Gebca.dll Malware?

P

precision256

New member
Here are my logs from Security Task Manager:

Security Task Manager: Computer ******, Benutzer Administrator, 9/3/2006 8:16:04 PM

Name Rating PID CPU Memory Active File Type Start Title, Description Manufacturer : product

gebca.dll 92% C:\WINDOWS\system32\gebca.dll Internet when Internet Explorer starts (Browser Extension) -
Java(TM) 2 Platform Standard Edition binary 66% C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll Internet when Internet Explorer starts SSVHelper Class (Browser Extension) Sun Microsystems, Inc. : Java(TM) 2 Platform Standard Edition 5.0 Update 8
Sigmatel Audio system tray application 59% 308 7.4 MB C:\WINDOWS\stsystra.exe Program 8:04:36 PM when Windows starts, Registry: Machine\Run SigmatelSysTray SigmaTel, Inc. : C-Major Audio
ATI Catalyst Control Center 58% 2696 6.2 MB 0:03 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe Program 8:04:44 PM when Windows starts, Registry: Machine\Run CLI Application (Command Line Interface) - Command Line Interface application for all ACE Components - GDI+ Window ATI Technologies Inc. : Catalyst Control Centre
GoogleToolbar 52% c:\program files\google\googletoolbar1.dll Internet when Internet Explorer starts Google IE Client Toolbar - Google Toolbar Helper (Browser Extension) Google Inc. : Google Toolbar for IE
ATI Catalyst Control Center 50% 3956 7.1 MB 0:01 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe Program 8:05:14 PM from ATI Catalyst Control Center CLI Application (Command Line Interface) - Command Line Interface application for all ACE Components ATI Technologies Inc. : Catalyst Control Centre
PowerDVD RC Service 49% 4048 4.1 MB C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe Program 8:04:29 PM when Windows starts, Registry: Machine\Run CL RC Engine2 Dummy Winidow Cyberlink Corp. : PowerDVD
TouchPad Driver Helper Application 49% 4064 4.2 MB C:\Program Files\Synaptics\SynTP\SynTPLpr.exe Program 8:04:29 PM when Windows starts, Registry: Machine\Run Touchpad driver helper window Synaptics, Inc. : Synaptics Pointing Device Driver
ZeroCfgSvc MFC Application 49% 1724 14.5 MB 0:01 C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe Program 8:04:43 PM when Windows starts, Registry: Machine\Run Available Networks Intel Corporation : ZeroCfgSvc Application
Adobe Acrobat IE Helper Version 7.0 for ActiveX 48% C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll Internet when Internet Explorer starts AcroIEHelper.AcroIEHlprObj.1 (Browser Extension) Adobe Systems, Incorporated : AcroIEHelper Library
Intel(R) PROSet/Wireless Event Log 42% 1476 11.7 MB C:\Program Files\Intel\Wireless\Bin\EvtEng.exe Program 8:03:09 PM Intel Corporation : Intel(R) PROSet/Wireless Event Log
Wireless Management Service 42% 1632 1% 12.2 MB 0:08 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe Program 8:03:14 PM IWMSWindow Intel Corporation : Intel(R) PROSet/Wireless Service
ewido anti-spyware guard 42% 1504 0.9 MB 0:01 C:\Program Files\ewido anti-spyware 4.0\guard.exe Program 8:03:33 PM Anti-Malware Development a.s. : ewido anti-spyware
RAID Monitor 42% 1600 1.4 MB C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe Program 8:03:33 PM Intel Corporation : RAID Monitor
PrismXL Service 42% 1916 1.8 MB C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS Program 8:03:36 PM New Boundary Technologies, Inc. : PrismXL Software Family
Intel(R) PROSet/Wireless Registry Service 42% 1844 3.0 MB C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe Program 8:03:40 PM Registry Interface for Intel Wireless Products Intel Corporation : Intel(R) PROSet/Wireless Registry Service
Intel 802.1x Server 42% 4260 15.1 MB C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe Program 8:07:08 PM Gsm Event Window Intel Corporation : Intel PROSet/Wireless
Office Source Engine 36% 1708 1.1 MB C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe Program 8:03:34 PM Microsoft Corporation : Office Source Engine
Java Update Scheduler 34% 524 3.1 MB C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe Program 8:04:38 PM when Windows starts, Registry: Machine\Run Java(TM) 2 Platform Standard Edition binary Sun Microsystems, Inc. : Java(TM) 2 Platform Standard Edition 5.0 Update 8
Symantec AntiVirus 33% 1828 8.3 MB 0:01 C:\Program Files\Common Files\Symantec Shared\ccApp.exe Program 8:04:39 PM when Windows starts, Registry: Machine\Run Symantec User Session - ccApp Symantec Corporation : Client and Host Security Platform
ViewMgr 30% 508 5.0 MB C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe Program 8:04:37 PM when Windows starts, Registry: Machine\Run Viewpoint Manager Notification Window Viewpoint Corporation : Viewpoint Manager
StyleXP Application 26% C:\Program Files\TGTSoft\StyleXP\StyleXP.exe Program when Windows starts, Registry: User\Run STYLEXP (not active) : StyleXP Application
Windows Defender 22% 1312 12.8 MB 0:07 C:\Program Files\Windows Defender\MsMpEng.exe Program 8:03:07 PM Service Executable Microsoft Corporation : Windows Defender
wizard.hta 21% %windir%\help\wizard.hta Program when Windows starts, Registry: Def\Run TabletWizard (not active) -
NA 21% NA Program when Windows starts, Registry: Def\Run Power2GoExpress (not active) -
QuickTime Task 21% C:\Program Files\QuickTime\qttask.exe Program when Windows starts, Registry: Machine\Run (not active) Apple Computer, Inc. : QuickTime
Firefox 19% 2832 25.9 MB 0:02 C:\Program Files\Mozilla Firefox\firefox.exe Program 8:14:37 PM from Windows Explorer Malware Removal - Safer Networking Forums - Mozilla Firefox Mozilla Corporation : Firefox
avast! Antivirus 18% 976 0.3 MB C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe Program 8:03:31 PM ALWIL Software :
ATI External Event Utility EXE Module 17% 1132 2.5 MB C:\WINDOWS\system32\Ati2evxx.exe Program 8:03:04 PM ATI video bios poller ATI Technologies Inc. : ATI External Event Utility for WindowsNT and Windows9X
ATI External Event Utility EXE Module 17% 3000 4.7 MB 0:08 C:\WINDOWS\system32\Ati2evxx.exe Program 8:03:57 PM ATI video bios poller client ATI Technologies Inc. : ATI External Event Utility for WindowsNT and Windows9X
Event Monitor User Notification Tool 16% 212 3.9 MB C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe Taskicon 8:04:33 PM when Windows starts, Registry: Machine\Run IAAMonitor Notify App, Intel Corporation : RAID Event Monitor
Intel Framework MFC Application 16% 1864 17.5 MB 0:06 C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe Taskicon 8:04:43 PM when Windows starts, Registry: Machine\Run MCI command handling window, Intel PROSet/Wireless, Connected to: Dorm, Speed: 54.0 Mbps, Signal Quality: Excellent, IP Address: 192.168.1.100 Intel Corporation : Intel(R) PROSet/Wireless
Windows User Mode Driver Manager 16% 2164 1.7 MB C:\WINDOWS\system32\wdfmgr.exe Program 8:03:45 PM Microsoft Corporation : Microsoft® Windows® Operating System
SnippingTool 15% C:\Program Files\Microsoft Experience Pack\Snipping Tool\SnippingTool.exe Program when Windows starts, Registry: Machine\Run Snippet - Designed for Windows XP Tablet PC Edition -- use the pen to capture the contents of your Tablet PC's screen, then annotate, save, print, or send via email. (not active) Microsoft Corporation : Microsoft Snipping Tool
Symantec AntiVirus 13% 600 2.2 MB 0:01 C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe Program 8:03:29 PM SPBBC Service Symantec Corporation : SPBBC
Recovery Software Suite Gateway 11% C:\WINDOWS\SMINST\RECGUARD.EXE Program when Windows starts, Registry: Machine\Run Recguard MFC Application (not active) : Recguard Application
Symantec AntiVirus 8% 1988 2.8 MB 0:01 C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe Program 8:03:21 PM Symantec Event Manager Service Symantec Corporation : Client and Host Security Platform
Symantec AntiVirus 8% 172 3.2 MB C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe Program 8:03:24 PM Symantec Settings Manager Service Symantec Corporation : Client and Host Security Platform
avast! Antivirus 8% 1188 7.3 MB 0:03 C:\Program Files\Alwil Software\Avast4\ashServ.exe Program 8:03:31 PM avast! antivirus service - aswServ helper window ALWIL Software : avast! Antivirus
Symantec AntiVirus 8% 1464 3.8 MB 0:01 C:\Program Files\Symantec AntiVirus\DefWatch.exe Program 8:03:32 PM Virus Definition Daemon Symantec Corporation : Symantec AntiVirus
Symantec AntiVirus 8% 2080 35.7 MB 0:22 C:\Program Files\Symantec AntiVirus\Rtvscan.exe Program 8:03:40 PM Scan Symantec Corporation : Symantec AntiVirus
Recovery Software Suite Gateway 6% C:\WINDOWS\Creator\Remind_XP.exe Program when Windows starts, Registry: Machine\Run Application Remind_XP - Reminder (not active) SoftThinks : Application Remind_XP
Adobe Common File Installer 6% C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe Program when Windows starts, Registry: User\Startup Adobe Gamma Loader - Utility to set the video card's Gamma table (if the video driver supports it) using data set by Adobe Gamma. (not active) Adobe Systems, Inc. : Adobe Systems, Inc. Adobe Gamma Loader
Adobe Reader 7.0.8 6% C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Program when Windows starts, Registry: Machine\Common Startup Adobe Acrobat SpeedLauncher - Adobe Reader Speed Launch (not active) Adobe Systems Incorporated : Adobe Acrobat
Windows Defender 0% 668 7.8 MB 0:01 C:\Program Files\Windows Defender\MSASCui.exe Taskicon 8:04:40 PM when Windows starts, Registry: Machine\Run Windows Defender User Interface - Windows Defender (Beta 2), Windows Defender Microsoft Corporation : Windows Defender
Windows Messenger 0% C:\Program Files\Messenger\msmsgs.exe Program when Windows starts, Registry: User\Run MSMSGS (not active) Microsoft Corporation : Messenger
Synaptics TouchPad Enhancements 0% 4092 6.1 MB 0:01 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe Taskicon 8:04:30 PM when Windows starts, Registry: Machine\Run Touchpad driver helper window, Synaptics Pointing Device Synaptics, Inc. : Synaptics Pointing Device Driver
Application executable file 0% 476 4.5 MB C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe Taskicon 8:04:37 PM when Windows starts, Registry: Machine\Run Motorola SM56 Modem Helper Motorola Inc. : SM56 Helper Win32 Utility
Symantec AntiVirus 0% 660 10.9 MB 0:01 C:\Program Files\Symantec AntiVirus\VPTray.exe Taskicon 8:04:39 PM when Windows starts, Registry: Machine\Run Missing Virus Definitions, Symantec AntiVirus Symantec Corporation : Symantec AntiVirus
avast! Antivirus 0% 2724 5.8 MB 0:01 C:\Program Files\Alwil Software\Avast4\ashDisp.exe Taskicon 8:04:45 PM when Windows starts, Registry: Machine\Run avast! service GUI component - aswDisp helper window, avast! Virus Recovery Database (VRDB) Generator ALWIL Software : avast! Antivirus
Security Task Manager 0% 2264 10.6 MB 0:02 C:\Program Files\Security Task Manager\TaskMan.exe Program 8:15:53 PM from Windows Explorer Security Task Manager A. & M. Neuber Software : Security Task Manager
Tablet PC Buttons Service 0% 3048 2.6 MB C:\WINDOWS\System32\tabbtnu.exe Taskicon 8:03:57 PM Tablet PC Buttons Service, Change tablet and pen settings Microsoft Corporation : Tablet PC
Windows Explorer 0% 3176 40.5 MB 0:23 C:\WINDOWS\Explorer.EXE Program 8:03:58 PM Program Manager, Microsoft Corporation : Microsoft® Windows® Operating System
Windows Security Center Notification App 0% 4296 3.3 MB C:\WINDOWS\system32\wscntfy.exe Taskicon 8:05:45 PM Windows Security Alerts Microsoft Corporation : Microsoft® Windows® Operating System
Notepad 0% 3824 5.6 MB 0:02 C:\WINDOWS\system32\NOTEPAD.EXE Program 8:14:26 PM hijackthis - Notepad Microsoft Corporation : Microsoft® Windows® Operating System


I've run multiple antivirus and antispyware programs and haven't been able to find much on the removal of gebca.dll. So far, it's caused system instability and a decrease in speed. Thanks so much for any help!
 
And also from Hijack this!:

Logfile of HijackThis v1.99.1
Scan saved at 8:14:26 PM, on 9/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~2\VPTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch=Professional&Br=GTW&Loc=ENG_US&Sys=PTB&M=M285-E
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Professional&Br=GTW&Loc=ENG_US&Sys=PTB&M=M285-E
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Snippet] "C:\Program Files\Microsoft Experience Pack\Snipping Tool\SnippingTool.exe" /i
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://learn.vt.edu
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
 
Hello precision256,

Welcome to Safer Networking Forums :)

Please download VundoFix.exe to your desktop.
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log.

Thanks,
tea
 
:confused:

This topic is closed due to lack of a response to helper, if you need it re-opened please send me a private message (pm) and provide a link to the thread.

Applies only to the original topic starter.
 
You must log in or register to reply here.
Back
Top