Keylogger...

[fgfuyfyuiuy0]

I have a KeyLogger, anyone know something that'll get rid of it. Because one of my accounts is logged in (Not even thinking of trying my main's). Anyone know a program that'll get rid of it? I need some help :?

[Msacidbear]

DUDE THAT HAPPENED TO ME

 

 

 

add my friend on msn, (email removed -- Weez) he'll teach you how to make sure it's gone, he's really nice, try it. Btw you owe me 10m.

 

 

 

 

 

 

 

no im jk o rofl o rofl @ me roflroflorfl!!!

[blade995]

I would not listen to a word this guy says above me.

 

 

 

 

 

 

 

Download Ad-aware ( here ) and spybot ( here )

 

 

 

 

 

 

 

Update definitions on both programs, scan, remove anything they find.

 

 

 

 

 

 

 

Both are free programs.

[tylersk8shop]

I hate n0 lyf3r virus creators

[fgfuyfyuiuy0]

I would not listen to a word this guy says above me.

 

 

 

 

 

 

 

Download Ad-aware ( here ) and spybot ( here )

 

 

 

 

 

 

 

Update definitions on both programs, scan, remove anything they find.

 

 

 

 

 

 

 

Both are free programs.

 

 

 

 

 

 

 

Ty, I dled Search N Destroy, I forgot about Ad-aware.

[fgfuyfyuiuy0]

OK, my computer is running fast again. I believe the cause was of an "RPG" someone posted on this Forums. So, I went and downloaded it. The second I ran it, my computer went crazy, and the screen to play the game was just showing flying boxes. I'll find the post again and report it. I don't know how to check if I still have the Key Logger. Is there a way?

 

 

 

 

 

 

 

Edit: OMG, I dled the game before a mod locked it and put [Caution]... :oops: I feel so dumb!

 

 

 

 

 

 

 

The link is removed, but this is the jerk who gave me it...

 

 

 

http://forum.tip.it/viewtopic.php?t=583456

[BlueLancer]

Post count isn't really an indicator of anything, but never download stuff by guys that have joined a few days ago and only have a few posts and nothing to lose or risk.

 

 

 

 

 

 

 

The "game" by that guy acidbear does contain a trojan and a keylogger, download AVG Antivirus and Ad-Aware to keep your computer clean. Also try looking for SpyBot if you need further protection.

 

 

 

 

 

 

 

If you think the trojan may be still running, google for a program called "HiJackThis". It will show even hidden [Caution: Executable File]s running or binded to .dll's and notify you if they're suspicious.

 

 

 

 

 

 

 

That guy is despicable and so un-transparent, his 'friendly' posts where he tried to sneak the URL in were actually pretty obvious now that I think of it.

 

 

 

 

 

 

 

DUDE THAT HAPPENED TO ME

 

 

 

add my friend on msn, [email protected] he'll teach you how to make sure it's gone, he's really nice, try it. Btw you owe me 10m.

 

 

 

 

 

 

 

 

 

 

1. It may have happened to you, hence you've turned into a scammer. From an observative viewpoint, I think it's very true, that's the only time you've ever used Caps Lock on these forums, a subconscious trail? You *were* scammed. That doesn't justify YOUR scamming.

 

 

 

 

 

 

 

2. He doesn't owe you 10m, you're just trying to get him to talk to you on MSN.

 

 

 

 

 

 

 

3. That's your email, Teddy isn't your real name, and he's not "your friend". It's you. Bad psychological trick to try to play a 'friendly guy' going by the name of 'teddy', with the object of having an affectionate nickname prompting a positive first impression.

 

 

 

 

 

 

 

4. You wont teach him how to get rid of it, you'll send him a 'virus cleaner' which is the same executable as the one on your site.

 

 

 

 

 

 

 

So much for thinking your plan is undestructable. I've dealt with tons of guys like you, and when I ask them 'why', they say "I was scammed so why can't I too".

[Bmms]

I hate n0 lyf3r virus creators

 

 

 

i hate kids who try to use leet speak when they dont know how

 

 

 

and creating keyloggers isnt very hard a 5 year old could do it

[fgfuyfyuiuy0]

DUDE THAT HAPPENED TO ME

 

 

 

add my friend on msn, [email protected] he'll teach you how to make sure it's gone, he's really nice, try it. Btw you owe me 10m.

 

 

 

 

 

 

 

no im jk o rofl o rofl @ me roflroflorfl!!!

 

 

 

 

 

 

 

He's the kid who gave me it.... Anyone know how to check if it's gone? I tried Search and Destroy, Ad-Aware, and Crap Cleaner (Just to make sure it was gone entirely).

[coltm4carbine]

He installs the BFK perfect keylogger.

 

 

 

 

 

 

 

I took apart his file.

 

 

 

 

 

 

 

If you have an antivirus update then run that in safemode (f8 while booting up, choose safemode). It should get rid of it.

[adthegreat-]

Yes, post a HiJackThis logfile, it will tell us everything that is currently running on your computer, things you may not be able to see from the task manager (ctrl-alt-delete), and that could be running as background processes, monitoring your keystrokes.

[fgfuyfyuiuy0]

He installs the BFK perfect keylogger.

 

 

 

 

 

 

 

I took apart his file.

 

 

 

 

 

 

 

If you have an antivirus update then run that in safemode (f8 while booting up, choose safemode). It should get rid of it.

 

 

 

 

 

 

 

Thanks, I'll run SND, and Ad-Aware.

 

 

 

 

 

 

 

Yes, post a HiJackThis logfile, it will tell us everything that is currently running on your computer, things you may not be able to see from the task manager (ctrl-alt-delete), and that could be running as background processes, monitoring your keystrokes.

 

 

 

 

 

 

 

I'll do that. Just need to get it dled.

 

 

 

 

 

 

 

 

 

 

 

EDIT: LogFile:

 

 

 

 

 

 

 

Running processes:

 

 

 

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\csrss[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\services[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\Ati2evxx[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccProxy[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile]

 

 

 

C:\Program Files\Norton Internet Security\ISSVC[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\Ati2evxx[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\Explorer[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\LEXBCES[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\LEXPPS[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\LightScribe\LSSrvc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\wdfmgr[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\wbem\wmiprvse[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\alg[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx[Caution: ExecutableFile]

 

 

 

C:\Program Files\Java\jre1.5.0_09\bin\jusched[Caution: ExecutableFile]

 

 

 

C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant[Caution: ExecutableFile]

 

 

 

C:\Program Files\Synaptics\SynTP\SynTPLpr[Caution: ExecutableFile]

 

 

 

C:\Program Files\Synaptics\SynTP\SynTPEnh[Caution: ExecutableFile]

 

 

 

C:\Program Files\Hp\HP Software Update\HPWuSchd2[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]

 

 

 

C:\Program Files\HPQ\Quick Launch Buttons\EabServr[Caution: ExecutableFile]

 

 

 

C:\Program Files\HPQ\SHARED\HPQWMI[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\PRISMSVR[Caution: ExecutableFile]

 

 

 

C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]

 

 

 

C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]

 

 

 

C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\ctfmon[Caution: ExecutableFile]

 

 

 

C:\Program Files\2Wire 802.11g Wireless\PRISMCFG[Caution: ExecutableFile]

 

 

 

C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

 

 

 

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare[Caution: ExecutableFile]

 

 

 

C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile]

 

 

 

C:\Program Files\Spyware Doctor\sdhelp[Caution: ExecutableFile]

 

 

 

C:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile]

 

 

 

 

 

 

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

 

 

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com

 

 

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

 

 

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

 

 

 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

 

 

 

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop

 

 

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!

 

 

 

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

 

 

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

 

 

 

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

 

 

 

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll

 

 

 

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

 

 

 

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

 

 

 

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

 

 

 

O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

 

 

 

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

 

 

 

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

 

 

 

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

 

 

 

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [iS CfgWiz] C:\Program Files\Norton Internet Security\cfgwiz[Caution: ExecutableFile] /GUID {257BBC47-1B26-432e-9F84-188603799DD3} /MODE CfgWiz /CMDLINE "REBOOT"

 

 

 

O4 - HKLM\..\Run: [urlLSTCK[Caution: ExecutableFile]] C:\Program Files\Norton Internet Security\UrlLstCk[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [sSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr[Caution: ExecutableFile] /Start

 

 

 

O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [PRISMSVR[Caution: ExecutableFile]] "C:\WINDOWS\system32\PRISMSVR[Caution: ExecutableFile]" /APPLY

 

 

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime

 

 

 

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]"

 

 

 

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background

 

 

 

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier[Caution: ExecutableFile]

 

 

 

O4 - HKCU\..\Run: [ctfmon[Caution: ExecutableFile]] C:\WINDOWS\system32\ctfmon[Caution: ExecutableFile]

 

 

 

O4 - HKCU\..\Run: [spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor[Caution: ExecutableFile]" /Q

 

 

 

O4 - Global Startup: 2Wire Wireless Client.lnk = ?

 

 

 

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare[Caution: ExecutableFile]

 

 

 

O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater[Caution: ExecutableFile]

 

 

 

O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html

 

 

 

O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html

 

 

 

O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html

 

 

 

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL[Caution: ExecutableFile]/3000

 

 

 

O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html

 

 

 

O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html

 

 

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

 

 

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll

 

 

 

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

 

 

 

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

 

 

 

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag[Caution: ExecutableFile] (file missing)

 

 

 

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag[Caution: ExecutableFile] (file missing)

 

 

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O11 - Options group: [iNTERNATIONAL] International*

 

 

 

O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=presario&pf=laptop

 

 

 

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

 

 

 

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

 

 

 

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile]

 

 

 

O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI[Caution: ExecutableFile]

 

 

 

O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

 

 

 

O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC[Caution: ExecutableFile]

 

 

 

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS[Caution: ExecutableFile]

 

 

 

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES[Caution: ExecutableFile]

 

 

 

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc[Caution: ExecutableFile]

 

 

 

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan[Caution: ExecutableFile]

 

 

 

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ[Caution: ExecutableFile]

 

 

 

O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile]

 

 

 

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: ExecutableFile]

 

 

 

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC[Caution: ExecutableFile]

[coltm4carbine]

we'll need the whole thing. Including the top part.

 

 

 

 

 

 

 

Also I said antivirus...NOT antispyware. (Norton in your case)

 

 

 

 

 

 

 

I think your clean though. when I installed his software on my PC the only entry there was was the tile explorer[Caution: ExecutableFile] running from the system32 folder.