Link to home
Start Free TrialLog in
Avatar of rgb192
rgb192Flag for United States of America

asked on

hijack this log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:15:10 PM, on 6/9/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\SWsoft\Plesk\admin\bin\traymonitor.exe
C:\SWsoft\Plesk\admin\bin\traymonitor.exe
C:\SWsoft\Plesk\Additional\PleskPHP5\php.exe
C:\SWsoft\Plesk\Additional\PleskPHP5\php.exe
C:\Program Files (x86)\NuSphere\PhpED\phped.exe
C:\SWsoft\Plesk\Additional\PleskPHP5\php.exe
C:\Program Files (x86)\NuSphere\PhpED\php5\php.exe
C:\Program Files (x86)\NuSphere\PhpED\php5\php.exe
C:\Program Files (x86)\NuSphere\PhpED\php5\php.exe
C:\Windows\SysWOW64\inetsrv\w3wp.exe
C:\Windows\SysWOW64\inetsrv\w3wp.exe
C:\PROGRA~2\NuSphere\PhpED\Debugger\DBGLIS~1.EXE
C:\Program Files (x86)\NuSphere\PhpED\srv.exe
C:\Program Files (x86)\NuSphere\PhpED\php5\php-cgi.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\WinSCP\WinSCP.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE\SqlWb.exe
C:\Program Files (x86)\NuSphere\PhpED\php5\php-cgi.exe
C:\Windows\SysWOW64\MPK\MPKView.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\inetsrv\w3wp.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\inetsrv\w3wp.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\SWsoft\Plesk\Additional\PleskPHP5\php-cgi.exe
C:\SWsoft\Plesk\Additional\PleskPHP5\php-cgi.exe
C:\SWsoft\Plesk\Additional\PleskPHP5\php-cgi.exe
C:\Users\Administrator\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iesetup.dll/SoftAdmin.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/SoftAdmin.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: NuSphere ToolBar - {0F62D223-9206-4EA3-9EA8-D0F3C7C82ACA} - C:\Program Files (x86)\NuSphere\PhpED\NuSphereIEBar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Policies\Explorer\Run: [Mpk.exe] C:\Windows\SysWOW64\MPK\Mpk.exe
O4 - Startup: ebaypricechangepd.cmd
O4 - Startup: ebaypricechangerc.cmd
O4 - Startup: old
O4 - Startup: phped.exe - Shortcut.lnk = ?
O4 - Startup: SmartFTP.exe - Shortcut.lnk = ?
O4 - Startup: taskmgr.exe - Shortcut.lnk = ?
O4 - Startup: tracking.cmd
O4 - Startup: whatever2.cmd
O4 - Startup: whatever2robscamera.cmd
O4 - Startup: whatevercie.cmd
O4 - Global Startup: Plesk Services Monitor.lnk = ?
O8 - Extra context menu item: NuSphere PhpED :: Debug this page - res://C:\Program Files (x86)\NuSphere\PhpED\NuSphereIEBar.dll/1000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O15 - ESC Trusted Zone: http://runonce.msn.com (HKLM)
O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DF5BB93C-FE76-4E47-B422-226EBF3780FF}: NameServer = xx,xx
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: MailEnable List Connector (MELCS) - Unknown owner - C:\SWsoft\Plesk\Mail Servers\Mail Enable\Bin\MELSC.EXE
O23 - Service: MailEnable Mail Transfer Agent (MEMTAS) - Unknown owner - C:\SWsoft\Plesk\Mail Servers\Mail Enable\Bin\MEMTA.EXE
O23 - Service: MailEnable Postoffice Connector (MEPOCS) - Unknown owner - C:\SWsoft\Plesk\Mail Servers\Mail Enable\Bin\MEPOC.EXE
O23 - Service: MailEnable POP Service (MEPOPS) - Unknown owner - C:\SWsoft\Plesk\Mail Servers\Mail Enable\Bin\MEPOPS.EXE
O23 - Service: MailEnable SMTP Connector (MESMTPCS) - Unknown owner - C:\SWsoft\Plesk\Mail Servers\Mail Enable\Bin\MESMTPC.EXE
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL Server (MySQL) - Unknown owner - C:\SWsoft\Plesk\Databases\MySQL\bin\mysqld-nt.exe
O23 - Service: Plesk Name Server (named) - Unknown owner - C:\SWsoft\Plesk\dns\bin\named.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Parallels Plesk Panel service (PleskControlPanel) - Parallels, Inc - C:\SWsoft\Plesk\admin\bin\PleskControlPanel.exe
O23 - Service: Plesk Management Service (plesksrv) - Parallels, Inc - C:\SWsoft\Plesk\admin\bin\plesksrv.exe
O23 - Service: Plesk PopPass Service (PopPassD) - Parallels, Inc - C:\SWsoft\Plesk\admin\bin\PopPassD.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @gpapi.dll,-114 (RSoPProv) - Unknown owner - C:\Windows\system32\RSoPProv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sitebuilder for Windows Hosting Service (SBPreviewHost) - Parallels - C:\SWsoft\Plesk\SiteBuilder\HostingService\Bin\HostingService.exe
O23 - Service: Sitebuilder for Windows Updater Service (SBUpdater) - Parallels - C:\SWsoft\Plesk\SiteBuilder\HostingService\Bin\HostingService.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%windir%\system32\inetsrv\smtpsetup.exe,-1 (SMTPSVC) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Plesk SSL Wrapper Service (stunnel) - Unknown owner - C:\SWsoft\Plesk\stunnel\stunnel.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\Windows\System32\tlntsvr.exe (file missing)
O23 - Service: Apache Tomcat (Tomcat5) - Apache Software Foundation - C:\SWsoft\Plesk\Additional\Tomcat\bin\tomcat5.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9614 bytes

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:15:10 PM, on 6/9/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\SWsoft\Plesk\admin\bin\traymonitor.exe
C:\SWsoft\Plesk\admin\bin\traymonitor.exe
C:\SWsoft\Plesk\Additional\PleskPHP5\php.exe
C:\SWsoft\Plesk\Additional\PleskPHP5\php.exe
C:\Program Files (x86)\NuSphere\PhpED\phped.exe
C:\SWsoft\Plesk\Additional\PleskPHP5\php.exe
C:\Program Files (x86)\NuSphere\PhpED\php5\php.exe
C:\Program Files (x86)\NuSphere\PhpED\php5\php.exe
C:\Program Files (x86)\NuSphere\PhpED\php5\php.exe
C:\Windows\SysWOW64\inetsrv\w3wp.exe
C:\Windows\SysWOW64\inetsrv\w3wp.exe
C:\PROGRA~2\NuSphere\PhpED\Debugger\DBGLIS~1.EXE
C:\Program Files (x86)\NuSphere\PhpED\srv.exe
C:\Program Files (x86)\NuSphere\PhpED\php5\php-cgi.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\WinSCP\WinSCP.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE\SqlWb.exe
C:\Program Files (x86)\NuSphere\PhpED\php5\php-cgi.exe
C:\Windows\SysWOW64\MPK\MPKView.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\inetsrv\w3wp.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\inetsrv\w3wp.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\SWsoft\Plesk\Additional\PleskPHP5\php-cgi.exe
C:\SWsoft\Plesk\Additional\PleskPHP5\php-cgi.exe
C:\SWsoft\Plesk\Additional\PleskPHP5\php-cgi.exe
C:\Users\Administrator\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iesetup.dll/SoftAdmin.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://iesetup.dll/SoftAdmin.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: NuSphere ToolBar - {0F62D223-9206-4EA3-9EA8-D0F3C7C82ACA} - C:\Program Files (x86)\NuSphere\PhpED\NuSphereIEBar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Policies\Explorer\Run: [Mpk.exe] C:\Windows\SysWOW64\MPK\Mpk.exe
O4 - Startup: ebaypricechangepd.cmd
O4 - Startup: ebaypricechangerc.cmd
O4 - Startup: old
O4 - Startup: phped.exe - Shortcut.lnk = ?
O4 - Startup: SmartFTP.exe - Shortcut.lnk = ?
O4 - Startup: taskmgr.exe - Shortcut.lnk = ?
O4 - Startup: tracking.cmd
O4 - Startup: whatever2.cmd
O4 - Startup: whatever2robscamera.cmd
O4 - Startup: whatevercie.cmd
O4 - Global Startup: Plesk Services Monitor.lnk = ?
O8 - Extra context menu item: NuSphere PhpED :: Debug this page - res://C:\Program Files (x86)\NuSphere\PhpED\NuSphereIEBar.dll/1000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O15 - ESC Trusted Zone: http://runonce.msn.com (HKLM)
O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DF5BB93C-FE76-4E47-B422-226EBF3780FF}: NameServer = xx,xx
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: MailEnable List Connector (MELCS) - Unknown owner - C:\SWsoft\Plesk\Mail Servers\Mail Enable\Bin\MELSC.EXE
O23 - Service: MailEnable Mail Transfer Agent (MEMTAS) - Unknown owner - C:\SWsoft\Plesk\Mail Servers\Mail Enable\Bin\MEMTA.EXE
O23 - Service: MailEnable Postoffice Connector (MEPOCS) - Unknown owner - C:\SWsoft\Plesk\Mail Servers\Mail Enable\Bin\MEPOC.EXE
O23 - Service: MailEnable POP Service (MEPOPS) - Unknown owner - C:\SWsoft\Plesk\Mail Servers\Mail Enable\Bin\MEPOPS.EXE
O23 - Service: MailEnable SMTP Connector (MESMTPCS) - Unknown owner - C:\SWsoft\Plesk\Mail Servers\Mail Enable\Bin\MESMTPC.EXE
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySQL Server (MySQL) - Unknown owner - C:\SWsoft\Plesk\Databases\MySQL\bin\mysqld-nt.exe
O23 - Service: Plesk Name Server (named) - Unknown owner - C:\SWsoft\Plesk\dns\bin\named.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Parallels Plesk Panel service (PleskControlPanel) - Parallels, Inc - C:\SWsoft\Plesk\admin\bin\PleskControlPanel.exe
O23 - Service: Plesk Management Service (plesksrv) - Parallels, Inc - C:\SWsoft\Plesk\admin\bin\plesksrv.exe
O23 - Service: Plesk PopPass Service (PopPassD) - Parallels, Inc - C:\SWsoft\Plesk\admin\bin\PopPassD.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @gpapi.dll,-114 (RSoPProv) - Unknown owner - C:\Windows\system32\RSoPProv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sitebuilder for Windows Hosting Service (SBPreviewHost) - Parallels - C:\SWsoft\Plesk\SiteBuilder\HostingService\Bin\HostingService.exe
O23 - Service: Sitebuilder for Windows Updater Service (SBUpdater) - Parallels - C:\SWsoft\Plesk\SiteBuilder\HostingService\Bin\HostingService.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%windir%\system32\inetsrv\smtpsetup.exe,-1 (SMTPSVC) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Plesk SSL Wrapper Service (stunnel) - Unknown owner - C:\SWsoft\Plesk\stunnel\stunnel.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\Windows\System32\tlntsvr.exe (file missing)
O23 - Service: Apache Tomcat (Tomcat5) - Apache Software Foundation - C:\SWsoft\Plesk\Additional\Tomcat\bin\tomcat5.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9614 bytes

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of edbedb
edbedb
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of Jonvee
Jonvee
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of rgb192
rgb192
Flag of United States of America image

ASKER

thanks