Jump to content

seankga

Members
 View Profile  See their activity

  • Posts

    6

  • Joined

  • Last visited

 Content Type 

Posts posted by seankga

    Cant install/ run Malwarebytes after getting Trojan

    in Resolved Malware Removal Logs

    Posted

    Here they are, thanks.

    DDS.txt:

    DDS (Ver_09-03-16.01) - NTFSx86

    Run by skelley at 9:34:02.35 on 2009-03-18

    Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_10

    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.532 [GMT -4:00]

    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch

    svchost.exe

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

    C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

    svchost.exe

    svchost.exe

    C:\WINDOWS\System32\WLTRYSVC.EXE

    C:\WINDOWS\System32\bcmwltry.exe

    C:\WINDOWS\system32\spoolsv.exe

    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    C:\Program Files\DesktopAuthority\RaMaint.exe

    C:\Program Files\DesktopAuthority\DesktopAuthority.exe

    C:\Program Files\Java\jre6\bin\jqs.exe

    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

    C:\WINDOWS\system32\svchost.exe -k imgsvc

    C:\Program Files\AVG\AVG8\avgrsx.exe

    C:\WINDOWS\system32\slagent.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\system32\igfxpers.exe

    C:\Program Files\DesktopAuthority\ragui.exe

    C:\WINDOWS\system32\WLTRAY.exe

    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

    C:\WINDOWS\stsystra.exe

    C:\WINDOWS\system32\taskswitch.exe

    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

    C:\Program Files\Apoint\Apoint.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Documents and Settings\skelley\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

    C:\Program Files\DNA\btdna.exe

    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

    C:\Program Files\Apoint\HidFind.exe

    C:\Program Files\Apoint\Apntex.exe

    C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcrobatInfo.exe

    C:\Documents and Settings\skelley\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = file://rsbc1/intranet/index.htm

    BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\adobe acrobat 7.0\activex\AcroIEHelper.dll

    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll

    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

    BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

    BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL

    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll

    BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No File

    BHO: {C9C42510-9B21-41c1-9DCD-8382A2D07C61} - No File

    BHO: IE Developer Toolbar BHO: {cc7e636d-39aa-49b6-b511-65413da137a1} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll

    TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL

    EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll

    EB: IE Developer Toolbar: {a202b231-ef71-4a08-bdb9-4ce5ae8bde0a} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

    uRun: [Google Update] "c:\documents and settings\skelley\local settings\application data\google\update\GoogleUpdate.exe" /c

    uRun: [bitTorrent DNA] "c:\program files\dna\btdna.exe"

    uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

    mRun: [igfxtray] c:\windows\system32\igfxtray.exe

    mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe

    mRun: [igfxpers] c:\windows\system32\igfxpers.exe

    mRun: [Desktop Authority GUI] "c:\program files\desktopauthority\ragui.exe"

    mRun: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

    mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe

    mRun: [intelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"

    mRun: [intelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

    mRun: [sigmatelSysTrayApp] stsystra.exe

    mRun: [WinVNC] "c:\program files\ultravnc\WinVNC.exe" -servicehelper

    mRun: [CoolSwitch] c:\windows\system32\taskswitch.exe

    mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe

    mRun: [Realtime Monitor] c:\progra~1\ca\etrust~1\realmon.exe -s

    mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

    mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

    mRun: [PKWARE Certificate Proxy Client] c:\progra~1\pkware\pkzipw\pkpcsr.exe

    mRun: [Apoint] c:\program files\apoint\Apoint.exe

    StartupFolder: c:\docume~1\skelley\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe

    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hotsyn~1.lnk - c:\program files\palm\Hotsync.exe

    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE

    uPolicies-explorer: DisablePersonalDirChange = 1 (0x1)

    IE: Convert link target to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Convert link target to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Convert selected links to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

    IE: Convert selected links to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

    IE: Convert selection to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Convert selection to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Convert to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Convert to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000

    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

    IE: {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - {CC962137-2E78-4F94-975E-FC0C07DBD78F} - c:\program files\microsoft\internet explorer developer toolbar\IEDevToolbar.dll

    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab

    DPF: {44C1E3A2-B594-401C-B27A-D1B4476E4797} - hxxps://remote.roswellstreet.com/XTSAC.cab

    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1235193978000

    DPF: {7584C670-2274-4EFB-B00B-D6AABA6D3850} - hxxps://remote.roswellstreet.com/msrdp.cab

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab

    DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab

    DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab

    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\pkmcdo.dll

    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll

    Notify: avgrsstarter - avgrsstx.dll

    Notify: igfxcui - igfxdev.dll

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\skelley\applic~1\mozilla\firefox\profiles\hwcek3z2.default\

    FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll

    FF - component: c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

    FF - plugin: c:\documents and settings\skelley\local settings\application data\google\update\1.2.141.5\npGoogleOneClick7.dll

    FF - plugin: c:\program files\adobe\reader\browser\nppdf32.dll

    FF - plugin: c:\program files\mozilla firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll

    ============= SERVICES / DRIVERS ===============

    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-8-24 325128]

    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-8-24 27656]

    R2 DAInfo;Desktop Authority Kernel Information Provider;c:\program files\desktopauthority\rainfo.sys [2008-6-4 6400]

    R2 DAMaint;Desktop Authority Maintenance Service;c:\program files\desktopauthority\ramaint.exe [2008-6-4 49152]

    R2 DesktopAuthority;Desktop Authority Service;c:\program files\desktopauthority\DesktopAuthority.exe [2008-6-4 1081344]

    R3 DAmirr;DAmirr;c:\windows\system32\drivers\DAmirr.sys [2008-6-4 2944]

    S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-6-26 29744]

    S4 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-4 298264]

    =============== Created Last 30 ================

    2009-03-16 21:42 113,847 a----r-- c:\windows\system32\drivers\Apfiltr.sys

    2009-03-16 21:42 95,511 a----r-- c:\windows\system32\Vxdif.dll

    2009-03-16 21:42 <DIR> --d----- c:\program files\Apoint

    2009-03-16 15:47 <DIR> --d----- c:\program files\Trend Micro

    2009-03-16 09:49 161,792 a------- c:\windows\SWREG.exe

    2009-03-16 09:49 98,816 a------- c:\windows\sed.exe

    2009-03-16 09:47 <DIR> --d----- C:\123456789

    2009-03-16 09:40 <DIR> --d----- C:\renoFix

    2009-03-13 10:49 45,056 a------- c:\windows\system32\WNASPI32.DLL

    2009-03-13 10:49 16,512 a------- c:\windows\system32\drivers\ASPI32.SYS

    2009-03-13 09:20 <DIR> --dshr-- C:\cmdcons

    2009-03-13 09:20 <DIR> --d----- c:\windows\setup.pss

    2009-03-13 09:20 <DIR> --d----- c:\windows\setupupd

    2009-03-11 10:23 21,622 a------- c:\windows\system32\AAWService_2009_03_11_10_23_58.dmp

    2009-03-11 00:46 <DIR> --d----- c:\program files\Spybot - Search & Destroy

    2009-03-11 00:46 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy

    2009-03-10 23:39 <DIR> --d----- c:\program files\Lavasoft

    2009-03-10 22:52 <DIR> --d----- C:\31.6.6389

    2009-03-10 15:05 1,152 a------- c:\windows\system32\windrv.sys

    2009-03-09 21:46 <DIR> --d----- c:\program files\Enigma Software Group

    2009-03-05 17:53 <DIR> --d----- c:\program files\DNA

    2009-03-05 17:53 <DIR> --d----- c:\docume~1\skelley\applic~1\DNA

    2009-03-04 09:37 <DIR> --d----- c:\docume~1\skelley\applic~1\Malwarebytes

    2009-03-04 09:37 15,504 a------- c:\windows\system32\drivers\mbam.sys

    2009-03-04 09:37 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys

    2009-03-04 09:37 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware

    2009-03-04 09:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes

    2009-02-21 03:44 <DIR> --d----- C:\0bdcdda7fbb2ea5367e69b75

    2009-02-21 03:30 63,488 -c------ c:\windows\system32\dllcache\icardie.dll

    2009-02-21 03:04 333,952 -c------ c:\windows\system32\dllcache\srv.sys

    2009-02-21 03:02 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys

    2009-02-21 03:01 1,106,944 -c------ c:\windows\system32\dllcache\msxml3.dll

    2009-02-21 03:01 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll

    2009-02-21 03:01 2,189,184 -c------ c:\windows\system32\dllcache\ntoskrnl.exe

    2009-02-21 03:01 2,066,048 -c------ c:\windows\system32\dllcache\ntkrnlpa.exe

    2009-02-21 03:00 1,846,400 -c------ c:\windows\system32\dllcache\win32k.sys

    2009-02-21 03:00 331,776 -c------ c:\windows\system32\dllcache\msadce.dll

    2009-02-21 02:59 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll

    2009-02-21 02:57 272,128 -c------ c:\windows\system32\dllcache\bthport.sys

    2009-02-21 02:57 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys

    2009-02-21 02:40 221,184 a------- c:\windows\system32\wmpns.dll

    2009-02-21 02:26 <DIR> --d----- c:\windows\system32\scripting

    2009-02-21 02:26 <DIR> --d----- c:\windows\l2schemas

    2009-02-21 02:26 <DIR> --d----- c:\windows\system32\en

    2009-02-21 02:26 <DIR> --d----- c:\windows\system32\bits

    2009-02-21 02:19 <DIR> --d----- c:\windows\ServicePackFiles

    2009-02-21 02:15 <DIR> --d----- c:\windows\network diagnostic

    2009-02-21 01:49 104,960 -------- c:\windows\system32\drivers\atinrvxx.sys

    2009-02-21 01:27 31,768 a------- c:\windows\system32\wucltui.dll.mui

    2009-02-21 01:27 18,456 a------- c:\windows\system32\wuaueng.dll.mui

    2009-02-21 01:27 <DIR> --d----- c:\windows\system32\SoftwareDistribution

    2009-02-21 01:27 23,576 a------- c:\windows\system32\wuaucpl.cpl.mui

    2009-02-21 01:27 23,576 a------- c:\windows\system32\wuapi.dll.mui

    2009-02-21 01:20 <DIR> --d----- C:\4604f652beba65845e8ead18d6e313

    2009-02-17 16:45 <DIR> --d----- c:\program files\MSECache

    ==================== Find3M ====================

    2009-02-21 02:31 88,579 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

    2009-02-04 09:55 325,128 a------- c:\windows\system32\drivers\avgldx86.sys

    2009-02-04 09:55 10,520 a------- c:\windows\system32\avgrsstx.dll

    2008-12-27 04:03 89,480 a------- c:\docume~1\skelley\applic~1\GDIPFONTCACHEV1.DAT

    2008-12-20 19:15 826,368 a------- c:\windows\system32\wininet.dll

    ============= FINISH: 9:34:38.94 ===============

    Attach.txt

    Attach.txt

    Cant install/ run Malwarebytes after getting Trojan

    in Resolved Malware Removal Logs

    Posted

    OK, I still could not run Mbam at first, but was able to rename combofix and it worked. It deleted a bunch of files. After it was done I was able to run mbam. Here is the Mbam log:

    Malwarebytes' Anti-Malware 1.34

    Database version: 1854

    Windows 5.1.2600 Service Pack 3

    2009-03-16 11:14:18

    mbam-log-2009-03-16 (11-14-18).txt

    Scan type: Full Scan (C:\|)

    Objects scanned: 202367

    Time elapsed: 50 minute(s), 11 second(s)

    Memory Processes Infected: 0

    Memory Modules Infected: 0

    Registry Keys Infected: 0

    Registry Values Infected: 0

    Registry Data Items Infected: 0

    Folders Infected: 0

    Files Infected: 5

    Memory Processes Infected:

    (No malicious items detected)

    Memory Modules Infected:

    (No malicious items detected)

    Registry Keys Infected:

    (No malicious items detected)

    Registry Values Infected:

    (No malicious items detected)

    Registry Data Items Infected:

    (No malicious items detected)

    Folders Infected:

    (No malicious items detected)

    Files Infected:

    C:\Qoobox\Quarantine\C\WINDOWS\system32\UACivxepatn.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.

    C:\Qoobox\Quarantine\C\WINDOWS\system32\UAClutosupq.dll.vir (Rootkit.TDSS) -> Quarantined and deleted successfully.

    C:\Qoobox\Quarantine\C\WINDOWS\system32\UACrtqsqmtw.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.

    C:\Qoobox\Quarantine\C\WINDOWS\system32\UACwefqrssj.dll.vir (Rootkit.TDSS) -> Quarantined and deleted successfully.

    C:\Qoobox\Quarantine\C\WINDOWS\system32\UACwoekwqqp.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully.

    I ran Mbam again after it found those infections and the second time it found nothing.

    The combo fix log info is below. Hopefully I am all done.

    ComboFix 09-03-15.01 - skelley 2009-03-16 10:01:35.1 - NTFSx86

    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.622 [GMT -4:00]

    Running from: c:\documents and settings\skelley\Desktop\stupid.exe

    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    c:\documents and settings\skelley\Application Data\Google\mcscrlp32.dll

    c:\windows\f49f4daa.dat

    c:\windows\system32\drivers\UACfuxdqbrp.sys

    c:\windows\system32\lowsec

    c:\windows\system32\lowsec\local.ds

    c:\windows\system32\lowsec\user.ds

    c:\windows\system32\lowsec\user.ds.lll

    c:\windows\system32\sdra64.exe

    c:\windows\system32\uacinit.dll

    c:\windows\system32\UACivxepatn.dll

    c:\windows\system32\UACltoarlar.log

    c:\windows\system32\UAClutosupq.dll

    c:\windows\system32\UACrtqsqmtw.dll

    c:\windows\system32\UACsjenxdap.log

    c:\windows\system32\UACtmiawgfm.log

    c:\windows\system32\UACwefqrssj.dll

    c:\windows\system32\UACwoekwqqp.dll

    c:\windows\system32\UACwxjoepap.dat

    .

    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    -------\Service_UACd.sys

    ((((((((((((((((((((((((( Files Created from 2009-02-16 to 2009-03-16 )))))))))))))))))))))))))))))))

    .

    2009-03-16 09:47 . 2009-03-16 09:47 <DIR> d-------- C:\123456789

    2009-03-16 09:40 . 2009-03-16 09:44 <DIR> d-------- C:\renoFix

    2009-03-16 09:25 . 2009-03-16 09:25 <DIR> d-------- c:\documents and settings\administrator.DOMAIN\Application Data\HotSync

    2009-03-16 09:24 . 2008-06-04 23:47 <DIR> d-------- c:\documents and settings\administrator.DOMAIN\Application Data\Intel

    2009-03-16 09:24 . 2009-03-16 09:25 <DIR> d-------- c:\documents and settings\administrator.DOMAIN\Application Data\AVGTOOLBAR

    2009-03-16 09:24 . 2009-03-16 09:24 <DIR> d-------- c:\documents and settings\administrator.DOMAIN

    2009-03-13 10:49 . 2005-11-21 01:48 45,056 --a------ c:\windows\system32\WNASPI32.DLL

    2009-03-13 10:49 . 2005-11-21 01:48 16,512 --a------ c:\windows\system32\drivers\ASPI32.SYS

    2009-03-11 10:23 . 2009-03-11 10:23 21,622 --a------ c:\windows\system32\AAWService_2009_03_11_10_23_58.dmp

    2009-03-11 00:46 . 2009-03-11 16:40 <DIR> d-------- c:\program files\Spybot - Search & Destroy

    2009-03-11 00:46 . 2009-03-11 16:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

    2009-03-10 23:39 . 2009-03-11 15:03 <DIR> d-------- c:\program files\Lavasoft

    2009-03-10 23:39 . 2009-03-11 15:03 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft

    2009-03-10 22:52 . 2009-03-10 22:52 <DIR> d-------- C:\31.6.6389

    2009-03-10 15:05 . 2009-03-10 15:05 1,152 --a------ c:\windows\system32\windrv.sys

    2009-03-10 15:01 . 2009-03-10 15:01 <DIR> d-------- c:\documents and settings\Administrator\Application Data\PKWARE

    2009-03-10 00:02 . 2008-06-04 23:47 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Intel

    2009-03-10 00:02 . 2009-03-10 00:02 <DIR> d-------- c:\documents and settings\Administrator

    2009-03-09 21:46 . 2009-03-11 14:57 <DIR> d-------- c:\program files\Enigma Software Group

    2009-03-05 17:53 . 2009-03-16 10:12 <DIR> d-------- c:\program files\DNA

    2009-03-05 17:53 . 2009-03-16 10:12 <DIR> d-------- c:\documents and settings\skelley\Application Data\DNA

    2009-03-04 09:37 . 2009-03-16 09:26 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

    2009-03-04 09:37 . 2009-03-04 09:37 <DIR> d-------- c:\documents and settings\skelley\Application Data\Malwarebytes

    2009-03-04 09:37 . 2009-03-04 09:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes

    2009-03-04 09:37 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

    2009-03-04 09:37 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys

    2009-03-02 17:29 . 2009-03-02 17:29 <DIR> d-------- c:\program files\Opera

    2009-02-21 03:44 . 2009-02-21 03:45 <DIR> d-------- C:\0bdcdda7fbb2ea5367e69b75

    2009-02-21 03:30 . 2008-12-20 19:15 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll

    2009-02-21 03:04 . 2008-12-11 06:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys

    2009-02-21 03:02 . 2008-10-24 07:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys

    2009-02-21 03:01 . 2008-08-14 06:11 2,189,184 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe

    2009-02-21 03:01 . 2008-08-14 05:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe

    2009-02-21 03:01 . 2008-09-04 13:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll

    2009-02-21 03:01 . 2008-10-15 12:34 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll

    2009-02-21 03:00 . 2008-09-15 08:12 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys

    2009-02-21 03:00 . 2008-05-01 10:33 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll

    2009-02-21 02:59 . 2008-04-11 15:04 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll

    2009-02-21 02:57 . 2008-06-13 07:05 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys

    2009-02-21 02:57 . 2008-05-08 10:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys

    2009-02-21 02:40 . 2004-08-04 06:00 221,184 --a------ c:\windows\system32\wmpns.dll

    2009-02-21 02:26 . 2009-02-21 02:26 <DIR> d-------- c:\windows\system32\scripting

    2009-02-21 02:26 . 2009-02-21 02:26 <DIR> d-------- c:\windows\system32\en

    2009-02-21 02:26 . 2009-02-21 02:26 <DIR> d-------- c:\windows\system32\bits

    2009-02-21 02:26 . 2009-02-21 02:26 <DIR> d-------- c:\windows\l2schemas

    2009-02-21 02:19 . 2009-02-21 02:19 <DIR> d-------- c:\windows\ServicePackFiles

    2009-02-21 01:49 . 2004-08-03 23:29 701,440 --------- c:\windows\system32\drivers\ati2mtag.sys

    2009-02-21 01:27 . 2008-10-16 15:09 43,544 --a------ c:\windows\system32\wups2.dll

    2009-02-21 01:27 . 2008-10-16 15:09 31,768 --a------ c:\windows\system32\wucltui.dll.mui

    2009-02-21 01:27 . 2008-10-16 15:07 23,576 --a------ c:\windows\system32\wuaucpl.cpl.mui

    2009-02-21 01:27 . 2008-10-16 15:07 23,576 --a------ c:\windows\system32\wuapi.dll.mui

    2009-02-21 01:27 . 2008-10-16 15:07 18,456 --a------ c:\windows\system32\wuaueng.dll.mui

    2009-02-21 01:20 . 2009-02-21 02:38 <DIR> d-------- C:\4604f652beba65845e8ead18d6e313

    2009-02-17 16:45 . 2009-02-17 16:45 <DIR> d-------- c:\program files\MSECache

    .

    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2009-03-16 13:59 --------- d-----w c:\program files\DesktopAuthority

    2009-03-11 19:13 --------- d-----w c:\program files\Google

    2009-03-10 07:24 --------- d-----w c:\documents and settings\All Users\Application Data\avg8

    2009-03-01 20:37 --------- d-----w c:\documents and settings\skelley\Application Data\Nvu

    2009-02-25 20:01 --------- d-----w c:\program files\Paint.NET

    2009-02-06 21:18 --------- d-----w c:\documents and settings\skelley\Application Data\FileZilla

    2009-02-06 06:49 --------- d-----w c:\program files\FileZilla

    2009-02-04 17:26 --------- d-----w c:\program files\IrfanView

    2009-02-04 13:55 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys

    2009-02-03 19:42 --------- d-----w c:\documents and settings\skelley\Application Data\VSRevoGroup

    2009-01-30 16:52 --------- d-----w c:\documents and settings\skelley\Application Data\OpenOffice.org

    2009-01-30 16:46 --------- d-----w c:\program files\OpenOffice.org 3

    2009-01-30 16:46 --------- d-----w c:\program files\JRE

    2009-01-30 16:42 --------- d-----w c:\program files\OpenOffice.org 2.4

    2009-01-30 16:16 --------- d-----w c:\documents and settings\skelley\Application Data\CoreFTP

    2009-01-30 16:16 --------- d-----w c:\documents and settings\All Users\Application Data\TEMP

    2009-01-30 16:12 --------- d-----w c:\program files\FileZilla FTP Client

    2009-01-30 15:13 --------- d-----w c:\documents and settings\skelley\Application Data\OpenOffice.org2

    2009-01-29 22:19 --------- d-----w c:\program files\MSBuild

    2009-01-29 22:14 --------- d-----w c:\program files\Reference Assemblies

    2009-01-29 19:32 --------- d-----w c:\program files\PhotoScape

    2009-01-29 19:29 --------- d-----w c:\documents and settings\skelley\Application Data\gtk-2.0

    2009-01-29 19:04 --------- d-----w c:\program files\GIMP-2.0

    2009-01-23 20:49 --------- d-----w c:\documents and settings\skelley\Application Data\SecondLife

    2009-01-23 16:13 --------- d-----w c:\program files\Support Tools

    2009-01-23 16:13 --------- d-----w c:\program files\Nvu

    2009-01-23 16:06 --------- d-----w c:\program files\VS Revo Group

    2009-01-21 16:26 --------- d-----w c:\documents and settings\skelley\Application Data\ACSTechnologies

    2008-12-27 08:03 89,480 ----a-w c:\documents and settings\skelley\Application Data\GDIPFONTCACHEV1.DAT

    2008-06-26 18:58 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll

    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Note* empty entries & legit default entries are not shown

    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]

    "Google Update"="c:\documents and settings\skelley\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-04 133104]

    "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-03-05 321344]

    "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "igfxtray"="c:\windows\system32\igfxtray.exe" [2006-07-14 94208]

    "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-07-14 77824]

    "igfxpers"="c:\windows\system32\igfxpers.exe" [2006-07-14 118784]

    "Desktop Authority GUI"="c:\program files\DesktopAuthority\ragui.exe" [2005-03-24 409600]

    "Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-13 143360]

    "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2006-11-01 1392640]

    "IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-10-18 802816]

    "IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-10-18 696320]

    "WinVNC"="c:\program files\UltraVNC\WinVNC.exe" [2004-02-15 622661]

    "CoolSwitch"="c:\windows\system32\taskswitch.exe" [2002-03-19 45632]

    "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-04 1601304]

    "Realtime Monitor"="c:\progra~1\CA\ETRUST~1\realmon.exe" [2004-04-06 504080]

    "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]

    "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]

    "PKWARE Certificate Proxy Client"="c:\progra~1\PKWARE\PKZIPW\pkpcsr.exe" [2008-08-04 238928]

    "SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 c:\windows\stsystra.exe]

    c:\documents and settings\skelley\Start Menu\Programs\Startup\

    OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000]

    c:\documents and settings\All Users\Start Menu\Programs\Startup\

    HOTSYNCSHORTCUTNAME.lnk - c:\program files\Palm\Hotsync.exe [2004-06-09 471040]

    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

    "DisablePersonalDirChange"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

    2009-02-04 09:55 10520 c:\windows\system32\avgrsstx.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

    "vidc.3IV2"= 3ivxVfWCodec_dec.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    @=""

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

    "%windir%\\system32\\sessmgr.exe"=

    "c:\\Program Files\\Macromedia\\Contribute 3\\Contribute.exe"=

    "c:\\Program Files\\iTunes\\iTunes.exe"=

    "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=

    "%windir%\\system32\\drivers\\svchost.exe"=

    "c:\\Program Files\\DNA\\btdna.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

    "2000:TCP"= 2000:TCP:DA Remote Management

    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-08-24 325128]

    R2 DAInfo;Desktop Authority Kernel Information Provider;c:\program files\DesktopAuthority\rainfo.sys [2008-06-04 6400]

    R2 DAMaint;Desktop Authority Maintenance Service;c:\program files\DesktopAuthority\ramaint.exe [2008-06-04 49152]

    R2 DesktopAuthority;Desktop Authority Service;c:\program files\DesktopAuthority\DesktopAuthority.exe [2008-06-04 1081344]

    R3 DAmirr;DAmirr;c:\windows\system32\drivers\DAmirr.sys [2008-06-04 2944]

    S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2008-06-26 29744]

    S4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-04 298264]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1576e50c-3ba6-11dd-b848-0015c559bbd9}]

    \Shell\AutoRun\command - f:\system\viewer\FlipVideoforPC.exe

    \Shell\Flip Video for PC\command - f:\system\viewer\FlipVideoforPC.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d60d8d77-c668-11dd-b95a-0015c559bbd9}]

    \Shell\AutoRun\command - E:\setupSNK.exe

    .

    Contents of the 'Scheduled Tasks' folder

    2009-03-11 c:\windows\Tasks\Ad-Aware Update (Weekly).job

    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

    2009-03-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1580436667-1202660629-1282.job

    - c:\documents and settings\skelley\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-04 08:56]

    .

    - - - - ORPHANS REMOVED - - - -

    BHO-{C9C42510-9B21-41c1-9DCD-8382A2D07C61} - (no file)

    HKLM-Run-SNM - c:\program files\SpyNoMore\SNM.exe

    .

    ------- Supplementary Scan -------

    .

    uStart Page = file://rsbc1/intranet/index.htm

    IE: Convert link target to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Convert link target to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

    IE: Convert selected links to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

    IE: Convert selection to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Convert selection to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Convert to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

    IE: Convert to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000

    FF - ProfilePath - c:\documents and settings\skelley\Application Data\Mozilla\Firefox\Profiles\hwcek3z2.default\

    FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll

    FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll

    FF - plugin: c:\documents and settings\skelley\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll

    FF - plugin: c:\program files\Adobe\Reader\browser\nppdf32.dll

    FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll

    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

    Rootkit scan 2009-03-16 10:13:28

    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully

    hidden files: 0

    **************************************************************************

    .

    ------------------------ Other Running Processes ------------------------

    .

    c:\program files\Intel\Wireless\Bin\EvtEng.exe

    c:\program files\Intel\Wireless\Bin\S24EvMon.exe

    c:\program files\Intel\Wireless\Bin\WLKEEPER.exe

    c:\windows\system32\WLTRYSVC.EXE

    c:\windows\system32\BCMWLTRY.EXE

    c:\windows\system32\scardsvr.exe

    c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    c:\program files\Java\jre6\bin\jqs.exe

    c:\program files\Intel\Wireless\Bin\RegSrvc.exe

    c:\progra~1\AVG\AVG8\avgrsx.exe

    c:\windows\system32\SLAgent.exe

    .

    **************************************************************************

    .

    Completion time: 2009-03-16 10:16:43 - machine was rebooted [skelley]

    ComboFix-quarantined-files.txt 2009-03-16 14:16:40

    Pre-Run: 32,336,429,056 bytes free

    Post-Run: 32,718,430,208 bytes free

    244

    Cant install/ run Malwarebytes after getting Trojan

    in Resolved Malware Removal Logs

    Posted

    OK I have been fighting this thing for a couple days now trying to get something working with almost no success.

    I am running WinXP, CA Etrust Antivirus and for extra protection I have AVG free version. I had Malwarebytes installed but would not run until this morning.

    My computer got a Trojan horse Pakes.CKF and the Spyware Protect 2009. At first it was just annoying with the on top pop ups Spyware Protect 2009, and also one for Google INstaller that is still poping up. I also cannot boot into Windows every time. Sometimes as soon as I hit OK after entering my password it just stays on the blue screen, other times I see my desktop wallpaper and that is all. When that happens I can run things from Taskmanager.

    I scanned with both virus scanners, Etrust apparently was not up to date because it did not find anything. AVG found the Trojan but would not clean it. Later on Etrust found and cleaned it once I got it updated. The popups are gone and I am getting a clean scan.

    However, I cannot install or run any spyware removal tools. I cannot even go to their websites. I have been able to download them through Download.com, but when trying to go to the websites I get a blank page. I can go to other webpages unless they involve spyware removal.

    I already had Malwarebytes installed, but it would not run. ONe note here is that when I try and run it the process shows up in Task Manager. Through Download.com I have redownloaded the Malwarebytes install and it will not do anything. Spybot installed, but will not run. Adaware installed but would not run. This morning I removed Malwarebytes to reinstall because now I can boot into Windows almost every time, so its looking better but Malwarebytes would not install. I also tried Hijackthis with the same results, download from Download.com and try to install with no results.

    I tried this yesterday and it worked, but today it will not. CMD /C SC QUERY >C:\MYSERVICES.TXT | NOTEPAD C:\MYSERVICES.TXT I will post the results from yesterday below.

    I have disabled both virus scans by following these instructions

    "Click on START - RUN and type in SERVICES.MSC and click OK

    Then scroll down through the entire list and look for ALL services with the word Etrust and AVG in the list.

    Write down on a piece of paper their current STARTUP TYPE setting. ie. AUTO, MANUAL, DISABLED

    Then set all of those with the word McAfee in them to DISABLED and reboot your computer and attempt to install MBAM again."

    I did the things here http://www.malwarebytes.org/forums/index.php?showtopic=2936

    Logs from yesterday - not sure why when I run this today it just brings up a blank txt document.

    SERVICE_NAME: ALG
    DISPLAY_NAME: Application Layer Gateway Service
    TYPE : 10 WIN32_OWN_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: Apple Mobile Device
    DISPLAY_NAME: Apple Mobile Device
    TYPE : 10 WIN32_OWN_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: AudioSrv
    DISPLAY_NAME: Windows Audio
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: avg8wd
    DISPLAY_NAME: AVG Free8 WatchDog
    TYPE : 10 WIN32_OWN_PROCESS
    STATE : 4 RUNNING
    (NOT_STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: Browser
    DISPLAY_NAME: Computer Browser
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: CryptSvc
    DISPLAY_NAME: Cryptographic Services
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: DAMaint
    DISPLAY_NAME: Desktop Authority Maintenance Service
    TYPE : 110 WIN32_OWN_PROCESS (interactive)
    STATE : 4 RUNNING
    (STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: DcomLaunch
    DISPLAY_NAME: DCOM Server Process Launcher
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: DesktopAuthority
    DISPLAY_NAME: Desktop Authority Service
    TYPE : 110 WIN32_OWN_PROCESS (interactive)
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: Dhcp
    DISPLAY_NAME: DHCP Client
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: Dnscache
    DISPLAY_NAME: DNS Client
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: ERSvc
    DISPLAY_NAME: Error Reporting Service
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: Eventlog
    DISPLAY_NAME: Event Log
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (NOT_STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: EventSystem
    DISPLAY_NAME: COM+ Event System
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: EvtEng
    DISPLAY_NAME: Intel® PROSet/Wireless Event Log
    TYPE : 10 WIN32_OWN_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: helpsvc
    DISPLAY_NAME: Help and Support
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: HidServ
    DISPLAY_NAME: HID Input Service
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: InoRPC
    DISPLAY_NAME: eTrust Antivirus RPC Server
    TYPE : 10 WIN32_OWN_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: InoRT
    DISPLAY_NAME: eTrust Antivirus Realtime Server
    TYPE : 10 WIN32_OWN_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: InoTask
    DISPLAY_NAME: eTrust Antivirus Job Server
    TYPE : 10 WIN32_OWN_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: JavaQuickStarterService
    DISPLAY_NAME: Java Quick Starter
    TYPE : 10 WIN32_OWN_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: lanmanserver
    DISPLAY_NAME: Server
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: lanmanworkstation
    DISPLAY_NAME: Workstation
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: LmHosts
    DISPLAY_NAME: TCP/IP NetBIOS Helper
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: Messenger
    DISPLAY_NAME: Messenger
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: Netlogon
    DISPLAY_NAME: Net Logon
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: Netman
    DISPLAY_NAME: Network Connections
    TYPE : 120 WIN32_SHARE_PROCESS (interactive)
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: Nla
    DISPLAY_NAME: Network Location Awareness (NLA)
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: PlugPlay
    DISPLAY_NAME: Plug and Play
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (NOT_STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: PolicyAgent
    DISPLAY_NAME: IPSEC Services
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: ProtectedStorage
    DISPLAY_NAME: Protected Storage
    TYPE : 120 WIN32_SHARE_PROCESS (interactive)
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: RasMan
    DISPLAY_NAME: Remote Access Connection Manager
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: RegSrvc
    DISPLAY_NAME: Intel® PROSet/Wireless Registry Service
    TYPE : 10 WIN32_OWN_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: RemoteRegistry
    DISPLAY_NAME: Remote Registry
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: RpcSs
    DISPLAY_NAME: Remote Procedure Call (RPC)
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: S24EventMonitor
    DISPLAY_NAME: Intel® PROSet/Wireless Service
    TYPE : 110 WIN32_OWN_PROCESS (interactive)
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: SamSs
    DISPLAY_NAME: Security Accounts Manager
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: SCardSvr
    DISPLAY_NAME: Smart Card
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: Schedule
    DISPLAY_NAME: Task Scheduler
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: seclogon
    DISPLAY_NAME: Secondary Logon
    TYPE : 120 WIN32_SHARE_PROCESS (interactive)
    STATE : 4 RUNNING
    (STOPPABLE,PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: SENS
    DISPLAY_NAME: System Event Notification
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: SharedAccess
    DISPLAY_NAME: Windows Firewall/Internet Connection Sharing (ICS)
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: ShellHWDetection
    DISPLAY_NAME: Shell Hardware Detection
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: Spooler
    DISPLAY_NAME: Print Spooler
    TYPE : 110 WIN32_OWN_PROCESS (interactive)
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: srservice
    DISPLAY_NAME: System Restore Service
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: SSDPSRV
    DISPLAY_NAME: SSDP Discovery Service
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: stisvc
    DISPLAY_NAME: Windows Image Acquisition (WIA)
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: TapiSrv
    DISPLAY_NAME: Telephony
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: TermService
    DISPLAY_NAME: Terminal Services
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: Themes
    DISPLAY_NAME: Themes
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: TrkWks
    DISPLAY_NAME: Distributed Link Tracking Client
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: W32Time
    DISPLAY_NAME: Windows Time
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: WebClient
    DISPLAY_NAME: WebClient
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: winmgmt
    DISPLAY_NAME: Windows Management Instrumentation
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: WLANKEEPER
    DISPLAY_NAME: Intel® PROSet/Wireless SSO Service
    TYPE : 110 WIN32_OWN_PROCESS (interactive)
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: wltrysvc
    DISPLAY_NAME: Dell Wireless WLAN Tray Service
    TYPE : 110 WIN32_OWN_PROCESS (interactive)
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: wuauserv
    DISPLAY_NAME: Automatic Updates
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0
    SERVICE_NAME: WudfSvc
    DISPLAY_NAME: Windows Driver Foundation - User-mode Driver Framework
    TYPE : 20 WIN32_SHARE_PROCESS
    STATE : 4 RUNNING
    (NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
    WIN32_EXIT_CODE : 0 (0x0)
    SERVICE_EXIT_CODE : 0 (0x0)
    CHECKPOINT : 0x0
    WAIT_HINT : 0x0

    Thanks

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.