Here's Rapport.txt
SmitFraudFix v2.204
Scan done at 13:51:29.29, Tue 10/23/2007
Run from C:\Documents and Settings\Frost\Desktop\Random folders and crap\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{12BA02B1-FA34-4384-B2A2-8EBD93C26E5E}"="OLE Object"
[HKEY_CLASSES_ROOT\CLSID\{12BA02B1-FA34-4384-B2A2-8EBD93C26E5E}\InProcServer32]
@="C:\WINDOWS\system32\floop32.dll"
[HKEY_CURRENT_USER\Software\Classes\CLSID\{12BA02B1-FA34-4384-B2A2-8EBD93C26E5E}\InProcServer32]
@="C:\WINDOWS\system32\floop32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{4a9e875b-d032-45e4-8294-789fe3be5b19}"="atrichia"
[HKEY_CLASSES_ROOT\CLSID\{4a9e875b-d032-45e4-8294-789fe3be5b19}\InProcServer32]
@="C:\windows\system32\fshqaln.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4a9e875b-d032-45e4-8294-789fe3be5b19}\InProcServer32]
@="C:\windows\system32\fshqaln.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
C:\windows\system32\fshqaln.dll -> Hoax.Win32.Renos.gen.o
C:\windows\system32\fshqaln.dll -> Deleted
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Security Guide.url Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Security Troubleshooting.url Deleted
C:\DOCUME~1\Frost\FAVORI~1\Online Security Test.url Deleted
C:\Program Files\Video ActiveX Access\ Deleted
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{F168B198-BF6A-43B6-9DAD-BD35677D2660}: DhcpNameServer=68.87.69.146 68.87.85.98
HKLM\SYSTEM\CS1\Services\Tcpip\..\{F168B198-BF6A-43B6-9DAD-BD35677D2660}: DhcpNameServer=68.87.69.146 68.87.85.98
HKLM\SYSTEM\CS3\Services\Tcpip\..\{F168B198-BF6A-43B6-9DAD-BD35677D2660}: DhcpNameServer=68.87.69.146 68.87.85.98
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=68.87.69.146 68.87.85.98
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=68.87.69.146 68.87.85.98
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=68.87.69.146 68.87.85.98
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"system"=""
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{12BA02B1-FA34-4384-B2A2-8EBD93C26E5E}"="OLE Object"
[HKEY_CLASSES_ROOT\CLSID\{12BA02B1-FA34-4384-B2A2-8EBD93C26E5E}\InProcServer32]
@="C:\WINDOWS\system32\floop32.dll"
[HKEY_CURRENT_USER\Software\Classes\CLSID\{12BA02B1-FA34-4384-B2A2-8EBD93C26E5E}\InProcServer32]
@="C:\WINDOWS\system32\floop32.dll"
»»»»»»»»»»»»»»»»»»»»»»»» End
Here's the anti-spiware log:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 3:08:29 PM 10/23/2007
+ Scan result:
:mozilla.164:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.165:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.166:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.160:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.13:C:\Program Files\iolo\System Mechanic Professional 6\Undo\Manual\{E269D77F-7839-493E-883E-9005FEBEE51B}\{68A5E9A7-ACE8-46F9-8C3E-180AF34B636E}.txt/{68A5E9A7-ACE8-46F9-8C3E-180AF34B636E}.txt -> TrackingCookie.Com : Error during cleaning.
:mozilla.20:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.167:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned.
:mozilla.281:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Fortunecity : Cleaned.
:mozilla.282:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Fortunecity : Cleaned.
:mozilla.234:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.269:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.103:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.22:C:\Program Files\iolo\System Mechanic Professional 6\Undo\Manual\{E269D77F-7839-493E-883E-9005FEBEE51B}\{68A5E9A7-ACE8-46F9-8C3E-180AF34B636E}.txt/{68A5E9A7-ACE8-46F9-8C3E-180AF34B636E}.txt -> TrackingCookie.Paypal : Error during cleaning.
:mozilla.89:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.308:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.34:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.35:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.36:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.37:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.38:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.39:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.287:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.288:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.289:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.290:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.291:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.292:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.149:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.150:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.25:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.26:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.27:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.28:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.29:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.30:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.40:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.42:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.46:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.47:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.184:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.185:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.186:C:\Documents and Settings\Frost\Application Data\Mozilla\Firefox\Profiles\ygtuexru.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
::Report end
And here's a fresh HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 3:39:15 PM, on 10/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\windows\system32\hkcmd.exe
C:\Program Files\iolo\System Mechanic Professional 6\SystemGuardAlerter.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
C:\windows\system32\drivers\KodakCCS.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\windows\system32\tcpsvcs.exe
C:\windows\system32\svchost.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\windows\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Frost\My Documents\Anthony's things\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost
O2 - BHO: (no name) - {34E6F97C-34E0-4CE5-B92B-F83634BEDC01} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [igfxtray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Free Radio] C:\Program Files\Free Radio\radio.exe
O4 - HKLM\..\Run: [SystemGuardAlerter] SystemGuardAlerter.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} -
http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Frost\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {13EC55CF-D993-475B-9ACA-F4A384957956} -
https://www.windowsonecare.com/install/ ... bAgent.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) -
http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} -
http://messenger.zone.msn.com/binary/ZI ... b32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) -
http://messenger.zone.msn.com/binary/Ba ... b31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) -
http://messenger.zone.msn.com/binary/So ... b31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\windows\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\windows\system32\drivers\KodakCCS.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\system32\npkcsvc.exe
O23 - Service: PHPGeekUtil - Unknown owner - c:\apache\APACHE.EXE" --ntservice (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe