Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I've tried everything!

Started by DrWatson , Nov 09 2005 05:03 PM

  • This topic is locked This topic is locked

#1
DrWatson
Posted 09 November 2005 - 05:03 PM

DrWatson

    Member

  • Member
  • PipPip
  • 33 posts
Here is my Hijack This Logfile: :tazz:

Logfile of HijackThis v1.99.1
Scan saved at 4:01:53 PM, on 11/9/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINNT\system32\CTSvcCDA.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\PixVue.Com\PixVue\bin\Daemon.exe
C:\WINNT\system32\UAService7.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINNT\System32\CTHELPER.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINNT\SYSTEM32\USRmlnkA.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINNT\SYSTEM32\USRshutA.exe
C:\WINNT\SYSTEM32\USRmlnkA.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINNT\System32\BTSetBootKey.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\PROGRA~1\AIM\aim.exe
C:\WINNT\SCMain.exe
C:\WINNT\WCMain.exe
C:\Program Files\Trend Micro\Tmas\Tmas.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\palmOne\HOTSYNC.EXE
C:\WINNT\FSScrCtl.exe
C:\Program Files\Extended Systems\XTNDConnect Blue Manager\XTNDConnect Blue Manager\XCBluMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\EXTEND~1\XTNDCO~1\XTNDCO~1\SUSHIM~1.EXE
C:\Program Files\Extended Systems\XTNDConnect Blue Manager\btprot.exe
C:\PROGRA~1\EXTEND~1\XTNDCO~1\XTNDCO~1\BTUI_M~1.EXE
C:\WINNT\System32\wuauclt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.fin...siteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.fin...siteyouneed.com
R3 - Default URLSearchHook is missing
O1 - Hosts: 205.238.40.2 www.winmx.com
O1 - Hosts: 205.238.40.2 err.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1302.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3310.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3312.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3313.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3314.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3316.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3317.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3318.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3319.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1304.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1304.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1304.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1304.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1304.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1304.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1304.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1304.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1304.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1304.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1305.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1305.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1305.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1305.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1305.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1305.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1305.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1305.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1305.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1305.winmx.com
O1 - Hosts: 205.238.40.2 c3310.z1306.winmx.com
O1 - Hosts: 67.18.233.36 c3311.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3312.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3313.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3314.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3315.z1306.winmx.com
O1 - Hosts: 67.18.233.36 c3316.z1306.winmx.com
O1 - Hosts: 82.43.224.20 c3317.z1306.winmx.com
O1 - Hosts: 209.67.209.50 c3318.z1306.winmx.com
O1 - Hosts: 212.227.64.159 c3319.z1306.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3521.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3522.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3523.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3524.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3525.z1301.winmx.com
O1 - Hosts: 67.18.233.36 c3526.z1301.winmx.com
O1 - Hosts: 82.43.224.20 c3527.z1301.winmx.com
O1 - Hosts: 209.67.209.50 c3528.z1301.winmx.com
O1 - Hosts: 212.227.64.159 c3529.z1301.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3521.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3522.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3523.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3524.z1302.winmx.com
O1 - Hosts: 205.238.40.2 c3525.z1302.winmx.com
O1 - Hosts: 67.18.233.36 c3526.z1302.winmx.com
O1 - Hosts: 82.43.224.20 c3527.z1302.winmx.com
O1 - Hosts: 209.67.209.50 c3528.z1302.winmx.com
O1 - Hosts: 212.227.64.159 c3529.z1302.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3521.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3522.z1303.winmx.com
O1 - Hosts: 209.67.209.50 c3523.z1303.winmx.com
O1 - Hosts: 212.227.64.159 c3524.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3525.z1303.winmx.com
O1 - Hosts: 67.18.233.36 c3526.z1303.winmx.com
O1 - Hosts: 82.43.224.20 c3527.z1303.winmx.com
O1 - Hosts: 209.67.209.50 c3528.z1303.winmx.com
O1 - Hosts: 212.227.64.159 c3529.z1303.winmx.com
O1 - Hosts: 205.238.40.2 c3520.z1304.winmx.com
O1 - Hosts: 67.18.233.36 c3521.z1304.winmx.com
O1 - Hosts: 82.43.224.20 c3522.z1304.winmx.com
O1 - Hosts: 209.67.209.50 c3523.z1304.winmx.com
O1 - Hosts: 212.227.64.159 c3524.z1304.winmx.com
O1 - Hosts: 205.238.40.2 c3525.z1304.winmx.com
O1 - Hosts: 67.18.233.36 c3526.z1304.winmx.com
O1 - Hosts: 82.43.224.20 c3527.z1304.winmx.com
O1 - Hosts: 209.67.209.50 c3528.z1304.winmx.com
O3 - Toolbar: &PixVue - {B28B4479-D9C2-41D1-B74D-74A1827037CD} - C:\Program Files\PixVue.Com\PixVue\bin\PixVue.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Accoona - {364B6276-C6C1-40B6-A6D7-6C48871FD707} - C:\Program Files\Accoona\atoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Zango Toolbar - {EA0D26BD-9029-431A-86E0-83152D67828A} - C:\Program Files\Zango Programs\Zango Toolbar\ZangoTB.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINNT\UpdReg.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [USRpdA] C:\WINNT\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpdA
O4 - HKLM\..\Run: [ML1HelperStartUp] C:\PROGRA~1\MIDNIG~1\ML1HEL~1.EXE /partner ML1
O4 - HKLM\..\Run: [P2P Networking] C:\WINNT\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [BTUSRBDG] BtUsrBdg.exe
O4 - HKLM\..\Run: [BTSETBOOTKEY] BTSetBootKey.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
O4 - HKCU\..\Run: [HistoryKill] C:\Program Files\HistoryKill\\histkill.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\PROGRA~1\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.exe
O4 - HKCU\..\Run: [oqkw] C:\PROGRA~1\COMMON~1\oqkw\oqkwm.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Startup: Screen Saver Control.lnk = C:\WINNT\FSScrCtl.exe
O4 - Global Startup: Stardust Screen Saver Control 2003.lnk = C:\WINNT\SCMain.exe
O4 - Global Startup: Stardust Wallpaper Control 2003.lnk = C:\WINNT\WCMain.exe
O4 - Global Startup: Startup.exe
O4 - Global Startup: Trend Micro Anti-Spyware.lnk = C:\Program Files\Trend Micro\Tmas\Tmas.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Search - http://kl.bar.need2f...earch.html?p=KL
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~1\AIM\aim.exe
O16 - DPF: {49DB1B20-4E35-4E2E-8C6F-765E238865D6} - http://militaryclien.....e Toolbar.cab
O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} - http://static.zangoc.../bridge-c18.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pdownloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/...s/msnchat45.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.ao.../ampx_en_dl.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: PixVue - C:\Program Files\PixVue.Com\PixVue\bin\WinLogon.DLL
O20 - Winlogon Notify: Uninstall - C:\WINNT\system32\jt2407fqe.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\TTdOQ0RQUk8\command.exe (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\system32\CTSvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PixVue - PixVue.Com - C:\Program Files\PixVue.Com\PixVue\bin\Daemon.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINNT\system32\UAService7.exe


:)
  • 0

Advertisements

#2
Crustyoldbloke
Posted 10 November 2005 - 10:39 AM

Crustyoldbloke

    Old Malware Surgeon with a shaky scalpel

  • Retired Staff
  • 15,131 posts
We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click here: http://www.microsoft...&DisplayLang=en
Apply the update, reboot, and post a fresh Hijack This log.
  • 0

#3
DrWatson
Posted 11 November 2005 - 02:30 PM

DrWatson

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Here is my new Hijack This Logfile:

Logfile of HijackThis v1.99.1
Scan saved at 4:25:04 PM, on 11/12/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINNT\System32\CTHELPER.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINNT\SYSTEM32\USRmlnkA.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
C:\WINNT\SYSTEM32\USRshutA.exe
C:\WINNT\SYSTEM32\USRmlnkA.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\WINNT\system32\CTSvcCDA.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINNT\system32\UAService7.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopMail.exe
C:\WINNT\System32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iTunes\iTunes.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\unzipped\hijackthis\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.search.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn...st/srchasst.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft...er=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft...=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...B_PVER}&ar=home
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn...st/srchasst.htm
O1 - Hosts: 127.0.0.1 www.pacimedia.com
O1 - Hosts: 127.0.0.1 www.pacimedia.com
O1 - Hosts: 127.0.0.1 clear-search.com
O1 - Hosts: 127.0.0.1 r1.clrsch.com
O1 - Hosts: 127.0.0.1 sds.clrsch.com
O1 - Hosts: 127.0.0.1 status.clrsch.com
O1 - Hosts: 127.0.0.1 www.clrsch.com
O1 - Hosts: 127.0.0.1 clr-sch.com
O1 - Hosts: 127.0.0.1 sds-qckads.com
O1 - Hosts: 127.0.0.1 status.qckads.com
O1 - Hosts: 127.0.0.1 www.qoolaid.com
O1 - Hosts: 127.0.0.1 www.qoologic.com
O1 - Hosts: 127.0.0.1 www.CLKPrecision.com
O1 - Hosts: 127.0.0.1 www.urllogic.com
O1 - Hosts: 127.0.0.1 www.clkoptimizer.com
O1 - Hosts: 127.0.0.1 www.isearch.com
O1 - Hosts: 127.0.0.1 isearch.com
O1 - Hosts: 127.0.0.1 www.idownload.com
O1 - Hosts: 127.0.0.1 idownload.com
O1 - Hosts: 127.0.0.1 www.mytotalsearch.com
O1 - Hosts: 127.0.0.1 mytotalsearch.com
O1 - Hosts: 127.0.0.1 www.lop.com
O1 - Hosts: 127.0.0.1 lop.com
O1 - Hosts: 127.0.0.1 www.websearch.com
O1 - Hosts: 127.0.0.1 websearch.com
O1 - Hosts: 127.0.0.1 www.page-not-found.net
O1 - Hosts: 127.0.0.1 page-not-found.net
O1 - Hosts: 127.0.0.1 www.isearchhere.com
O1 - Hosts: 127.0.0.1 isearchhere.com
O1 - Hosts: 127.0.0.1 xads.offeroptimizer.comm
O1 - Hosts: 127.0.0.1 search.offeroptimizer.com
O1 - Hosts: 127.0.0.1 ximages.offeroptimizer.com
O1 - Hosts: 127.0.0.1 xlime.offeroptimizer.com
O1 - Hosts: 127.0.0.1 xadsj-o.offeroptimizer.com
O1 - Hosts: 127.0.0.1 xadsj.offeroptimizer.com
O1 - Hosts: 127.0.0.1 www.offeroptimizer.com
O1 - Hosts: 127.0.0.1 as.adwave.com
O1 - Hosts: 127.0.0.1 sr.adwave.com
O1 - Hosts: 127.0.0.1 www.adwave.com
O1 - Hosts: 127.0.0.1 adwave.com EVENT:HOST:127.0.0.1
O1 - Hosts: 127.0.0.1 www.pacimedia.com
O1 - Hosts: 127.0.0.1 www.igetnet.com
O1 - Hosts: 127.0.0.1 code.ignphrases.com
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [USRpdA] C:\WINNT\SYSTEM32\USRmlnkA.exe RunServices \Device\3cpipe-USRpdA
O4 - HKLM\..\Run: [P2P Networking] C:\WINNT\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O10 - Unknown file in Winsock LSP: c:\winnt\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\winrnr.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll
O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\rsvpsp.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\rsvpsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\google\google desktop search\googledesktopnetwork1.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\mswsock.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\mswsock.dll
O15 - Trusted Zone: http://free.aol.com
O16 - DPF: DirectAnimation Java Classes - file://C:\WINNT\Java\classes\dajava.cab
O16 - DPF: Microsoft XML Parser for Java - file://C:\WINNT\Java\classes\xmldso.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.micr...922/wmv9VCM.CAB
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://java.sun.com/...indows-i586.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupd...8545.8843402778
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} (Java Runtime Environment 1.5.0) - http://java.sun.com/...indows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINNT\System32\msvidctl.dll
O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINNT\System32\msvidctl.dll
O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINNT\System32\inetcomm.dll
O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\System32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINNT\System32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\System32\mshtml.dll
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\System32\msdxm.ocx
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINNT\System32\wiascr.dll
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINNT\system32\urlmon.dll
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINNT\system32\urlmon.dll
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINNT\system32\urlmon.dll
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINNT\system32\urlmon.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINNT\system32\SHELL32.dll
O20 - Winlogon Notify: Explorer - C:\WINNT\system32\r4p8le7u1h.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINNT\System32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINNT\System32\stobject.dll
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINNT\system32\SHELL32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINNT\system32\SHELL32.dll
O23 - Service: Alerter - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Application Layer Gateway Service (ALG) - Microsoft Corporation - C:\WINNT\System32\alg.exe
O23 - Service: Application Management (AppMgmt) - Microsoft Corporation - C:\WINNT\system32\svchost.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: Windows Audio (AudioSrv) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Background Intelligent Transfer Service (BITS) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Computer Browser (Browser) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Indexing Service (cisvc) - Microsoft Corporation - C:\WINNT\system32\cisvc.exe
O23 - Service: ClipBook (ClipSrv) - Microsoft Corporation - C:\WINNT\system32\clipsrv.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\TTdOQ0RQUk8\command.exe (file missing)
O23 - Service: COM+ System Application (COMSysApp) - Microsoft Corporation - C:\WINNT\System32\dllhost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINNT\system32\CTSvcCDA.EXE
O23 - Service: Cryptographic Services (CryptSvc) - Microsoft Corporation - C:\WINNT\system32\svchost.exe
O23 - Service: DHCP Client (Dhcp) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Microsoft Corp., Veritas Software - C:\WINNT\System32\dmadmin.exe
O23 - Service: Logical Disk Manager (dmserver) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: DNS Client (Dnscache) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Error Reporting Service (ERSvc) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Event Log (Eventlog) - Microsoft Corporation - C:\WINNT\system32\services.exe
O23 - Service: COM+ Event System (EventSystem) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Fast User Switching Compatibility (FastUserSwitchingCompatibility) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Fax - Microsoft Corporation - C:\WINNT\system32\fxssvc.exe
O23 - Service: Help and Support (helpsvc) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Microsoft Corporation - C:\WINNT\System32\imapi.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Server (lanmanserver) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Workstation (lanmanworkstation) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: TCP/IP NetBIOS Helper (LmHosts) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Messenger - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: NetMeeting Remote Desktop Sharing (mnmsrvc) - Microsoft Corporation - C:\WINNT\System32\mnmsrvc.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Microsoft Corporation - C:\WINNT\System32\msdtc.exe
O23 - Service: Windows Installer (MSIServer) - Microsoft Corporation - C:\WINNT\System32\msiexec.exe
O23 - Service: Network DDE (NetDDE) - Microsoft Corporation - C:\WINNT\system32\netdde.exe
O23 - Service: Network DDE DSDM (NetDDEdsdm) - Microsoft Corporation - C:\WINNT\system32\netdde.exe
O23 - Service: Net Logon (Netlogon) - Microsoft Corporation - C:\WINNT\System32\lsass.exe
O23 - Service: Network Connections (Netman) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Network Location Awareness (NLA) (Nla) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Microsoft Corporation - C:\WINNT\System32\lsass.exe
O23 - Service: Removable Storage (NtmsSvc) - Microsoft Corporation - C:\WINNT\system32\svchost.exe
O23 - Service: Plug and Play (PlugPlay) - Microsoft Corporation - C:\WINNT\system32\services.exe
O23 - Service: IPSEC Services (PolicyAgent) - Microsoft Corporation - C:\WINNT\System32\lsass.exe
O23 - Service: Protected Storage (ProtectedStorage) - Microsoft Corporation - C:\WINNT\system32\lsass.exe
O23 - Service: Remote Access Auto Connection Manager (RasAuto) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Remote Access Connection Manager (RasMan) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Remote Desktop Help Session Manager (RDSessMgr) - Microsoft Corporation - C:\WINNT\system32\sessmgr.exe
O23 - Service: Remote Registry (RemoteRegistry) - Microsoft Corporation - C:\WINNT\system32\svchost.exe
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Microsoft Corporation - C:\WINNT\System32\locator.exe
O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Microsoft Corporation - C:\WINNT\system32\svchost.exe
O23 - Service: QoS RSVP (RSVP) - Microsoft Corporation - C:\WINNT\System32\rsvp.exe
O23 - Service: Security Accounts Manager (SamSs) - Microsoft Corporation - C:\WINNT\system32\lsass.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe
O23 - Service: Smart Card Helper (SCardDrv) - Microsoft Corporation - C:\WINNT\System32\SCardSvr.exe
O23 - Service: Smart Card (SCardSvr) - Microsoft Corporation - C:\WINNT\System32\SCardSvr.exe
O23 - Service: Task Scheduler (Schedule) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Secondary Logon (seclogon) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: System Event Notification (SENS) - Microsoft Corporation - C:\WINNT\system32\svchost.exe
O23 - Service: Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS) (SharedAccess) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Shell Hardware Detection (ShellHWDetection) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Print Spooler (Spooler) - Microsoft Corporation - C:\WINNT\system32\spoolsv.exe
O23 - Service: System Restore Service (srservice) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: SSDP Discovery Service (SSDPSRV) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Windows Image Acquisition (WIA) (stisvc) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Microsoft Corporation - C:\WINNT\System32\dllhost.exe
O23 - Service: Performance Logs and Alerts (SysmonLog) - Microsoft Corporation - C:\WINNT\system32\smlogsvc.exe
O23 - Service: Telephony (TapiSrv) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Terminal Services (TermService) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Themes - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Telnet (TlntSvr) - Microsoft Corporation - C:\WINNT\System32\tlntsvr.exe
O23 - Service: Distributed Link Tracking Client (TrkWks) - Microsoft Corporation - C:\WINNT\system32\svchost.exe
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Microsoft Corporation - C:\WINNT\System32\wdfmgr.exe
O23 - Service: Universal Plug and Play Device Host (upnphost) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Uninterruptible Power Supply (UPS) - Microsoft Corporation - C:\WINNT\System32\ups.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINNT\system32\UAService7.exe
O23 - Service: Utility Manager (UtilMan) - Microsoft Corporation - C:\WINNT\System32\UtilMan.exe
O23 - Service: Volume Shadow Copy (VSS) - Microsoft Corporation - C:\WINNT\System32\vssvc.exe
O23 - Service: Windows Time (W32Time) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: WebClient - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Windows Management Instrumentation (winmgmt) - Microsoft Corporation - C:\WINNT\system32\svchost.exe
O23 - Service: Portable Media Serial Number Service (WmdmPmSN) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Portable Media Serial Number (WmdmPmSp) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: Windows Management Instrumentation Driver Extensions (Wmi) - Microsoft Corporation - C:\WINNT\System32\svchost.exe
O23 - Service: WMI Performance Adapter (WmiApSrv) - Microsoft Corporation - C:\WINNT\System32\wbem\wmiapsrv.exe
O23 - Service: Automatic Updates (wuauserv) - Microsoft Corporation - C:\WINNT\system32\svchost.exe
O23 - Service: Wireless Zero Configuration (WZCSVC) - Microsoft Corporation - C:\WINNT\System32\svchost.exe

A PM was sent to Dr Watson from COB - since there has been no response, the thread is now closed.

Edited by Crustyoldbloke, 21 November 2005 - 03:19 AM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP