Internet Explorer problem! Need some help..
- Thread starter Fly4High
- Start date
- Status
I have remove all the issues but it seems UAService cannot be remove. It run as SYSTEM id, I couldn't stop it neither remove it from HijackThis. Here's the log I've just run:
*********************************************
Logfile of HijackThis v1.99.1
Scan saved at 11:38:32 AM, on 12/30/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
c:\program files\mcafee.com\agent\mcdetect.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\UAService.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\1XConfig.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\LTSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\system32\00THotkey.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe
C:\Program Files\D-Tools\daemon.exe
D:\Setup\Fonts\unikey\UniKeyNT.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Setup\Firewalls & Securities\HijackThis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [ZCfgSvc.exe] C:\WINDOWS\system32\ZCfgSvc.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [UniKey] D:\Setup\Fonts\unikey\UniKeyNT.exe
O4 - HKCU\..\Run: [mtd2002Svr] "C:\Program Files\mtd2002"\mtdserver.exe -f
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesuk.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesuk.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\system32\LgNotify.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: SecuROM User Access Service (UserAccess) - Unknown owner - C:\WINDOWS\system32\UAService.exe
**************************************************
Pls help to check again! Thanks a lot! I really appriciated!
*********************************************
Logfile of HijackThis v1.99.1
Scan saved at 11:38:32 AM, on 12/30/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
c:\program files\mcafee.com\agent\mcdetect.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\UAService.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\1XConfig.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\LTSMMSG.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\system32\00THotkey.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe
C:\Program Files\D-Tools\daemon.exe
D:\Setup\Fonts\unikey\UniKeyNT.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Setup\Firewalls & Securities\HijackThis\HijackThis.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [ZCfgSvc.exe] C:\WINDOWS\system32\ZCfgSvc.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [LTSMMSG] LTSMMSG.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [UniKey] D:\Setup\Fonts\unikey\UniKeyNT.exe
O4 - HKCU\..\Run: [mtd2002Svr] "C:\Program Files\mtd2002"\mtdserver.exe -f
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesuk.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\Common\yhexbmesuk.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\system32\LgNotify.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: SecuROM User Access Service (UserAccess) - Unknown owner - C:\WINDOWS\system32\UAService.exe
**************************************************
Pls help to check again! Thanks a lot! I really appriciated!
install and update this program
http://www.ewido.net/en/download/
Did it find annything?
also run it in safemode
http://www.ewido.net/en/download/
Did it find annything?
also run it in safemode
Phew... it take so long to scan full system(approximately more than 1 hour)! At last, done! All the infected file have been removed. And here is the log detail I've save to file:
---------------------------------------------------------
ewido anti-malware - Process report
---------------------------------------------------------
+ Created on: 3:22:12 PM, 12/30/2005
+ Report-Checksum: 6EC19538
0: System Process
4: System Process
292: C:\Program Files\ewido anti-malware\ewidoctrl.exe
324: C:\Program Files\ewido anti-malware\ewidoguard.exe
376: C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
504: c:\program files\mcafee.com\agent\mcdetect.exe
524: C:\Program Files\Network Associates\VirusScan\mcshield.exe
556: C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
568: C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
684: c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
748: C:\Program Files\ewido anti-malware\SecuritySuite.exe
780: \SystemRoot\System32\smss.exe
816: C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
856: \??\C:\WINDOWS\system32\csrss.exe
860: C:\WINDOWS\system32\RegSrvc.exe
880: \??\C:\WINDOWS\system32\winlogon.exe
924: C:\WINDOWS\system32\services.exe
936: C:\WINDOWS\system32\lsass.exe
1092: C:\WINDOWS\system32\svchost.exe
1168: C:\WINDOWS\system32\svchost.exe
1216: C:\WINDOWS\system32\wdfmgr.exe
1292: C:\WINDOWS\system32\UAService.exe
1312: C:\WINDOWS\System32\svchost.exe
1348: C:\WINDOWS\system32\S24EvMon.exe
1416: C:\WINDOWS\system32\svchost.exe
1436: C:\Program Files\Internet Explorer\iexplore.exe
1524: C:\WINDOWS\system32\svchost.exe
1816: C:\WINDOWS\system32\ZCfgSvc.exe
1840: C:\WINDOWS\System32\alg.exe
2076: C:\Program Files\Internet Explorer\IEXPLORE.EXE
2344: C:\WINDOWS\Explorer.EXE
2360: C:\WINDOWS\system32\1XConfig.exe
2460: C:\Program Files\Internet Explorer\IEXPLORE.EXE
2708: C:\WINDOWS\system32\igfxtray.exe
2716: C:\WINDOWS\system32\hkcmd.exe
2740: C:\WINDOWS\LTSMMSG.exe
2748: C:\Program Files\Apoint2K\Apoint.exe
2764: C:\WINDOWS\system32\00THotkey.exe
2780: C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
2800: C:\PROGRA~1\mcafee.com\agent\mcagent.exe
2820: C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
2824: C:\Program Files\iTunes\iTunesHelper.exe
2840: C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
2848: C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
2856: C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe
2868: C:\Program Files\D-Tools\daemon.exe
2880: D:\Setup\Fonts\unikey\UniKeyNT.exe
2916: C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
3004: C:\Program Files\iPod\bin\iPodService.exe
3060: C:\Program Files\Apoint2K\Apntex.exe
4040: C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
********************************************
So, it is all right or have I forgot any log!
Pls help to check! Appreciated your kindly help!!!
---------------------------------------------------------
ewido anti-malware - Process report
---------------------------------------------------------
+ Created on: 3:22:12 PM, 12/30/2005
+ Report-Checksum: 6EC19538
0: System Process
4: System Process
292: C:\Program Files\ewido anti-malware\ewidoctrl.exe
324: C:\Program Files\ewido anti-malware\ewidoguard.exe
376: C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
504: c:\program files\mcafee.com\agent\mcdetect.exe
524: C:\Program Files\Network Associates\VirusScan\mcshield.exe
556: C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
568: C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
684: c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
748: C:\Program Files\ewido anti-malware\SecuritySuite.exe
780: \SystemRoot\System32\smss.exe
816: C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
856: \??\C:\WINDOWS\system32\csrss.exe
860: C:\WINDOWS\system32\RegSrvc.exe
880: \??\C:\WINDOWS\system32\winlogon.exe
924: C:\WINDOWS\system32\services.exe
936: C:\WINDOWS\system32\lsass.exe
1092: C:\WINDOWS\system32\svchost.exe
1168: C:\WINDOWS\system32\svchost.exe
1216: C:\WINDOWS\system32\wdfmgr.exe
1292: C:\WINDOWS\system32\UAService.exe
1312: C:\WINDOWS\System32\svchost.exe
1348: C:\WINDOWS\system32\S24EvMon.exe
1416: C:\WINDOWS\system32\svchost.exe
1436: C:\Program Files\Internet Explorer\iexplore.exe
1524: C:\WINDOWS\system32\svchost.exe
1816: C:\WINDOWS\system32\ZCfgSvc.exe
1840: C:\WINDOWS\System32\alg.exe
2076: C:\Program Files\Internet Explorer\IEXPLORE.EXE
2344: C:\WINDOWS\Explorer.EXE
2360: C:\WINDOWS\system32\1XConfig.exe
2460: C:\Program Files\Internet Explorer\IEXPLORE.EXE
2708: C:\WINDOWS\system32\igfxtray.exe
2716: C:\WINDOWS\system32\hkcmd.exe
2740: C:\WINDOWS\LTSMMSG.exe
2748: C:\Program Files\Apoint2K\Apoint.exe
2764: C:\WINDOWS\system32\00THotkey.exe
2780: C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
2800: C:\PROGRA~1\mcafee.com\agent\mcagent.exe
2820: C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
2824: C:\Program Files\iTunes\iTunesHelper.exe
2840: C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
2848: C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
2856: C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe
2868: C:\Program Files\D-Tools\daemon.exe
2880: D:\Setup\Fonts\unikey\UniKeyNT.exe
2916: C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
3004: C:\Program Files\iPod\bin\iPodService.exe
3060: C:\Program Files\Apoint2K\Apntex.exe
4040: C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
********************************************
So, it is all right or have I forgot any log!
Pls help to check! Appreciated your kindly help!!!
- Status
Similar threads
