New Services: GYTBTMV ??

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

In XpProSp2Mce2005, I noticed a new item in Services: GYTBTMV.
Also found in registry: Root\Legacy_GYTBTMV
Removed registry references which pointed to nothing meaningful
& this got rid of Service on reboot. Having never seen unsolicited
Service creation, I am wondering if anyone has information on
same/similar? Google search returns nothing on GYTBTMV.
 
Did you run Rootkit Revealer or another rootkit detector ? RKR adds a
phantom service that can only be removed by editing the registry or by
this running this from a Command Prompt:

SC DELETE <name_of_service>

RKR adds the service to
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet\Services first.


MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============
 
Had not run RKR for some time & just did with normal result: \Secrets\Sai*
No MMC Service was created. In fact, the only non Microsoft services I've
ever seen in here are ATI & iPod.

MowGreen said:
Did you run Rootkit Revealer or another rootkit detector ? RKR adds a
phantom service that can only be removed by editing the registry or by
this running this from a Command Prompt:

SC DELETE <name_of_service>

RKR adds the service to
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet\Services first.


MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============

In XpProSp2Mce2005, I noticed a new item in Services: GYTBTMV.
Also found in registry: Root\Legacy_GYTBTMV
Removed registry references which pointed to nothing meaningful
& this got rid of Service on reboot. Having never seen unsolicited
Service creation, I am wondering if anyone has information on
same/similar? Google search returns nothing on GYTBTMV.
Click to expand...
Click to expand...
 
Interesting. Last time I ran it it did create a Service and left a
random named executable in %temp%, same name as the Service.
Will run it again on a VPC install of XP and post back the results, Will.


MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============

Had not run RKR for some time & just did with normal result: \Secrets\Sai*
No MMC Service was created. In fact, the only non Microsoft services I've
ever seen in here are ATI & iPod.

:

Did you run Rootkit Revealer or another rootkit detector ? RKR adds a
phantom service that can only be removed by editing the registry or by
this running this from a Command Prompt:

SC DELETE <name_of_service>

RKR adds the service to
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet\Services first.


MowGreen [MVP 2003-2008]
===============
*-343-* FDNY
Never Forgotten
===============

In XpProSp2Mce2005, I noticed a new item in Services: GYTBTMV.
Also found in registry: Root\Legacy_GYTBTMV
Removed registry references which pointed to nothing meaningful
& this got rid of Service on reboot. Having never seen unsolicited
Service creation, I am wondering if anyone has information on
same/similar? Google search returns nothing on GYTBTMV.
Click to expand...
Click to expand...
Click to expand...
 
Back
Top