Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

MalWarrior infection! urgent


  • Please log in to reply

#1
arthurtwp

arthurtwp

    New Member

  • Member
  • Pip
  • 2 posts
hey guys i noe this was already attended to but i got a malwarrior infection as well. i already followed the instructions and ran a scan with combofix. below is the log. i am not sure how to go about this and am really worried because i have a paper to be handed into university soon and hope that there would be no problems really appreciate help here. thank you very very much in advance.

ComboFix 08-05-12.1 - User 2008-05-13 19:15:08.1 - NTFSx86
Running from: C:\Documents and Settings\User\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\system32\_000110_.tmp.dll
C:\WINDOWS\system32\ctfmona.exe

.
((((((((((((((((((((((((( Files Created from 2008-04-13 to 2008-05-13 )))))))))))))))))))))))))))))))
.

2008-05-13 18:42 . 2008-05-13 18:42 <DIR> d-------- C:\Program Files\Enigma Software Group
2008-05-13 16:09 . 2008-05-13 16:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adsl Software Limited
2008-05-13 16:09 . 2008-05-13 16:09 269,334 --a------ C:\WINDOWS\system32\ctfmonb.bmp
2008-05-13 16:09 . 2008-05-13 16:09 160,256 --a------ C:\WINDOWS\system32\blackster.scr
2008-05-09 18:44 . 2008-05-09 18:44 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-05-03 11:43 . 2008-05-03 11:43 65,024 --a------ C:\WINDOWS\IFinst26.exe
2008-05-01 14:36 . 2008-05-01 14:38 12,363,488 --a------ C:\WINDOWS\BMW 3 Series Coupé.exe
2008-05-01 14:36 . 2008-05-01 14:38 302,244 --a------ C:\WINDOWS\BMW 3 Series Coupé.scr
2008-05-01 14:36 . 2008-05-01 14:38 40,960 --a------ C:\WINDOWS\BMW 3 Series Coupé.dll
2008-05-01 14:36 . 2008-05-01 14:38 18,192 --a------ C:\WINDOWS\BMW 3 Series Coupé.dat
2008-05-01 12:28 . 2008-05-01 12:28 <DIR> d-------- C:\Program Files\Apple Software Update
2008-04-28 20:53 . 2008-04-28 21:05 <DIR> d-------- C:\Documents and Settings\User\Application Data\GanymedeNet
2008-04-22 12:06 . 2008-04-22 12:06 <DIR> d-------- C:\THINK_X
2008-04-22 12:06 . 1994-08-24 00:00 188,960 --a------ C:\WINDOWS\system\WINGDE.DLL
2008-04-22 12:06 . 1994-09-21 00:00 92,208 --a------ C:\WINDOWS\system\WING.DLL
2008-04-22 12:06 . 1994-09-21 00:00 12,800 --a------ C:\WINDOWS\system\WING32.DLL
2008-04-22 12:06 . 1994-09-21 00:00 6,736 --a------ C:\WINDOWS\system\WINGDIB.DRV
2008-04-22 12:06 . 1994-09-21 00:00 5,024 --a------ C:\WINDOWS\system\WINGPAL.WND
2008-04-22 12:06 . 1994-06-27 00:00 1,966 --a------ C:\WINDOWS\system\DVA.386
2008-04-22 12:06 . 2008-04-25 18:03 49 --a------ C:\WINDOWS\TC.INI
2008-04-19 13:40 . 2003-05-23 10:10 26,112 -ra------ C:\WINDOWS\LgUninst.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-10 06:40 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-09 00:57 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-05-08 14:31 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-04-26 11:51 --------- d-----w C:\Documents and Settings\User\Application Data\Apple Computer
2008-04-22 12:10 --------- d-----w C:\Documents and Settings\User\Application Data\My Battle for Middle-earth™ II Files
2008-04-22 08:31 --------- d-----w C:\Documents and Settings\User\Application Data\Hamachi
2008-04-21 11:18 31,856 ----a-w C:\Documents and Settings\User\Application Data\GDIPFONTCACHEV1.DAT
2008-04-11 07:18 --------- d--h--w C:\Documents and Settings\All Users\Application Data\{0E8E33D8-193A-414A-A909-0F101A142D26}
2008-04-11 07:13 --------- d-----w C:\Program Files\Stardock Games
2008-04-11 05:01 --------- d-----w C:\Program Files\QuickTime
2008-04-10 07:13 --------- d-----w C:\Program Files\iTunes
2008-04-10 07:12 --------- d-----w C:\Program Files\iPod
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 13:06 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-25 08:03 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-16 08:44 4,608 ----a-w C:\WINDOWS\system32\w95inf32.dll
2008-02-16 08:44 2,272 ----a-w C:\WINDOWS\system32\w95inf16.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 10:34 5724184]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 20:00 15360]
"MalWarrior"="C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\MalWarrior 2008\Malwarrior.exe" [2008-05-13 16:10 1025536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 21:05 344064]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 07:56 139264]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 18:20 339968 C:\WINDOWS\stsystra.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 03:25 144784]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-04 20:00 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 20:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 20:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-04 20:00 455168]
"DVDLauncher"="C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 16:19 53248]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-03-16 05:33 127037]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50 81920]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2006-09-19 08:07 827392]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-01-17 11:42 58728]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-11-23 09:30 100056]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 21:16 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"sjbhyymn"="C:\WINDOWS\system32\sjbhyymn.exe" [ ]
"enzx"="C:\WINDOWS\system32\enzx.exe" [ ]
"ctfmona"="C:\WINDOWS\system32\ctfmona.exe" [ ]
"SpyHunter Security Suite"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe" [2008-01-23 15:47 847872]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= D:\Eugene\Games\Maplesea\l3codeca.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Eugene\\hamachi\\hamachi.exe"=
"D:\\Eugene\\Games\\Maplesea\\MapleStory.exe"=
"C:\\Program Files\\LucasArts\\Star Wars Galactic Battlegrounds Saga\\Game\\battlegrounds_x1.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"D:\\Eugene\\Games\\Battefield 2\\BF2.exe"=
"D:\\Eugene\\Games\\BFME 2\\game.dat"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Stardock Games\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"=

R3 2WIREPCP;2Wire USB;C:\WINDOWS\system32\DRIVERS\2WirePCP.sys [2004-10-19 06:44]
S2 o3iaraaay;Dell Printer Status Watcher;C:\WINDOWS\system32\enzx.exe []
S3 PVUSB;CESG502 USB Driver;C:\WINDOWS\system32\DRIVERS\CESG502.sys [2008-02-19 18:17]

*Newly Created Service* - CATCHME
*Newly Created Service* - MCHINJDRV
.
Contents of the 'Scheduled Tasks' folder
"2008-05-12 11:30:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-09 16:51:58 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - User.job"
- C:\PROGRA~1\NORTON~1\Navw32.exeh/task:
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-13 19:24:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll

PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\Enigma Software Group\SpyHunter\SpyHunterMonitor.dll
.
Completion time: 2008-05-13 19:28:46
ComboFix-quarantined-files.txt 2008-05-13 11:27:39

Pre-Run: 19,948,138,496 bytes free
Post-Run: 21,203,890,176 bytes free

145 --- E O F --- 2008-05-10 14:30:00
  • 0

Advertisements


#2
arthurtwp

arthurtwp

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
also, i keep getting a pop up from norton anivirus about a trojan trying to invade. prior to malwarrior, have had no problems with this. however, now i keep getting this pop up about an intrusion: http trojan zlob activity(risk high). does anyone have any ideas.

also, below is the log for hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:59:13 PM, on 5/13/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\progra~1\common~1\instal~1\update~1\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Symantec Shared\NMain.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [sjbhyymn] C:\WINDOWS\system32\sjbhyymn.exe
O4 - HKLM\..\Run: [enzx] C:\WINDOWS\system32\enzx.exe
O4 - HKLM\..\Run: [ctfmona] C:\WINDOWS\system32\ctfmona.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.appl...ex/qtplugin.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zon...1/GAME_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.mi...b?1190211656890
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zon...nt.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zon...er.cab56986.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Dell Printer Status Watcher (o3iaraaay) - Unknown owner - C:\WINDOWS\system32\enzx.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 9951 bytes
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP