Jump to content

trojans returning


zoidys

Recommended Posts

i keep getting these trojans returning.

keep running malwarebytes and finding them , eset keep quarentining them but they keep comeing back, here is a list

can anyone help me get ride of them for good

thanks in advace rolleyes.gif

19/01/2010 18:13:31 Real-time file system protection file C:\Users\stuart\FgjFxH.exe Win32/TrojanDownloader.Delf.PFZ trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

19/01/2010 18:13:31 Real-time file system protection file C:\Users\stuart\WnTFlJ.exe a variant of Win32/Kryptik.BWP trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

19/01/2010 18:13:30 Real-time file system protection file C:\Users\stuart\rzYlqH.exe a variant of Win32/Olmarik.SV trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

19/01/2010 18:13:29 Real-time file system protection file C:\Users\stuart\HHeeCV.exe a variant of Win32/Cimag.BM trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

19/01/2010 17:36:38 Real-time file system protection file C:\Users\stuart\wkcwZb.exe Win32/TrojanDownloader.Delf.PFZ trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

19/01/2010 17:36:37 Real-time file system protection file C:\Users\stuart\IPUhdq.exe a variant of Win32/Kryptik.BWP trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

19/01/2010 17:36:35 Real-time file system protection file C:\Users\stuart\CCAAkp.exe a variant of Win32/Cimag.BM trojan cleaned by deleting (after the next restart) - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

19/01/2010 17:36:35 Real-time file system protection file C:\Users\stuart\uXYdvC.exe a variant of Win32/Olmarik.SV trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

19/01/2010 17:36:35 Real-time file system protection file C:\Users\stuart\AppData\Local\lSCNTV.dll a variant of Win32/Cimag.BM trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\CCAAkp.exe.

18/01/2010 23:08:20 Real-time file system protection file C:\Users\stuart\wSxwRj.exe a variant of Win32/TrojanDownloader.Delf.PFZ trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 23:08:19 Real-time file system protection file C:\Users\stuart\cOLQJX.exe a variant of Win32/Kryptik.BUW trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 23:08:19 Real-time file system protection file C:\Users\stuart\AppData\Local\lSCNTV.dll a variant of Win32/Cimag.BK trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\OGjIsZ.exe.

18/01/2010 23:08:18 Real-time file system protection file C:\Users\stuart\BEvJbO.exe a variant of Win32/Kryptik.BUZ trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 23:08:18 Real-time file system protection file C:\Users\stuart\OGjIsZ.exe a variant of Win32/Cimag.BK trojan cleaned by deleting (after the next restart) - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 23:01:11 Real-time file system protection file F:\$RECYCLE.BIN\S-1-5-21-2008373190-4038388624-2740936903-1001\$RUTBATX.exe probably unknown NewHeur_PE virus deleted - quarantined zoidys\stuart Event occurred on a file modified by the application: C:\Program Files (x86)\uTorrent\uTorrent.exe.

18/01/2010 22:53:28 Real-time file system protection file C:\Users\stuart\LtJLKo.exe a variant of Win32/TrojanDownloader.Delf.PFZ trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 22:53:27 Real-time file system protection file C:\Users\stuart\zgdRYe.exe a variant of Win32/Kryptik.BUW trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 22:53:26 Real-time file system protection file C:\Users\stuart\nqNYQg.exe a variant of Win32/Kryptik.BUZ trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 22:53:25 Real-time file system protection file C:\Users\stuart\griilM.exe a variant of Win32/Cimag.BK trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 22:35:37 Real-time file system protection file C:\Users\stuart\YyLYIh.exe a variant of Win32/TrojanDownloader.Delf.PFZ trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 22:35:34 Real-time file system protection file C:\Users\stuart\XqGnCO.exe a variant of Win32/Kryptik.BUW trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 22:35:32 Real-time file system protection file C:\Users\stuart\zBjCsT.exe a variant of Win32/Kryptik.BUZ trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 22:35:32 Real-time file system protection file C:\Users\stuart\TTeeyH.exe a variant of Win32/Cimag.BK trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 22:13:21 Real-time file system protection file C:\Users\stuart\tDPtKY.exe a variant of Win32/TrojanDownloader.Delf.PFZ trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 22:13:19 Real-time file system protection file C:\Users\stuart\RvUqkw.exe a variant of Win32/Kryptik.BUW trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 22:13:17 Real-time file system protection file C:\Users\stuart\rSskVv.exe a variant of Win32/Kryptik.BUZ trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 22:13:15 Real-time file system protection file C:\Users\stuart\vvQQDj.exe a variant of Win32/Cimag.BK trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 07:13:39 Real-time file system protection file C:\Users\stuart\ibBpJj.exe a variant of Win32/Kryptik.BUW trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 07:13:38 Real-time file system protection file C:\Users\stuart\EDqJvb.exe a variant of Win32/Kryptik.BUZ trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

18/01/2010 07:13:37 Real-time file system protection file C:\Users\stuart\bCMMsw.exe a variant of Win32/Cimag.BK trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

17/01/2010 17:29:40 Real-time file system protection file C:\Users\stuart\gTRHFX.exe a variant of Win32/Kryptik.BUW trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

17/01/2010 17:29:39 Real-time file system protection file C:\Users\stuart\wltFYT.exe a variant of Win32/Kryptik.BUZ trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

17/01/2010 17:29:39 Real-time file system protection file C:\Users\stuart\TVBxrv.exe a variant of Win32/Cimag.BK trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

17/01/2010 17:20:36 Real-time file system protection file C:\Users\stuart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\89QV4RLK\win_protection_update[2].exe Win32/Adware.PrivacyCenter.AO application deleted (after the next restart) - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\axzaYv.exe.

17/01/2010 17:20:16 HTTP filter file http://lkrtsoft.in/get.php?sc=1&id=02947 Win32/Adware.PrivacyCenter.AO application connection terminated - quarantined zoidys\stuart Threat was detected upon access to web by the application: C:\Users\stuart\axzaYv.exe.

17/01/2010 17:20:00 HTTP filter file http://lkrtsoft.in/get.php?sc=1&id=02947 Win32/Adware.PrivacyCenter.AO application connection terminated - quarantined zoidys\stuart Threat was detected upon access to web by the application: C:\Users\stuart\axzaYv.exe.

17/01/2010 17:17:43 Real-time file system protection file C:\Users\stuart\OsqRuw.exe a variant of Win32/Kryptik.BUW trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

17/01/2010 17:17:42 Real-time file system protection file C:\Users\stuart\hPEuNe.exe a variant of Win32/Kryptik.BUZ trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

17/01/2010 17:17:41 Real-time file system protection file C:\Users\stuart\wwooCa.exe a variant of Win32/Cimag.BK trojan cleaned by deleting - quarantined zoidys\stuart Event occurred on a new file created by the application: C:\Users\stuart\iexplore.exe.

Link to post
Share on other sites

here is my malware log

Malwarebytes' Anti-Malware 1.44

Database version: 3598

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

19/01/2010 18:10:47

mbam-log-2010-01-19 (18-10-47).txt

Scan type: Full Scan (C:\|)

Objects scanned: 227203

Time elapsed: 21 minute(s), 7 second(s)

Memory Processes Infected: 1

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

C:\Users\stuart\fusit.exe (Trojan.Downloader) -> Unloaded process successfully.

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\VB and VBA Program Settings\tm (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fusit (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Users\stuart\fusit.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Users\stuart\iexplore.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Link to post
Share on other sites

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:05:30, on 19/01/2010

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Windows\SysWOW64\bgsvcgen.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

C:\Program Files (x86)\O2\bin\sprtsvc.exe

C:\Windows\System32\StkCSrv.exe

C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\Program Files (x86)\Lexmark 9300 Series\lxcqmon.exe

C:\Program Files (x86)\Lexmark 9300 Series\ezprint.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files (x86)\myiHome\app\myiHome-server.exe

C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe

C:\Windows\SysWOW64\svchost.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\O2\bin\sprtcmd.exe

C:\Program Files (x86)\Java\jre6\bin\jusched.exe

C:\Users\stuart\qoulaeg.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe

C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe

C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe

C:\Program Files (x86)\Spyware Doctor\pctsTray.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/firefox?client=fir...:en-GB:official

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [uVS10 Preload] C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe

O4 - HKLM\..\Run: [O2] "C:\Program Files (x86)\O2\bin\sprtcmd.exe" /P O2

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [iSTray] "C:\Program Files (x86)\Spyware Doctor\pctsTray.exe"

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [klxis] C:\Users\stuart\klxis.exe

O4 - HKCU\..\Run: [zeejig] C:\Users\stuart\zeejig.exe

O4 - HKCU\..\Run: [qoulaeg] C:\Users\stuart\qoulaeg.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: BBC iPlayer Desktop.lnk = C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe

O4 - Global Startup: myiHome Server.lnk = C:\Program Files (x86)\myiHome\app\myiHome-server.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O13 - Gopher Prefix:

O15 - Trusted Zone: http://*.broadband.o2.co.uk

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\SysWOW64\bgsvcgen.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: lxcq_device - - C:\Windows\system32\lxcqcoms.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files (x86)\WinPcap\rpcapd.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SupportSoft Sprocket Service (O2) (sprtsvc_O2) - SupportSoft, Inc. - C:\Program Files (x86)\O2\bin\sprtsvc.exe

O23 - Service: Syntek AVStream USB2.0 ATV Service (StkSSrv) - Unknown owner - C:\Windows\System32\StkCSrv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11193 bytes

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.