arranator2 Posted April 25, 2007 Share Posted April 25, 2007 ok well just today one of my accounts on a SMF forum was hacked into, obviously the person got the accounts password somehow... so i was running some anti-virus softwares and they came up telling me my firewall, and antivirus (the built in windows stuff) had been disabled. So following these virus scans currently running i decided to do a HiJackThis check: well all help is appreciated, as i think i may have a trojan.... or keylogger somewhere... Logfile of HijackThis v1.99.1 Scan saved at 21:25:34, on 25/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss[Caution: Executable File] C:\WINDOWS\system32\csrss[Caution: Executable File] C:\WINDOWS\system32\winlogon[Caution: Executable File] C:\WINDOWS\system32\services[Caution: Executable File] C:\WINDOWS\system32\lsass[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\WINDOWS\System32\svchost[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: Executable File] C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: Executable File] C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: Executable File] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: Executable File] C:\WINDOWS\system32\spoolsv[Caution: Executable File] C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc[Caution: Executable File] C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: Executable File] C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: Executable File] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: Executable File] C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc[Caution: Executable File] C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched[Caution: Executable File] C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer[Caution: Executable File] C:\Program Files\Common Files\Symantec Shared\DJSNETCN[Caution: Executable File] C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService[Caution: Executable File] C:\WINDOWS\System32\svchost[Caution: Executable File] C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT[Caution: Executable File] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM[Caution: Executable File] C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt[Caution: Executable File] C:\Program Files\Yahoo!\NAV\navapsvc[Caution: Executable File] C:\Program Files\No-IP\DUC20[Caution: Executable File] C:\Program Files\Yahoo!\NAV\IWP\NPFMntor[Caution: Executable File] C:\WINDOWS\system32\nvsvc32[Caution: Executable File] C:\WINDOWS\system32\HPZipm12[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\WINDOWS\system32\UAService7[Caution: Executable File] C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: Executable File] C:\Program Files\Windows Media Player\WMPNetwk[Caution: Executable File] C:\WINDOWS\System32\alg[Caution: Executable File] C:\WINDOWS\Explorer[Caution: Executable File] C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray[Caution: Executable File] C:\WINDOWS\system32\RUNDLL32[Caution: Executable File] C:\PROGRA~1\Yahoo!\browser\ybrwicon[Caution: Executable File] C:\WINDOWS\system32\rundll32[Caution: Executable File] C:\PROGRA~1\Yahoo!\YOP\yop[Caution: Executable File] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE[Caution: Executable File] C:\Program Files\Java\jre1.6.0_01\bin\jusched[Caution: Executable File] C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: Executable File] C:\Program Files\HP\HP Software Update\HPWuSchd2[Caution: Executable File] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: Executable File] C:\PROGRA~1\Yahoo!\browser\ycommon[Caution: Executable File] C:\Program Files\Microsoft IntelliType Pro\type32[Caution: Executable File] C:\Program Files\Microsoft IntelliPoint\point32[Caution: Executable File] C:\Program Files\QuickTime\qttask[Caution: Executable File] C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: Executable File] C:\Program Files\FlashGet\FlashGet[Caution: Executable File] C:\WINDOWS\system32\ctfmon[Caution: Executable File] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware[Caution: Executable File] C:\Program Files\Messenger\msmsgs[Caution: Executable File] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager[Caution: Executable File] C:\Program Files\MSN Messenger\msnmsgr[Caution: Executable File] C:\Program Files\Windows Media Player\WMPNSCFG[Caution: Executable File] C:\Program Files\RapidCheck\RapidCheck[Caution: Executable File] C:\Program Files\HP\Digital Imaging\bin\hpqtra08[Caution: Executable File] C:\PROGRA~1\Yahoo!\YOP\secstat[Caution: Executable File] C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE[Caution: Executable File] C:\WINDOWS\system32\svchost[Caution: Executable File] C:\Program Files\Hitman Pro\hitmanpro2[Caution: Executable File] C:\Program Files\Internet Explorer\IEXPLORE[Caution: Executable File] C:\Program Files\Windows Media Player\wmplayer[Caution: Executable File] C:\Program Files\Yahoo!\browser\ybrowser[Caution: Executable File] C:\PROGRA~1\Yahoo!\NAV\navw32[Caution: Executable File] C:\Program Files\Spyware Doctor\swdoctor[Caution: Executable File] C:\Documents and Settings\Arran\Desktop\hijackthis\HijackThis[Caution: Executable File] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/cust ... _side.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.red.clientapps.yahoo.com/cust ... yahoo.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.bt.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/cust ... _side.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/cust ... yahoo.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Tiscali 10.0 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: War Rock Toolbar Helper - {0914953A-B6C0-42C3-983E-5213C64AFA9B} - C:\Program Files\War Rock Toolbar\v3.2.0.0\War_Rock_Toolbar.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {8777D7B8-0DBA-396C-62FB-DC94AD29276B} - (no file) O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Yahoo!\NAV\NavShExt.dll O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: War Rock Toolbar - {5D956A61-05E7-427B-A2B1-BF32FB18B1BE} - C:\Program Files\War Rock Toolbar\v3.2.0.0\War_Rock_Toolbar.dll O3 - Toolbar: SynchronEyes - {8E1233B3-485A-4E51-B77E-9E075A68C588} - C:\Program Files\SynchronEyes Teacher 6.1\SEyesIeToolbar.dll O3 - Toolbar: eSnips - {ED1184DA-E57E-4480-99D0-A16809037F54} - C:\Program Files\eSnips\SnipBar.dll O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - HKLM\..\Run: [Ptipbmf] rundll32[Caution: Executable File] ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray[Caution: Executable File]" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz[Caution: Executable File] /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: Executable File] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116[Caution: Executable File] /Q:A O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon[Caution: Executable File] O4 - HKLM\..\Run: [YOP] C:\PROGRA~1\Yahoo!\YOP\yop[Caution: Executable File] /autostart O4 - HKLM\..\Run: [YPC] C:\PROGRA~1\Yahoo!\PARENT~1\ypc[Caution: Executable File] O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE[Caution: Executable File] /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched[Caution: Executable File]" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: Executable File]" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2[Caution: Executable File] O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc[Caution: Executable File] /STARTUP O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32[Caution: Executable File]" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32[Caution: Executable File]" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: Executable File]" -atboottime O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: Executable File]" O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [Flashget] "C:\Program Files\FlashGet\FlashGet[Caution: Executable File]" /min O4 - HKLM\..\RunServices: [DJSNetCN] C:\Program Files\Common Files\Symantec Shared\DJSNETCN[Caution: Executable File] O4 - HKCU\..\Run: [CTFMON[Caution: Executable File]] C:\WINDOWS\system32\ctfmon[Caution: Executable File] O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware[Caution: Executable File] O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: Executable File]" /background O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\ypager[Caution: Executable File]" -quiet O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr[Caution: Executable File]" /background O4 - HKCU\..\Run: [spySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeper[Caution: Executable File] /0 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG[Caution: Executable File] O4 - HKCU\..\Run: [RapidCheck] C:\Program Files\RapidCheck\RapidCheck[Caution: Executable File] O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader[Caution: Executable File] O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08[Caution: Executable File] O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL[Caution: Executable File]/3000 O8 - Extra context menu item: Snip to my eSnips account - C:\Program Files\eSnips\res\SnipIt.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Program Files\ladbrokesMPP\MPPoker[Caution: Executable File] O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet[Caution: Executable File] O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet[Caution: Executable File] O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag[Caution: Executable File] (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag[Caution: Executable File] (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File] O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: Executable File] O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.virgin.net O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b31267.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/ ... .3.102.cab O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://213.196.182.244/activex/AMC.cab O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/viru ... ebscan.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b31267.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://akizuno.dyndns.org/activex/AxisCamControl.cab O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/n ... uncher.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://www.command2.co.uk/cod_ev/cabs/cssweb.cab O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.valueactive.com/mpp_2 ... lashAX.cab O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://161.115.4.53/activex/AMC.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/Mi ... b56986.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{2C5E43D7-A162-4F33-864D-BA354B7C695C}: NameServer = 192.168.1.1,192.168.1.2 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: WB - C:\Program Files\AlienGUIse\fastload.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc[Caution: Executable File] O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc[Caution: Executable File] O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr[Caution: Executable File] O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc[Caution: Executable File] O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc[Caution: Executable File] O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt[Caution: Executable File] O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd[Caution: Executable File] O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: Executable File] O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: Executable File] O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc[Caution: Executable File] O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched[Caution: Executable File] O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer[Caution: Executable File] O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\DJSNETCN[Caution: Executable File] O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT[Caution: Executable File] O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1[Caution: Executable File] O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT[Caution: Executable File] O23 - Service: MySQL - Unknown owner - C:\Program[Caution: Executable File] (file missing) O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\navapsvc[Caution: Executable File] O23 - Service: NoIPDUCService - Vitalwerks LLC - C:\Program Files\No-IP\DUC20[Caution: Executable File] O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\IWP\NPFMntor[Caution: Executable File] O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE[Caution: Executable File] O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: Executable File] O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12[Caution: Executable File] O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Yahoo!\NAV\SAVScan[Caution: Executable File] O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp[Caution: Executable File] O23 - Service: SMART Mirror Driver Monitor Service - SMART Technologies - C:\Program Files\Common Files\SMART Technologies Inc\Mirror Driver\monitorservice[Caution: Executable File] O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: Executable File] O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc[Caution: Executable File] O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: Executable File] O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7[Caution: Executable File] O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: Executable File] O23 - Service: YPCService - Yahoo! Inc. - C:\WINDOWS\system32\YPCSER~1[Caution: Executable File] [/code] Link to comment Share on other sites More sharing options...
wainwj Posted April 25, 2007 Share Posted April 25, 2007 get norton anti-virus Link to comment Share on other sites More sharing options...
arranator2 Posted April 25, 2007 Author Share Posted April 25, 2007 Ive got virus scannign softwares etc... but i need someone to analyze this list to see if they are missing anything.... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now