Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
 
Topic Tools
  #1  
Old January 27th, 2009, 04:36 AM
Cosmic_Charlie Cosmic_Charlie is offline
New Member
 
Join Date: Jan 2009
Posts: 3
DCOM Server Launcher Terminated (moved from XP Forum)

I have been getting the message: "Windows must now restart because the DCOM Server Process Launcher service terminated unexpectedly" and then the system restarts after about a minute. I get it about 30-45 minutes after booting up. I ran ComboFix, HJT, and MBAM and have attached logs. No P2P programs.


ComboFix 09-01-21.04 - salston 2009-01-26 19:46:37.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1684 [GMT -7:00]
Running from: C:\ComboFix.exe
AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning disabled* (Updated)
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\bold.log
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\SAlston\Local Settings\Temporary Internet Files\fbk.sts
c:\windows\system32\drivers\seneka.sys
c:\windows\system32\drivers\senekaocoeeydj.sys
c:\windows\system32\senekagdwqaqps.dat
c:\windows\system32\senekahbdpptwo.dll
c:\windows\system32\senekalhccnuhg.dat
c:\windows\system32\senekaurkcytla.dll

----- BITS: Possible infected sites -----

hxxp://uswwsus01.wlgore.com
Infected copy of c:\windows\system32\services.exe was found and disinfected
Restored copy from - c:\windows\system32\dllcache\services.exe


.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SENEKA


((((((((((((((((((((((((( Files Created from 2008-12-27 to 2009-01-27 )))))))))))))))))))))))))))))))
.

2009-01-26 19:19 . 2009-01-26 19:19 3,048,418 -ra------ C:\ComboFix.exe
2009-01-26 08:10 . 2009-01-26 08:10 <DIR> d--h----- c:\windows\system32\GroupPolicy.WMOriginal2
2009-01-26 08:10 . 2009-01-26 11:20 <DIR> d--h----- c:\windows\system32\GroupPolicy.WksCache
2009-01-26 08:10 . 2009-01-26 19:50 <DIR> d-------- c:\windows\system32\GroupPolicy
2009-01-06 13:16 . 2009-01-06 13:16 73 --a------ c:\windows\cdplayer.ini
2009-01-05 21:25 . 2009-01-05 21:24 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-05 21:25 . 2009-01-05 21:24 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-05 21:14 . 2009-01-05 21:20 <DIR> d-------- c:\windows\system32\CatRoot_bak
2009-01-02 21:49 . 2009-01-02 21:49 <DIR> d-------- c:\program files\Michael K. Weise
2009-01-02 21:49 . 2000-01-11 16:46 528,384 --------- c:\windows\system32\BladeEnc.dll
2009-01-02 21:49 . 1997-07-15 10:30 120,832 --------- c:\windows\system32\ShnDll32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-01-27 02:50 9,248 ----a-w c:\windows\system32\drivers\CDProbe.SYS
2009-01-26 16:50 --------- d-----w c:\documents and settings\All Users\Application Data\SecTaskMan
2009-01-26 03:25 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2009-01-25 17:06 --------- d-----w c:\program files\AT&T Global Network Client
2009-01-25 04:25 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-01-22 19:44 63,566 ----a-w c:\windows\Global_Variables.cmd
2009-01-19 19:36 --------- d-----w c:\program files\Common Files\Adobe
2009-01-14 23:11 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 23:11 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-01-08 04:03 --------- d-----w c:\documents and settings\SAlston\Application Data\Move Networks
2009-01-06 04:24 --------- d-----w c:\program files\Java
2008-12-21 04:06 --------- d-----w c:\documents and settings\SAlston\Application Data\Twain
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"NetSP - restore settings on power failure"="c:\program files\AT&T Global Network Client\NetSP.exe" [2007-01-13 24576]
"Infuzer"="c:\program files\Trondent Development Corp\Infuzer\Infuzer.exe" [2008-04-03 628008]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2008-09-05 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"AGNS_Config"="nircmd execmd" [X]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.E XE" [2004-08-04 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScI nst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT \TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TIN TSETP.EXE" [2004-08-04 455168]
"iPrint Tray"="c:\windows\system32\iprntctl.exe" [2005-10-24 40960]
"NDPS"="c:\windows\system32\dpmw32.exe" [2004-05-17 32859]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-07-02 159744]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-17 8495104]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2007-11-17 81920]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-10-09 2183168]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784]
"RoxioDragToDisc"="c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 1116920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\I SUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"Discovery User Input"="c:\discovery\User Input\userin32.exe" [2005-12-13 212992]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-11 623992]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2007-03-27 136768]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2008-05-22 111952]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-05 136600]
"NWTRAY"="NWTRAY.EXE" [2002-03-12 c:\windows\system32\nwtray.exe]
"nwiz"="nwiz.exe" [2007-11-17 c:\windows\system32\nwiz.exe]
"NVHotkey"="nvHotkey.dll" [2007-11-17 c:\windows\system32\nvhotkey.dll]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Curr entversion\policies\explorer\Run]
"2"="c:\windows\System32\GroupPolicy.WksCache\User \nircmd.exe" [2009-01-08 25088]

[HKEY_CURRENT_USER\software\microsoft\windows\Curre ntversion\policies\explorer\Run]
"1"="c:\windows\System32\GroupPolicy\User\nircmd.e xe" [2009-01-08 25088]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-01-19 113664]
DJ DICOM Server.lnk - c:\program files\DesAcc\Digital Jacket\DJ DICOM Server.exe [2008-08-28 806912]
Infuzer.lnk - c:\program files\Trondent Development Corp\Infuzer\Infuzer.exe [2008-09-15 628008]
Mobile Suite Client.lnk - c:\program files\Intellisync Mobile Suite\Client\ClientShell.exe [2006-01-10 262216]
Printkey2000.lnk - c:\program files\PrintKey2000\Printkey2000.exe [2005-03-04 869376]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"CompatibleRUPSecurity"= 1 (0x1)
"LogonType"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
"NoPublishingWizard"= 1 (0x1)
"NoWebServices"= 1 (0x1)
"NoOnlinePrintsWizard"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"ForceStartMenuLogOff"= 1 (0x1)
"DisablePersonalDirChange"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)
"NoAutoUpdate"= 1 (0x1)
"NoStartMenuEjectPC"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{763370C4-268E-4308-A60C-D8DA0342BE32}"= "c:\program files\Novell\ZENworks\NalShell.dll" [2007-07-20 458752]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\NetIdentity Notification]
2007-01-10 10:52 24576 c:\windows\system32\Novell\xtnotify.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwv1_0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\System32\\DPMW32.EXE"=
"c:\\Program Files\\Novell\\ZENworks\\RemoteManagement\\RMAgent \\ZenRem32.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 vmscsi;vmscsi;c:\windows\system32\drivers\vmscsi.s ys [1980-01-01 17584]
R1 enstart_;enstart_;c:\windows\system32\enstart_.sys [2008-08-08 25472]
R1 nipplpt2;Novell iCapture Lpt Redirector 2;c:\windows\system32\drivers\nipplpt.sys [2005-03-04 34671]
R3 agnfilt;AGN Filter Interface;c:\windows\system32\drivers\agnfilt.sys [2006-05-19 180864]
R3 CdProbe;CdProbe;c:\windows\system32\drivers\CDProb e.SYS [2008-08-08 9248]
R3 Darpan;Darpan;c:\windows\system32\drivers\Darpan.s ys [2005-05-23 2773]
R4 agnwifi;AT&T Wi-Fi Support Driver;c:\windows\system32\drivers\agnwifi.sys [2004-04-29 19328]
R4 BCMWLNPF;Broadcom Netgroup Packet Filter;c:\windows\system32\drivers\BCMWLNPF.SYS [2008-08-08 33664]
R4 BlankScr;HBDevice;c:\windows\system32\drivers\blan kscr.sys [2005-05-23 6899]
R4 enstart;enstart;c:\windows\system32\enstart.exe -s --> c:\windows\system32\enstart.exe -s [?]
R4 Remote Management Agent;Novell ZENworks Remote Management Agent;c:\program files\Novell\ZENworks\RemoteManagement\RMAgent\Zen Rem32.exe [2006-05-09 167936]
R4 WNTHW;WNTHW;c:\windows\system32\drivers\WNTHW.SYS [2006-01-06 9176]
R4 XTAgent;Novell XTier Agent Services;c:\windows\system32\Novell\xtagent.exe [2007-01-10 61440]
S3 avpnnic;AGN Virtual Network Adapter;c:\windows\system32\drivers\avpnnic.sys [2003-04-04 13952]
S3 OracleOraHome8iClientCache;OracleOraHome8iClientCa che;c:\oracle\bin\ONRSD.EXE [2000-10-19 411244]
S3 vmmouse;VMware Pointing Device;c:\windows\system32\drivers\vmmouse.sys [2005-03-23 11312]
S3 vmx_svga;vmx_svga;c:\windows\system32\drivers\vmx_ svga.sys [1980-01-01 22448]
S3 vmxnet;VMware Ethernet Adapter Driver;c:\windows\system32\drivers\vmxnet.sys [1980-01-01 29232]

--- Other Services/Drivers In Memory ---

*Deregistered* - uphcleanhlp
.
Contents of the 'Scheduled Tasks' folder

2009-01-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-01-09 c:\windows\Tasks\At1.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-23 c:\windows\Tasks\At10.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-26 c:\windows\Tasks\At11.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-23 c:\windows\Tasks\At12.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-26 c:\windows\Tasks\At13.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-26 c:\windows\Tasks\At14.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-26 c:\windows\Tasks\At15.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-23 c:\windows\Tasks\At16.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-15 c:\windows\Tasks\At17.job
- c:\windows\system32\DL2XGJ10.exe []

2008-12-31 c:\windows\Tasks\At18.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-25 c:\windows\Tasks\At19.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-09 c:\windows\Tasks\At2.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-25 c:\windows\Tasks\At20.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-25 c:\windows\Tasks\At21.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-26 c:\windows\Tasks\At22.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-25 c:\windows\Tasks\At23.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-09 c:\windows\Tasks\At24.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-09 c:\windows\Tasks\At25.job
- c:\windows\system32\RRuui23l.exe []

2009-01-09 c:\windows\Tasks\At26.job
- c:\windows\system32\RRuui23l.exe []

2009-01-09 c:\windows\Tasks\At27.job
- c:\windows\system32\RRuui23l.exe []

2009-01-09 c:\windows\Tasks\At28.job
- c:\windows\system32\RRuui23l.exe []

2009-01-09 c:\windows\Tasks\At29.job
- c:\windows\system32\RRuui23l.exe []

2009-01-09 c:\windows\Tasks\At3.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-09 c:\windows\Tasks\At30.job
- c:\windows\system32\RRuui23l.exe []

2008-12-26 c:\windows\Tasks\At31.job
- c:\windows\system32\RRuui23l.exe []

2009-01-10 c:\windows\Tasks\At32.job
- c:\windows\system32\RRuui23l.exe []

2009-01-05 c:\windows\Tasks\At33.job
- c:\windows\system32\RRuui23l.exe []

2009-01-23 c:\windows\Tasks\At34.job
- c:\windows\system32\RRuui23l.exe []

2009-01-26 c:\windows\Tasks\At35.job
- c:\windows\system32\RRuui23l.exe []

2009-01-23 c:\windows\Tasks\At36.job
- c:\windows\system32\RRuui23l.exe []

2009-01-26 c:\windows\Tasks\At37.job
- c:\windows\system32\RRuui23l.exe []

2009-01-26 c:\windows\Tasks\At38.job
- c:\windows\system32\RRuui23l.exe []

2009-01-26 c:\windows\Tasks\At39.job
- c:\windows\system32\RRuui23l.exe []

2009-01-09 c:\windows\Tasks\At4.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-23 c:\windows\Tasks\At40.job
- c:\windows\system32\RRuui23l.exe []

2009-01-15 c:\windows\Tasks\At41.job
- c:\windows\system32\RRuui23l.exe []

2008-12-31 c:\windows\Tasks\At42.job
- c:\windows\system32\RRuui23l.exe []

2009-01-25 c:\windows\Tasks\At43.job
- c:\windows\system32\RRuui23l.exe []

2009-01-25 c:\windows\Tasks\At44.job
- c:\windows\system32\RRuui23l.exe []

2009-01-25 c:\windows\Tasks\At45.job
- c:\windows\system32\RRuui23l.exe []

2009-01-26 c:\windows\Tasks\At46.job
- c:\windows\system32\RRuui23l.exe []

2009-01-25 c:\windows\Tasks\At47.job
- c:\windows\system32\RRuui23l.exe []

2009-01-09 c:\windows\Tasks\At48.job
- c:\windows\system32\RRuui23l.exe []

2009-01-09 c:\windows\Tasks\At5.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-09 c:\windows\Tasks\At6.job
- c:\windows\system32\DL2XGJ10.exe []

2008-12-26 c:\windows\Tasks\At7.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-10 c:\windows\Tasks\At8.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-05 c:\windows\Tasks\At9.job
- c:\windows\system32\DL2XGJ10.exe []

2009-01-27 c:\windows\Tasks\kkdrupvu.job
- c:\windows\system32\cbXOGArS.dll []
.
- - - - ORPHANS REMOVED - - - -

HKCU-Explorer_Run-2 - c:\winnt\System32\GroupPolicy\User\nircmd.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://genie.wlgore.com/
uInternet Connection Wizard,ShellNext = hxxp://genie.wlgore.com/
uInternet Settings,ProxyServer = 157.204.22.4:8080
uInternet Settings,ProxyOverride = *.wlgore.com;127.0.0.1;localhost;157.204.*;chipsnd ip;32.85.*;192.168.*;<local>
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-26 19:50:37
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

c:\windows\system32\enstart.exe [776] 0x896F18C8

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1284)
c:\program files\Novell\ZENworks\ZENPOL32.DLL
c:\windows\system32\xmlparse.dll
c:\windows\system32\ZenMup.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WLTRYSVC.EXE
c:\windows\system32\BCMWLTRY.EXE
c:\windows\system32\scardsvr.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\centenn.ial\AUDIT\cagent32.exe
c:\centenn.ial\AUDIT\xferwan.exe
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\McAfee\Common Framework\FrameworkService.exe
c:\program files\McAfee\VirusScan Enterprise\VsTskMgr.exe
c:\program files\lotus\notes\ntmulti.exe
c:\program files\Novell\ZENworks\NALNTSRV.EXE
c:\program files\AT&T Global Network Client\NetCfgSv.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\stacsv.exe
c:\program files\McAfee\Common Framework\naPrdMgr.exe
c:\windows\system32\wdfmgr.exe
c:\program files\UPHClean\uphclean.exe
c:\program files\Novell\ZENworks\WM.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\DellTPad\hidfind.exe
c:\program files\DellTPad\ApntEx.exe
c:\program files\McAfee\Common Framework\Mctray.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\progra~1\MICROS~4\rapimgr.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\DesAcc\Digital Jacket\DDBServer.exe
c:\program files\Novell\ZENworks\WMRUNDLL.EXE
.
************************************************** ************************
.
Completion time: 2009-01-26 19:53:54 - machine was rebooted
ComboFix-quarantined-files.txt 2009-01-27 02:53:52

Pre-Run: 52,466,286,592 bytes free
Post-Run: 52,742,909,952 bytes free

341 --- E O F --- 2009-01-26 15:59:26
Reply With Quote
  #2  
Old January 27th, 2009, 04:38 AM
Cosmic_Charlie Cosmic_Charlie is offline
New Member
 
Join Date: Jan 2009
Posts: 3
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:55, on 2009-01-26
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Novell\XTAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Centenn.ial\Audit\CAgent32.exe
C:\Centenn.ial\Audit\xferwan.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\lotus\notes\ntmulti.exe
C:\Program Files\Novell\ZENworks\nalntsrv.exe
C:\Program Files\AT&T Global Network Client\NetCfgSv.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\Zen Rem32.exe
C:\WINDOWS\system32\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Novell\ZENworks\wm.exe
C:\WINDOWS\system32\NWTRAY.EXE
C:\WINDOWS\system32\dpmw32.exe
C:\Program Files\DellTPad\Apoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\DesAcc\Digital Jacket\DJ DICOM Server.exe
C:\Program Files\Trondent Development Corp\Infuzer\Infuzer.exe
C:\Program Files\Intellisync Mobile Suite\Client\ClientShell.exe
C:\Program Files\PrintKey2000\Printkey2000.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DesAcc\Digital Jacket\DDBServer.exe
C:\Program Files\Novell\ZENworks\WMRUNDLL.EXE
C:\WINDOWS\Explorer.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\Common Framework\McScript_InUse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://genie.wlgore.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://genie.wlgore.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = http://genie.wlgore.com/proxy/gore.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 157.204.22.4:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.wlgore.com;127.0.0.1;localhost;157.204.*;chipsnd ip;32.85.*;192.168.*;<local>
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\sw g.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [iPrint Tray] C:\WINDOWS\system32\iprntctl.exe TRAY_ICON
O4 - HKLM\..\Run: [NDPS] C:\WINDOWS\system32\dpmw32.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [AGNS_Config] nircmd execmd C:\WINDOWS\ATT_Config.cmd
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Discovery User Input] C:\Discovery\User Input\userin32.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [NetSP - restore settings on power failure] "C:\Program Files\AT&T Global Network Client\NetSP.exe" -show
O4 - HKCU\..\Run: [Infuzer] C:\Program Files\Trondent Development Corp\Infuzer\Infuzer.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKLM\..\Policies\Explorer\Run: [2] C:\Windows\System32\GroupPolicy.WksCache\User\nirc md.exe execmd C:\Windows\System32\GroupPolicy.WksCache\User\prox .cmd
O4 - HKCU\..\Policies\Explorer\Run: [1] C:\Windows\System32\GroupPolicy\User\nircmd.exe execmd C:\Windows\System32\GroupPolicy\User\prox.cmd GPRUN
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DJ DICOM Server.lnk = C:\Program Files\DesAcc\Digital Jacket\DJ DICOM Server.exe
O4 - Global Startup: Infuzer.lnk = ?
O4 - Global Startup: Mobile Suite Client.lnk = C:\Program Files\Intellisync Mobile Suite\Client\ClientShell.exe
O4 - Global Startup: Printkey2000.lnk = C:\Program Files\PrintKey2000\Printkey2000.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Novell delivered applications - {C1994287-422F-47aa-8E5E-6323E210A125} - C:\Program Files\Novell\ZENworks\AxNalServer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...oUploader5.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = usw.wlgore.com
O17 - HKLM\Software\..\Telephony: DomainName = wlgore.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = usw.wlgore.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = wlgore.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = usw.wlgore.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = wlgore.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = wlgore.com
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CentennialClientAgent - Centennial Software Limited - C:\Centenn.ial\Audit\CAgent32.exe
O23 - Service: CentennialIPTransferAgent - Centennial Software Limited - C:\Centenn.ial\Audit\xferwan.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: enstart - Unknown owner - C:\WINDOWS\system32\enstart.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\Program Files\lotus\notes\ntmulti.exe
O23 - Service: Novell Application Launcher (NALNTSERVICE) - Novell, Inc. - C:\Program Files\Novell\ZENworks\nalntsrv.exe
O23 - Service: Network Configuration Service (NetCfgSvr) - AT&T - C:\Program Files\AT&T Global Network Client\NetCfgSv.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OracleOraHome8iClientCache - Unknown owner - C:\Oracle\BIN\ONRSD.EXE
O23 - Service: Novell ZENworks Remote Management Agent (Remote Management Agent) - Novell, Inc. - C:\Program Files\Novell\ZENworks\RemoteManagement\RMAgent\Zen Rem32.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\StacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: Novell XTier Agent Services (XTAgent) - Novell, Inc. - C:\WINDOWS\System32\Novell\XTAgent.exe
O23 - Service: Workstation Manager (ZFDWM) - Novell, Inc. - C:\Program Files\Novell\ZENworks\wm.exe

--
End of file - 14308 bytes
Reply With Quote
  #3  
Old January 27th, 2009, 04:39 AM
Cosmic_Charlie Cosmic_Charlie is offline
New Member
 
Join Date: Jan 2009
Posts: 3
Malwarebytes' Anti-Malware 1.33
Database version: 1698
Windows 5.1.2600 Service Pack 2

2009-01-26 20:20:56
mbam-log-2009-01-26 (20-20-56).txt

Scan type: Quick Scan
Objects scanned: 60185
Time elapsed: 2 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
Reply With Quote
  #4  
Old January 28th, 2009, 10:33 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
 
Join Date: Dec 2004
Posts: 52,284
Welcome to CTH Cosmic_Charlie,

Looks like you just chose to do you own repairs there, which is often a very difficult place for one of us to step in on. But before we discuss any options for changes, this appears to be a business computer. As our assistance is really aimed at personal-use computers, and most of the tools we use here restricted from commercial use by their authors, if this is a business computer we would most often refer any repairs needed to the business's own staff or choices.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
DCOM Server Process Launcher terminated unexpectedly freeze1305 Malware Removal 8 June 11th, 2009 02:51 AM
DCOM Server Process Launcher service terminated - moved from XP dubouku Malware Removal 54 January 26th, 2009 11:33 PM
DCOM Server Process Launcher service terminated - moved from XP dubouku Malware Removal 1 January 5th, 2009 12:11 AM
DCOM server process launcher service terminated unexpectedly mlinny Windows Vista 27 September 28th, 2008 04:00 AM
DCOM Server Process Launcher service terminated help xbirdyx Malware Removal 68 August 23rd, 2008 03:10 PM


All times are GMT +1. The time now is 06:02 PM.