Jump to content

StevenJ

Members
 View Profile  See their activity

  • Posts

    4

  • Joined

  • Last visited

 Content Type 

Posts posted by StevenJ

    My Computer has HijackThis

    in Resolved Malware Removal Logs

    Posted

    .

    DDS (Ver_2011-08-26.01) - NTFSAMD64

    Internet Explorer: 8.0.7601.17514

    Run by TurnerAdmin at 10:01:32 on 2011-11-01

    Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.8180.6391 [GMT -7:00]

    .

    AV: Symantec Endpoint Protection *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    SP: Symantec Endpoint Protection *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

    .

    ============== Running Processes ===============

    .

    C:\Windows\system32\wininit.exe

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\STacSV64.exe

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\WUDFHost.exe

    C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\AESTSr64.exe

    C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

    C:\Windows\System32\svchost.exe -k HPZ12

    C:\Program Files (x86)\SAP\SAPsetup\setup\Updater\NwSapAutoWorkstationUpdateService.exe

    C:\Windows\System32\svchost.exe -k HPZ12

    C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe

    C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

    C:\Windows\SysWOW64\CCM\CcmExec.exe

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Windows\sysWOW64\wbem\wmiprvse.exe

    C:\Windows\system32\SearchIndexer.exe

    C:\Windows\sysWOW64\wbem\wmiprvse.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Windows\system32\taskhost.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SmcGui.exe

    C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Program Files\IDT\WDM\sttray64.exe

    C:\Program Files\Common Files\Bluebeam Software\Brewery\V45\Printer Support\BBPrint.exe

    C:\Program Files (x86)\Java\jre6\bin\jusched.exe

    C:\Program Files (x86)\SAP\SapSetup\setup\Updater\NwSapSetupUserNotificationTool.exe

    C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

    C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe

    C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe

    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

    C:\Windows\system32\SearchProtocolHost.exe

    C:\Windows\system32\SearchFilterHost.exe

    C:\Windows\system32\DllHost.exe

    C:\Windows\system32\DllHost.exe

    C:\Windows\system32\DllHost.exe

    C:\Windows\SysWOW64\cmd.exe

    C:\Windows\system32\conhost.exe

    C:\Windows\SysWOW64\cscript.exe

    .

    ============== Pseudo HJT Report ===============

    .

    mWinlogon: Userinit=userinit.exe

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

    mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

    mRun: [sAP_WUS_UNT] "C:\Program Files (x86)\SAP\SAPsetup\setup\Updater\NwSapSetupUserNotificationTool.exe"

    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"

    uPolicies-explorer: ForceStartMenuLogOff = 1 (0x1)

    mPolicies-explorer: NoActiveDesktop = 1 (0x1)

    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

    mPolicies-system: ConsentPromptBehaviorAdmin = 4 (0x4)

    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

    mPolicies-system: EnableUIADesktopToggle = 1 (0x1)

    mPolicies-system: EnableVirtualization = 0 (0x0)

    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

    mPolicies-system: FilterAdministratorToken = 1 (0x1)

    mPolicies-system: EnableLinkedConnections = 1 (0x1)

    mPolicies-system: RunLogonScriptSync = 0 (0x0)

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

    DPF: CabCCT - hxxps://ondemand.apptix.net/OCT/codebase/ActCtrl_Apptix.cab

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

    DPF: {A0C6D241-0F6B-477E-A93F-511DED3BA40A} - hxxps://collaborate.turnertalk.com/pw/FileMgtPT.CAB

    DPF: {CAFECAFE-0013-0001-0026-ABCDEFABCDEF}

    DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

    TCP: DhcpNameServer = 172.18.2.74 172.18.2.75

    TCP: Interfaces\{A798308F-91F1-4172-9B7C-CFFF5EF5F7E8} : DhcpNameServer = 172.18.2.74 172.18.2.75

    Handler: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL

    Handler: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL

    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    BHO-X64: AcroIEHelperStub - No File

    BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

    mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

    mRun-x64: [sAP_WUS_UNT] "C:\Program Files (x86)\SAP\SAPsetup\setup\Updater\NwSapSetupUserNotificationTool.exe"

    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    mRun-x64: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"

    .

    ============= SERVICES / DRIVERS ===============

    .

    R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\AESTSr64.exe [2011-9-23 89600]

    R2 NWSAPAutoWorkstationUpdateSvc;SAPSetup Automatic Workstation Update Service;C:\Program Files (x86)\SAP\SapSetup\setup\Updater\NwSapAutoWorkstationUpdateService.exe [2011-9-23 263536]

    R2 Symantec AntiVirus;Symantec Endpoint Protection;C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2010-1-20 2477304]

    R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-6-1 2345848]

    R3 cvusbdrv;Dell ControlVault;C:\Windows\system32\Drivers\cvusbdrv.sys --> C:\Windows\system32\Drivers\cvusbdrv.sys [?]

    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-9-26 136824]

    R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

    S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]

    S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\Windows\system32\DRIVERS\e1c62x64.sys --> C:\Windows\system32\DRIVERS\e1c62x64.sys [?]

    S3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]

    S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\drivers\nusb3xhc.sys --> C:\Windows\system32\drivers\nusb3xhc.sys [?]

    S3 NWDellPort;Dell Wireless Mobile Broadband Status Port Driver;C:\Windows\system32\drivers\nwdelser.sys --> C:\Windows\system32\drivers\nwdelser.sys [?]

    S3 NWDellPort2;Dell Wireless Mobile Broadband Status2 Port Driver;C:\Windows\system32\drivers\nwdelser2.sys --> C:\Windows\system32\drivers\nwdelser2.sys [?]

    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

    S3 rimspci;rimspci;C:\Windows\system32\drivers\rimspe64.sys --> C:\Windows\system32\drivers\rimspe64.sys [?]

    S3 risdpcie;risdpcie;C:\Windows\system32\drivers\risdpe64.sys --> C:\Windows\system32\drivers\risdpe64.sys [?]

    S3 rixdpcie;rixdpcie;C:\Windows\system32\drivers\rixdpe64.sys --> C:\Windows\system32\drivers\rixdpe64.sys [?]

    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]

    S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\system32\drivers\Synth3dVsc.sys --> C:\Windows\system32\drivers\Synth3dVsc.sys [?]

    S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?]

    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

    S3 tsusbhub;Remote Deskotop USB Hub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?]

    .

    =============== Created Last 30 ================

    .

    2011-10-27 16:03:40 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

    2011-10-27 15:26:43 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

    2011-10-27 15:26:35 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS

    2011-10-27 15:26:35 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys

    2011-10-17 17:13:34 -------- d-----w- C:\Program Files (x86)\Trend Micro

    2011-10-14 16:26:21 -------- d-----w- C:\Users\Administrator\AppData\Roaming\Malwarebytes

    2011-10-14 16:26:01 -------- d-----w- C:\ProgramData\Malwarebytes

    2011-10-14 16:25:57 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

    2011-10-14 16:25:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

    2011-10-14 16:23:57 -------- d-----w- C:\Users\Administrator\AppData\Local\Symantec

    2011-10-10 18:07:54 -------- d-----w- C:\Program Files (x86)\TeamViewer

    .

    ==================== Find3M ====================

    .

    2011-09-23 22:43:49 172592 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

    2011-09-23 22:31:26 205312 ----a-w- C:\Windows\System32\Turner Screen Saver 2009.scr

    2011-09-23 22:31:26 205312 ------w- C:\Windows\SysWow64\Turner Screen Saver 2009.scr

    .

    ============= FINISH: 10:01:55.99 ===============

    My Computer has HijackThis

    in Resolved Malware Removal Logs

    Posted

    Malwarebytes' Anti-Malware 1.51.2.1300

    www.malwarebytes.org

    Database version: 8062

    Windows 6.1.7601 Service Pack 1

    Internet Explorer 8.0.7601.17514

    11/1/2011 10:00:38 AM

    mbam-log-2011-11-01 (10-00-38).txt

    Scan type: Quick scan

    Objects scanned: 206770

    Time elapsed: 1 minute(s), 32 second(s)

    Memory Processes Infected: 0

    Memory Modules Infected: 0

    Registry Keys Infected: 0

    Registry Values Infected: 0

    Registry Data Items Infected: 0

    Folders Infected: 0

    Files Infected: 0

    Memory Processes Infected:

    (No malicious items detected)

    Memory Modules Infected:

    (No malicious items detected)

    Registry Keys Infected:

    (No malicious items detected)

    Registry Values Infected:

    (No malicious items detected)

    Registry Data Items Infected:

    (No malicious items detected)

    Folders Infected:

    (No malicious items detected)

    Files Infected:

    (No malicious items detected)

    My Computer has HijackThis

    in Resolved Malware Removal Logs

    Posted

    Logfile of Trend Micro HijackThis v2.0.2

    Scan saved at 10:33:30 AM, on 10/17/2011

    Platform: Unknown Windows (WinNT 6.01.3505 SP1)

    MSIE: Internet Explorer v8.00 (8.00.7601.17514)

    Boot mode: Normal

    Running processes:

    C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe

    C:\Program Files (x86)\SAP\SapSetup\setup\Updater\NwSapSetupUserNotificationTool.exe

    C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe

    C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe

    C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

    C:\Program Files (x86)\Internet Explorer\iexplore.exe

    C:\Program Files (x86)\Internet Explorer\iexplore.exe

    C:\Windows\SysWow64\Macromed\Flash\FlashUtil10d.exe

    C:\Program Files (x86)\Internet Explorer\iexplore.exe

    C:\Program Files (x86)\Internet Explorer\iexplore.exe

    C:\Program Files (x86)\Internet Explorer\iexplore.exe

    C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://tkn2.tcco.com

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tkn2.tcco.com

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    F2 - REG:system.ini: UserInit=userinit.exe

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

    O4 - HKLM\..\Run: [sAP_WUS_UNT] "C:\Program Files (x86)\SAP\SAPsetup\setup\Updater\NwSapSetupUserNotificationTool.exe"

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"

    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

    O13 - Gopher Prefix:

    O15 - Trusted Zone: *.0.0.0.0

    O15 - Trusted Zone: http://*.finance.turner

    O15 - Trusted Zone: http://*.hochtief.com

    O15 - Trusted Zone: http://turner.intellinex.com

    O15 - Trusted Zone: *.intellinex.com

    O15 - Trusted Zone: http://*.intellinex.com

    O15 - Trusted Zone: http://turner.intellinex.com

    O15 - Trusted Zone: *.intellinex.com

    O15 - Trusted Zone: http://*.tcco.com

    O15 - Trusted Zone: http://*.turnerbenefits.com

    O15 - Trusted Zone: http://www.turnerconstruction.com

    O15 - Trusted Zone: http://*.turnerknowledge.com

    O15 - Trusted Zone: http://www.turneruniversity.com

    O16 - DPF: CabCCT - https://ondemand.apptix.net/OCT/codebase/ActCtrl_Apptix.cab

    O16 - DPF: {A0C6D241-0F6B-477E-A93F-511DED3BA40A} (FileMgtPT.FileMgtCtrl) - https://collaborate.turnertalk.com/pw/FileMgtPT.CAB

    O16 - DPF: {CAFECAFE-0013-0001-0026-ABCDEFABCDEF} (JInitiator 1.3.1.26) -

    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = tcco.org

    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = tcco.org

    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = tcco.org

    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\AESTSr64.exe

    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE

    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: SAPSetup Automatic Workstation Update Service (NWSAPAutoWorkstationUpdateSvc) - SAP AG - C:\Program Files (x86)\SAP\SAPsetup\setup\Updater\NwSapAutoWorkstationUpdateService.exe

    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe

    O23 - Service: SMS Task Sequence Agent (smstsmgr) - Unknown owner - C:\Windows\SysWOW64\CCM\TSManager.exe

    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_605908f5a8a8d72c\STacSV64.exe

    O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe

    O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --

    End of file - 8440 bytes

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.