Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help > HijackThis Log Help (Inactive)
HJT log. Random .exe created. HJT log. Random .exe created.
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

 
 
Thread Tools
Old 07-20-2008, 09:34 PM   #1 (permalink)
Registered User
 
Join Date: Jul 2008
Posts: 1
OS: Vista Business SP1


HJT log. Random .exe created.
Hi,

I have a windows 2003 terminal server. Outlook users were complaining of slow usage and random lockups. After looking at the running processes i saw a ranom.exe i stopped the process, found it in C:\Windows\Temp and deleted it.
It always comes back eventually but under a different name. Currently it is running under CQ1.exe (the file names seem to be random though)
I have tried spybot, Trend client/server security scans but nothing really comes up. so i thought i would try this.

Any help would be very much appreciated. or at least a point in the right direction.
I'm currently running another virus scan and will edit post if that detects problems.

If you would like me to get more of the random filenames or run any other scans/programs don't hesitate to ask.

***************************

Logfile of HijackThis v1.99.1
Scan saved at 2:18:10 PM, on 21/07/2008
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Running processes:
C:\Documents and Settings\Administrator\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\BackupAssist v4\BackupAssistService.exe
C:\WINDOWS\system32\Dfssvc.exe
C:\WINDOWS\System32\dns.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\ismserv.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\ntfrs.exe
C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
C:\Program Files\Trend Micro\Security Server\PCCSRV\web\service\ofcservice.exe
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web\Service\DbServer.exe
C:\WINDOWS\TEMP\CQ1.EXE
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft SQL Server\MSSQL.2\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\WINDOWS\system32\lserver.exe
C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
C:\Program Files\UPSMON\UPSMON_Service.Exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\UPSMON\UPSMON.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\UPSMON\UPSMON.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\UPSMON\UPSMON.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\UPSMON\UPSMON.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\UPSMON\UPSMON.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\UPSMON\UPSMON.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
C:\Program Files\UPSMON\UPSMON.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\UPSMON\UPSMON.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\UPSMON\UPSMON.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\UPSMON\UPSMON.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\UPSMON\UPSMON.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\UPSMON\UPSMON.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\OFFICE11\MSACCESS.EXE
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\scrnsave.scr
C:\WINDOWS\System32\logon.scr
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\UPSMON\UPSMON.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\scrnsave.scr
C:\WINDOWS\system32\taskmgr.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\WINDOWS\system32\scrnsave.scr
C:\Program Files\Trend Micro\Client Server Security Agent\pccnt.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
D:\Company Shared\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [UPSMON] C:\Program Files\UPSMON\UPSMON.exe
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /source=HKLM
O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\Client Server Security Agent\pccntmon.exe" -HideWindow
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrator\windows\system32\mswsock.dll' missing
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {35C3D91E-401A-4E45-88A5-F3B32CD72DF4} (Encrypt Class) - https://aimhire.aimhire.local:4343/S...oot/AtxEnc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1211411289703
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...nt/swflash.cab
O16 - DPF: {E1E0FB30-7830-4DC2-8443-0EAB9695A421} (BaseRunner Class) - http://61.95.44.150:3000/WebGuard.cab
O16 - DPF: {E78DE03F-DC83-40DB-B590-8FD80BE5F7C8} (Security Server Management Console) - https://aimhire.aimhire.local:4343/S...AtxConsole.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = aimhire.local
O17 - HKLM\Software\..\Telephony: DomainName = aimhire.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{582173A3-1F90-4737-BAB1-1598B9A26189}: NameServer = 192.168.1.5,139.130.4.4
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = aimhire.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = aimhire.local
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: dimsntfy - dimsntfy.dll (file missing)
O23 - Service: Application Experience Lookup Service (AeLookupSvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Application Management (AppMgmt) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Windows Audio (AudioSrv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: BackupAssist Service (BackupAssistService) - Cortex I.T. - C:\Program Files\BackupAssist v4\BackupAssistService.exe
O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Computer Browser (Browser) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Cryptographic Services (CryptSvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: DCOM Server Process Launcher (DcomLaunch) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Distributed File System (Dfs) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\Dfssvc.exe (file missing)
O23 - Service: DHCP Client (Dhcp) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Logical Disk Manager (dmserver) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: DNS Server (DNS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\dns.exe (file missing)
O23 - Service: DNS Client (Dnscache) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Error Reporting Service (ERSvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Event Log (Eventlog) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\services.exe (file missing)
O23 - Service: Help and Support (helpsvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Intersite Messaging (IsmServ) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\ismserv.exe (file missing)
O23 - Service: Kerberos Key Distribution Center (kdc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Server (lanmanserver) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Workstation (lanmanworkstation) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: License Logging (LicenseService) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\llssrv.exe (file missing)
O23 - Service: TCP/IP NetBIOS Helper (LmHosts) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: SQL Server FullText Search (AIMHIRE) (msftesql$AIMHIRE) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe" -s:MSSQL.1 -f:AIMHIRE (file missing)
O23 - Service: SQL Server (AIMHIRE) (MSSQL$AIMHIRE) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sAIMHIRE (file missing)
O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Network Connections (Netman) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Network Location Awareness (NLA) (Nla) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: File Replication Service (NtFrs) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\ntfrs.exe (file missing)
O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Removable Storage (NtmsSvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Trend Micro Client/Server Security Agent RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\ntrtscan.exe
O23 - Service: Trend Micro Client/Server Security Agent Personal Firewall (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\OfcPfwSvc.exe
O23 - Service: Trend Micro Security Server Master Service (ofcservice) - Trend Micro Inc. - C:\Program Files\Trend Micro\Security Server\PCCSRV\web\service\ofcservice.exe
O23 - Service: pdfFactory Pro Dispatcher v2 - Unknown owner - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /service (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\services.exe (file missing)
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Remote Access Auto Connection Manager (RasAuto) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Remote Access Connection Manager (RasMan) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Remote Registry (RemoteRegistry) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) (RpcSs) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Resultant Set of Policy Provider (RSoPProv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\RSoPProv.exe (file missing)
O23 - Service: Special Administration Console Helper (sacsvr) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Smart Card (SCardSvr) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\SCardSvr.exe (file missing)
O23 - Service: Task Scheduler (Schedule) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Secondary Logon (seclogon) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: System Event Notification (SENS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Shell Hardware Detection (ShellHWDetection) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: SNMP Service (SNMP) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\snmp.exe (file missing)
O23 - Service: SNMP Trap Service (SNMPTRAP) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\spoolsv.exe (file missing)
O23 - Service: SQL Server Agent (AIMHIRE) (SQLAgent$AIMHIRE) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE" -i AIMHIRE (file missing)
O23 - Service: Microsoft Software Shadow Copy Provider (swprv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Performance Logs and Alerts (SysmonLog) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\smlogsvc.exe (file missing)
O23 - Service: Telephony (TapiSrv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Terminal Services (TermService) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Terminal Server Licensing (TermServLicensing) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lserver.exe (file missing)
O23 - Service: Trend Micro Client/Server Security Agent Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\Client Server Security Agent\tmlisten.exe
O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Upload Manager (uploadmgr) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Uninterruptible Power Supply (UPS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\ups.exe (file missing)
O23 - Service: UPSMONService - Unknown owner - C:\Program Files\UPSMON\UPSMON_Service.Exe
O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: Windows Time (W32Time) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: World Wide Web Publishing Service (W3SVC) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Windows Management Instrumentation (winmgmt) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
O23 - Service: Portable Media Serial Number Service (WmdmPmSN) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Windows Management Instrumentation Driver Extensions (Wmi) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Wireless Configuration (WZCSVC) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Network Provisioning Service (xmlprov) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
Last edited by mad33hatter : 07-20-2008 at 09:37 PM.
mad33hatter is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
 

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 07:46 PM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2008, Tech Support Forum

Search Engine Friendly URLs by vBSEO

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82