HJT Log and Panda ActiveScan

Unknown
edited July 2009 in Spyware & Virus Removal
I have no cracks/keygens on my computer

Termsrv.dll invalid/infected?

On another forum I was told to remove termsrv.dll from system32 file and then upgrade to SP3 and this would get rid of the invalid/infected file...

But everytime I try to delete it, it just comes back in 5 seconds? I actually do delete it but then it reappears in the folder...

Also sometimes wen i run combofix it reboots my pc and its supposed the make a log... But after I log into my profile combofix does not continue to run... sometimes it does...

One time in combo fix it said this:
sec: can't read Drive.Folder.Dat: No suck file or directory

HJT Log located below...

Panda ActiveScan 2.0

;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-07-10 09:37:06
PROTECTIONS: 1
MALWARE: 31
SUSPECTS: 3
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Bitdefender Antivirus 8.0 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\BeBe GiRL\Cookies\bebe_girl@trafficmp[2].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@doubleclick[3].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@doubleclick[4].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@atdmt[2].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@247realmedia[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@fastclick[2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\BeBe GiRL\Cookies\bebe [email]girl@fastclick[1].txt[/email]
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\BeBe GiRL\Cookies\bebe_girl@fastclick[1].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@tribalfusion[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@mediaplex[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@mediaplex[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\BeBe GiRL\Cookies\bebe [email]girl@com[1].txt[/email]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@com[1].txt
00167677 Cookie/WebPower TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@webpower[2].txt
00167730 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@ehg.hitbox[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@statcounter[2].txt
00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@perf.overture[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@bs.serving-sys[1].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@www.burstbeacon[1].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@server.iad.liveperson[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@advertising[2].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@media.adrevolver[3].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@statse.webtrendslive[2].txt
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@statse.webtrendslive[3].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@ads.pointroll[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\BeBe GiRL\Cookies\bebe_girl@ads.pointroll[2].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@overture[2].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\BeBe GiRL\Cookies\bebe_girl@realmedia[1].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@realmedia[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\BeBe GiRL\Cookies\bebe_girl@questionmarket[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@questionmarket[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@zedo[1].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@adrevolver[2].txt
00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@did-it[1].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Masacre\Cookies\masacre@atwola[1].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\BeBe GiRL\Cookies\bebe_girl@atwola[1].txt
00527204 Application/PRScheduler HackTools Yes 0 Yes No C:\Documents and Settings\Masacre\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{2F4803A4-5C30-432B-94A4-B16224895F22}\RP371\A0255291.sys
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\Documents and Settings\Masacre\Local Settings\temp\Perflib_Perfdata__755.dat
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{2F4803A4-5C30-432B-94A4-B16224895F22}\RP372\A0255597.sys
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{2F4803A4-5C30-432B-94A4-B16224895F22}\RP371\A0255514.sys
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{2F4803A4-5C30-432B-94A4-B16224895F22}\RP372\A0255698.sys
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{2F4803A4-5C30-432B-94A4-B16224895F22}\RP371\A0255392.sys
02947949 Exploit/ByteVerify HackTools No 0 Yes No C:\Documents and Settings\Masacre\Application Data\Sun\Java\Deployment\cache\6.0\43\62b0f66b-7417bc42
03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Qoobox\Quarantine\C\WINDOWS\system32\MSIVXoewyrgevxmpbarsqjmxlafufxhkwnvct.dll.vir
03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Qoobox\Quarantine\C\WINDOWS\system32\MSIVXujovmbbwsigftltdiujxviakbekcpyrj.dll.vir
;===================================================================================================================================================================================
SUSPECTS
Sent Location X
;===================================================================================================================================================================================
No C:\Documents and Settings\Masacre\Local Settings\Application Data\Mozilla\Firefox\Profiles\3gdqedv1.default\Cache\F5BE1580d01
No C:\Documents and Settings\Masacre\Local Settings\Application Data\Mozilla\Firefox\Profiles\3gdqedv1.default\Cache\F7460F43d01
No C:\Documents and Settings\Masacre\Desktop\sy32\termsrv.dll X
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description X
;===================================================================================================================================================================================
;===================================================================================================================================================================================


neox edited : Today at 9:03am .


Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 9:47:56 AM, on 7/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [VAIO Recovery] "C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Default user')
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = C:\Documents and Settings\Masacre\Local Settings\Temp\{73FC3008-6BE2-4792-A2EB-E3E97C8D8D20}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Transfer by Image Converter 2 - C:\Program Files\Sony\Image Converter 2\menu.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {34F12AFD-E9B5-492A-85D2-40FA4535BE83} (AxProdInfoCtl Class) - http://www.symantec.com/techsupp/act...a/nprdtinf.cab
O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/game...lugin11USA.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1176081111218
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - http://a532.g.akamai.net/f/532/6712/.../installer.exe
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://livewc01.custhelp.com/7540-b3.../java/RntX.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

Comments

  • neox
    edited July 2009
    Should I do a LOP S&D to prove to you that I removed all my cracked items? Cause thats how Advanced Setup found out.... Also if I do a Combofix you will see all the cracked files that came up form malwarebytes forum are all gone now...

    Please believe me
  • KatanaKatana
    edited July 2009
    Private Messages from neox in the order they were sent
    neox wrote:
    1) I removed all my cracks and keygens because advanced setup told me to.......
    2) And advanced setup is continuing to help me...

    1) Good
    2) Then you don't need my help
    neox wrote:
    1) I came here for help and all my crack/keygens have been deleted and I plan to never get any ever again...

    2) I've been communicating with setup advanced thru private message and now since u closed me thread for no reason I gotta do the same to you...

    3) I could run that dos S&D file that he made me run to prove to you i got no cracks/keygens....

    4) That post was last week or so and I removed everything....

    1) That's very wise
    2) I didn't close your thread for no reason, I closed it because you have used Cracks on your machine.
    3) And you could also edit the log so that they don't show
    4) That post was three days ago.

    =======================================================

    Notice to all "Crack" users

    I     do not help clean machines that show evidence of using cracked software.

    There are many people looking for help that have been infected through no fault of their own.
    I will not waste my time trying to clean a machine when infection has been invited.

    I will not reply to PM's regarding any topic I close for this reason.


    The best thing to do if you are in this situation is to reformat your machine.
This discussion has been closed.