exe

.
Contents of the 'Scheduled Tasks' folder
"2007-12-02 22:16:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-12-06 15:18:09 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Louis Curti.job"
- C:\Program Files\Norton AntiVirus\Navw32.exe
.
**************************************************************************

catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-06 15:03:47
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-06 15:05:30 - machine was rebooted
.
--- E O F ---


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:17:10 PM, on 12/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\GeekSquad\upssrv.exe
C:\GeekSquad\upsio.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com.../fix_homepage/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Iisigpp] C:\WINDOWS\??stem32\r?gsvr32.exe
O4 - HKCU\..\Run: [Huz] "C:\Program Files\??stem32\?hkdsk.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://atv.disney.go.com/global/down.../OTOYAX29b.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pu...sh/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: UPS Service (CyberPowerUPS) - Unknown owner - C:\GeekSquad\upssrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 5940 bytes
Attached Files
File Type: txt Report.txt (3.0 KB, 1 views)
File Type: txt log.txt (9.8 KB, 2 views)
Last edited by tetonbob; 12-06-2007 at 04:57 PM.
dcards is offline