hijack this log

  1. 04-04-2005  #1
    $lim
    $lim is offline Newbie

    hijack this log

    I have ran spybot, ad-aware, and microsoft antispyware three times each in safe mode. Fianlly they are not picking anything up. When i start in normal mode, and open IE i get about 3-4 pops up and when IE is maximized it is only about 2/3 of the screen. I ran anti-virus ( Trend micro) after all of that and it does not find anything. I am not to sure as which to remove from the hijack this log so i decided to post it here.

    Logfile of HijackThis v1.99.1
    Scan saved at 2:22:19 PM, on 4/4/2005
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\Intel\ASF Agent\AS***ent.exe
    C:\WINNT\system32\svchost.exe
    C:\Program Files\ATI Technologies\Fire GL Control Panel\atiisrgl.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe
    C:\OfficeScan NT\ntrtscan.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\OfficeScan NT\tmlisten.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\inetsrv\inetinfo.exe
    C:\OfficeScan NT\ofcdog.exe
    C:\WINNT\Explorer.EXE
    C:\OfficeScan NT\PCCNTMON.EXE
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\WINNT\system32\ctfmon.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\WINNT\system32\vnlpil.exe
    C:\Documents and Settings\jszpak\Desktop\HijackThis.exe

    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [frymxins] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [FRYHIGHRES] rundll32 "C:\Program Files\ATI Technologies\Fire GL Control Panel\atipmogl.dll",DetectHighResMonitor
    O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\OfficeScan NT\pccntmon.exe" -HideWindow
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [MSConfig] N:\ITDocs\Setups\msconfig.exe /auto
    O4 - HKLM\..\Run: [KavSvc] C:\WINNT\system32\vnlpil.exe
    O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?link...67&clcid=0x409
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = emclocal.com
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = emclocal.com
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = emclocal.com
    O20 - Winlogon Notify: Telephony - C:\WINNT\system32\j44o0eh3eh4.dll
    O23 - Service: ASF Agent (AS***ent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\AS***ent.exe
    O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: FGLRYUTIL (FGLRYUtil) - ATI Technologies, Inc. - C:\Program Files\ATI Technologies\Fire GL Control Panel\atiisrgl.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\OfficeScan NT\ntrtscan.exe
    O23 - Service: OfficeScanNT Listener (tmlisten) - Unknown owner - C:\OfficeScan NT\tmlisten.exe
  2. 04-04-2005  #2
    Bad Karma[CORE]
    Bad Karma[CORE] is offline Elite Member
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = emclocal.com
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = emclocal.com
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = emclocal.com

    If this Domain does not belong to your ISP, or your firms network, these entries should be fixed. 'SearchList' entries should be fixed too.
  3. 04-04-2005  #3
    $lim
    $lim is offline Newbie
    This is the domain that i am under
  4. 04-04-2005  #4
    Bad Karma[CORE]
    Bad Karma[CORE] is offline Elite Member
    Ok, leave it then Apart from that it looked alright to me
  5. 04-04-2005  #5
    owen
    owen is offline D-A-L Team Member (UK)
    Download VX2 Finder from here. Leave it not we'll use it later.

    Close all browser windows, restart Hijack This and put a checkmark next to the following entries:

    O4 - HKLM\..\Run: [KavSvc] C:\WINNT\system32\vnlpil.exe
    O20 - Winlogon Notify: Telephony - C:\WINNT\system32\j44o0eh3eh4.dll

    Click Fix Checked

    Then boot into Safe Mode and ensure that you are showing Hidden Files and Folders.

    Delete the following files and folders:
    C:\WINNT\system32\vnlpil.exe
    C:\WINNT\system32\j44o0eh3eh4.dll

    Reboot

    Run VX2Finder. Click Version at the top and put a checkmark next to all versions. Then click the "Click to find VX2.BetterInternet" button. Let it do its thing, then click Make Log. Copy and paste the contents of that log here, along with a new Hijack This log.
  6. 05-04-2005  #6
    $lim
    $lim is offline Newbie
    Ok i ran both and here is a copy of both the logs:

    hijackthis:

    Logfile of HijackThis v1.99.1
    Scan saved at 3:02:23 PM, on 4/5/2005
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\AVPersonal\AVGUARD.EXE
    C:\Program Files\Intel\ASF Agent\AS***ent.exe
    C:\Program Files\AVPersonal\AVWUPSRV.EXE
    C:\WINNT\system32\svchost.exe
    C:\Program Files\ATI Technologies\Fire GL Control Panel\atiisrgl.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\inetsrv\inetinfo.exe
    C:\WINNT\system32\rundll32.exe
    C:\WINNT\Explorer.EXE
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\Program Files\AVPersonal\AVGNT.EXE
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\WINNT\system32\ctfmon.exe
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    C:\Documents and Settings\Administrator\Desktop\HijackThis.exe

    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [frymxins] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [FRYHIGHRES] rundll32 "C:\Program Files\ATI Technologies\Fire GL Control Panel\atipmogl.dll",DetectHighResMonitor
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [MSConfig] N:\ITDocs\admin tools\msconfig.exe /auto
    O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
    O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
    O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = emclocal.com
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = emclocal.com
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = emclocal.com
    O20 - Winlogon Notify: Applets - C:\WINNT\system32\dn2q01f5e.dll
    O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
    O23 - Service: ASF Agent (AS***ent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\AS***ent.exe
    O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
    O23 - Service: CWShredder Service - Unknown owner - A:\cwshredder.exe (file missing)
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: FGLRYUTIL (FGLRYUtil) - ATI Technologies, Inc. - C:\Program Files\ATI Technologies\Fire GL Control Panel\atiisrgl.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe

    FindQoologic:
  7. 05-04-2005  #7
    $lim
    $lim is offline Newbie
    I didn't these files yesterday
    Delete the following files and folders:
    C:\WINNT\system32\vnlpil.exe
    C:\WINNT\system32\j44o0eh3eh4.dll

    and i am still having problems, they are not on my machine today
  8. 06-04-2005  #8
    $lim
    $lim is offline Newbie
    I was able to delete only two of the files you mentioned above. I am going to post another hjt log after deleting these files. On another note now, it appears that my ethernet card is fried. I cannot get to any web pages or network drive. Nor can i ping any web pages or network drives. I have reseated the ethernet cable and tried a different one. On the back of the ethernet card is an amber light.

    Logfile of HijackThis v1.99.1
    Scan saved at 1:34:07 PM, on 4/6/2005
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\system32\rundll32.exe
    C:\WINNT\Explorer.EXE
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\WINNT\system32\ctfmon.exe
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\Documents and Settings\jszpak\Desktop\HijackThis.exe

    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [frymxins] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [FRYHIGHRES] rundll32 "C:\Program Files\ATI Technologies\Fire GL Control Panel\atipmogl.dll",DetectHighResMonitor
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [KavSvc] C:\WINNT\system32\vnlpil.exe
    O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
    O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINNT\system32\sfg_191e.dll"
    O4 - HKCU\..\Run: [eZmmod] C:\PROGRA~1\ezula\mmod.exe
    O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O10 - Broken Internet access because of LSP provider 'c:\winnt\system32\aklsp.dll' missing
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = emclocal.com
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = emclocal.com
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = emclocal.com
    O20 - Winlogon Notify: CSCSettings - C:\WINNT\system32\hrp6057se.dll
    O23 - Service: ASF Agent (AS***ent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\AS***ent.exe
    O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
    O23 - Service: CWShredder Service - Unknown owner - A:\cwshredder.exe (file missing)
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: FGLRYUTIL (FGLRYUtil) - ATI Technologies, Inc. - C:\Program Files\ATI Technologies\Fire GL Control Panel\atiisrgl.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MSSQL$AUTODESKVAULT - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe (file missing)
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: SQLAgent$AUTODESKVAULT - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlagent.EXE (file missing)
  9. 06-04-2005  #9
    Bad Karma[CORE]
    Bad Karma[CORE] is offline Elite Member
    From what i see this log looks much better. Only entry i see that needs to be taken care of is:

    O10 - Broken Internet access because of LSP provider 'c:\winnt\system32\aklsp.dll' missing

    To correct this run LSPFix from http://www.cexx.org/LSPFix.exe
  10. 06-04-2005  #10
    $lim
    $lim is offline Newbie
    Save 20% on AVG Internet Security 2012 Suite!
    When i try running LSPFix after unzipping it i receive the following error msg.
    " HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\Winsock2\Parameters does not exist" Please re-install Winsock 2

    After this i followed these instructions on how to fix Winsock 2 http://support.microsoft.com/?kbid=837333

    IE is now working but i am still getting pop-ups even when i don't opent he IE

    I ran hjt again and this is the log.
    Logfile of HijackThis v1.99.1
    Scan saved at 4:05:26 PM, on 4/6/2005
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\Explorer.EXE
    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
    C:\WINNT\system32\ctfmon.exe
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
    C:\WINNT\system32\rundll32.exe
    C:\Documents and Settings\jszpak\Desktop\HijackThis.exe

    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [frymxins] "C:\Program Files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl"
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [FRYHIGHRES] rundll32 "C:\Program Files\ATI Technologies\Fire GL Control Panel\atipmogl.dll",DetectHighResMonitor
    O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
    O4 - HKLM\..\Run: [KavSvc] C:\WINNT\system32\vnlpil.exe
    O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
    O4 - HKCU\..\Run: [PCShield] regsvr32 /s "C:\WINNT\system32\sfg_191e.dll"
    O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = emclocal.com
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = emclocal.com
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = emclocal.com
    O20 - Winlogon Notify: SharedDLLs - C:\WINNT\system32\i8lo0i33e8.dll
    O23 - Service: ASF Agent (AS***ent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\AS***ent.exe
    O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
    O23 - Service: CWShredder Service - Unknown owner - A:\cwshredder.exe (file missing)
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: FGLRYUTIL (FGLRYUtil) - ATI Technologies, Inc. - C:\Program Files\ATI Technologies\Fire GL Control Panel\atiisrgl.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MSSQL$AUTODESKVAULT - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe (file missing)
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
    O23 - Service: SQLAgent$AUTODESKVAULT - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlagent.EXE (file missing)
    Last edited by $lim; 06-04-2005 at 09:12 PM.
+ Reply to Thread
Page 1 of 2 1 2 LastLast
« Tks | about:blank manual removal »