O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O20 - AppInit_DLLs: C:\WINDOWS\system32\biyedepu.dll
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = kc.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = kc.local R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Down below i'm posting my hijackthislog, kapersky scan, and random system information tool scan.Ĭ:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exeĬ:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeĬ:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEĬ:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exeĬ:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exeĬ:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeĬ:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exeĬ:\Program Files\Windows Media Player\WMPNetwk.exeĬ:\Program Files\Print Audit Inc\Print Audit 5\Client\pa5clint.exeĬ:\Program Files\Common Files\Symantec Shared\ccApp.exeĬ:\Program Files\Java\jre6\bin\jusched.exeĬ:\Documents and Settings\jsanmarti\Local Settings\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exeĬ:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exeĬ:\Program Files\Symantec\Symantec Endpoint Protection\SavUI.exeĬ:\Program Files\Internet Explorer\iexplore.exeĬ:\Program Files\Trend Micro\HijackThis\HijackThis.exe
Basically i'm getting non stop pop ups when i open up internet explorer and my symantec antivirus keeps deleting something called trojan.vundo.