Liber8ed1
Thread Starter
- Joined
- Sep 24, 2003
- Messages
- 138
A friend was here today and took a bunch of digital photos of the kids.
He burned them to a cd with his laptop. We were going to look at the pics on the computer and when we put the cd in mcaffee said we got infected with Pate.b
The file was apparently in the picture program he was running as it gave the file path as (can't remember exactly, but something with...) D: and picata (which was the name of the picture program)
This infection occured about 1/2 hour ago. I'm hoping to get some help before the worm infects all my executables...
Here's my HJT log. Mcaffee says it's unremovable.
Any help would be greatly appreciated!!
Logfile of HijackThis v1.99.1
Scan saved at 8:23:12 PM, on 1/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common
Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\SiteAdvisor\4979\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\Sonic\Update
Manager\sgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common
Files\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\Musicmatch
Jukebox\mmtask.exe
C:\Program Files\SiteAdvisor\4979\SiteAdv.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\palmOne\AlarmApp.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\PROGRA~1\Webshots\webshots.scr
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\KIMBER~1\LOCALS~1\Temp\Temporary
Directory 1 for hijackthis.zip\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start
Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection
Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=488
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) -
{089FD14D-132B-48FC-8861-0048AE113215} - C:\Program
Files\SiteAdvisor\4979\SiteAdv.dll
O2 - BHO: DriveLetterAccess -
{5CA3D70E-1895-11CF-8E15-001234567890} -
C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: scriptproxy -
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program
files\mcafee\virusscan\scriptcl.dll
O3 - Toolbar: McAfee SiteAdvisor -
{0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program
Files\SiteAdvisor\4979\SiteAdv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program
Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program
Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program
Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla]
C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ViewMgr] C:\Program
Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program
Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [igfxtray]
C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers]
C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program
Files\SiteAdvisor\4979\SiteAdv.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program
Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: HotSync Manager.lnk = C:\Program
Files\palmOne\HOTSYNC.EXE
O4 - Startup: Webshots.lnk = C:\Program
Files\Webshots\Launcher.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk =
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Alarm Manager.LNK = C:\Program
Files\palmOne\AlarmApp.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Add animation to
IncrediMail Style Box -
C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program
Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program
Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Real.com -
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player -
{d81ca86b-ef63-42af-bee3-4502d9a03c2d} -
http://wwws.musicmatch.com/mmz/openWebRadio.html
(file missing)
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
(Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
(McAfee.com Operating System Class) -
http://download.mcafee.com/molbin/shared/mcinsctl/en-u
s/4,0,0,84/mcinsctl.cab
O16 - DPF: {66E79B75-F711-4A88-9C6D-10BCA64F3306}
(DriveCamPlayer Class) -
http://www.drivecam.com/videos/DriveCamEvent.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
(MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Contr
ols/en/x86/client/muweb_site.cab?1132802251093
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47}
(Webshots Photo Uploader) -
http://community.webshots.com/html/WSPhotoUploader.
CAB
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389}
(DwnldGroupMgr Class) -
http://download.mcafee.com/molbin/shared/mcgdmgr/en-
us/1,0,0,21/mcgdmgr.cab
O18 - Protocol: msnim -
{828030A1-22C1-4009-854F-8E305202313F} -
"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: siteadvisor -
{3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program
Files\SiteAdvisor\4979\SiteAdv.dll
O20 - Winlogon Notify: igfxcui -
C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon -
C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee,
Inc. -
C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) -
Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. -
C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc.
- C:\Program Files\Common
Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Log Manager
(McLogManagerService) - McAfee, Inc. -
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr)
- McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Network Agent (McNASvc) -
McAfee, Inc. - c:\program files\common
files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. -
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) -
McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) -
McAfee, Inc. -
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) -
McAfee, Inc. -
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) -
McAfee, Inc. -
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) -
McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) -
McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
O23 - Service: McAfee Personal Firewall Service
(MpfService) - McAfee, Inc. - C:\Program
Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R)
Corporation - C:\Program
Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. -
C:\Program Files\SiteAdvisor\4979\SAService.exe
He burned them to a cd with his laptop. We were going to look at the pics on the computer and when we put the cd in mcaffee said we got infected with Pate.b
The file was apparently in the picture program he was running as it gave the file path as (can't remember exactly, but something with...) D: and picata (which was the name of the picture program)
This infection occured about 1/2 hour ago. I'm hoping to get some help before the worm infects all my executables...
Here's my HJT log. Mcaffee says it's unremovable.
Logfile of HijackThis v1.99.1
Scan saved at 8:23:12 PM, on 1/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common
Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\MSC\mctskshd.exe
C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\SiteAdvisor\4979\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Common Files\Sonic\Update
Manager\sgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common
Files\Real\Update_OB\realsched.exe
C:\Program Files\MUSICMATCH\Musicmatch
Jukebox\mmtask.exe
C:\Program Files\SiteAdvisor\4979\SiteAdv.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\palmOne\AlarmApp.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\PROGRA~1\Webshots\webshots.scr
C:\Program Files\Mozilla Firefox\firefox.exe
C:\DOCUME~1\KIMBER~1\LOCALS~1\Temp\Temporary
Directory 1 for hijackthis.zip\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start
Page = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Connection
Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=488
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) -
{089FD14D-132B-48FC-8861-0048AE113215} - C:\Program
Files\SiteAdvisor\4979\SiteAdv.dll
O2 - BHO: DriveLetterAccess -
{5CA3D70E-1895-11CF-8E15-001234567890} -
C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: scriptproxy -
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program
files\mcafee\virusscan\scriptcl.dll
O3 - Toolbar: McAfee SiteAdvisor -
{0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program
Files\SiteAdvisor\4979\SiteAdv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program
Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program
Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program
Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla]
C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ViewMgr] C:\Program
Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program
Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [igfxtray]
C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers]
C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program
Files\SiteAdvisor\4979\SiteAdv.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program
Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: HotSync Manager.lnk = C:\Program
Files\palmOne\HOTSYNC.EXE
O4 - Startup: Webshots.lnk = C:\Program
Files\Webshots\Launcher.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk =
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Alarm Manager.LNK = C:\Program
Files\palmOne\AlarmApp.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: &Add animation to
IncrediMail Style Box -
C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program
Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger -
{4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program
Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Real.com -
{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player -
{d81ca86b-ef63-42af-bee3-4502d9a03c2d} -
http://wwws.musicmatch.com/mmz/openWebRadio.html
(file missing)
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
(Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
(McAfee.com Operating System Class) -
http://download.mcafee.com/molbin/shared/mcinsctl/en-u
s/4,0,0,84/mcinsctl.cab
O16 - DPF: {66E79B75-F711-4A88-9C6D-10BCA64F3306}
(DriveCamPlayer Class) -
http://www.drivecam.com/videos/DriveCamEvent.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
(MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Contr
ols/en/x86/client/muweb_site.cab?1132802251093
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47}
(Webshots Photo Uploader) -
http://community.webshots.com/html/WSPhotoUploader.
CAB
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389}
(DwnldGroupMgr Class) -
http://download.mcafee.com/molbin/shared/mcgdmgr/en-
us/1,0,0,21/mcgdmgr.cab
O18 - Protocol: msnim -
{828030A1-22C1-4009-854F-8E305202313F} -
"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: siteadvisor -
{3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program
Files\SiteAdvisor\4979\SiteAdv.dll
O20 - Winlogon Notify: igfxcui -
C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon -
C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee,
Inc. -
C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) -
Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. -
C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc.
- C:\Program Files\Common
Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Log Manager
(McLogManagerService) - McAfee, Inc. -
C:\PROGRA~1\McAfee\MSC\mclogsrv.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr)
- McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Network Agent (McNASvc) -
McAfee, Inc. - c:\program files\common
files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. -
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) -
McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) -
McAfee, Inc. -
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) -
McAfee, Inc. -
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) -
McAfee, Inc. -
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) -
McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mctskshd.exe
O23 - Service: McAfee User Manager (mcusrmgr) -
McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcusrmgr.exe
O23 - Service: McAfee Personal Firewall Service
(MpfService) - McAfee, Inc. - C:\Program
Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R)
Corporation - C:\Program
Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SiteAdvisor Service - McAfee, Inc. -
C:\Program Files\SiteAdvisor\4979\SAService.exe