ComboFix 08-06-16.5 - Administrator 2008-06-18 22:54:51.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1272 [GMT 2:00]
Running from: C:\x\ComboFix.exe
Command switches used :: C:\x\CFScript.txt
* Created a new restore point
FILE ::
C:\WINDOWS\system32\clkcnt.txt
Q:\Driver\desktop.ini
Q:\Driver\DESKTOP.INI
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
Q:\Driver\desktop.ini . . . . failed to delete
.
((((((((((((((((((((((((( Files Created from 2008-05-18 to 2008-06-18 )))))))))))))))))))))))))))))))
.
2100-02-24 15:15 . 2001-04-02 17:30 821 --a------ C:\WINDOWS\Lexmark_ICM.ini
2100-02-16 17:09 . 2001-02-16 16:37 62 --a------ C:\WINDOWS\system32\LXASUSCI.INI
2008-06-08 14:55 . 2008-06-08 14:55 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-08 14:55 . 2008-06-08 14:55 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-06-08 14:55 . 2008-06-08 14:55 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2008-06-08 14:55 . 2008-06-05 16:04 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-08 14:55 . 2008-06-05 16:04 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-07 00:14 . 2008-06-18 22:54 <DIR> d-------- C:\x
2008-06-06 23:16 . 2008-06-06 23:16 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-04 22:33 . 2008-06-04 22:33 82 --a------ C:\WINDOWS\mafosav.INI
2008-06-03 21:48 . 2008-06-03 21:48 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-03 21:48 . 2008-06-03 22:03 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-06-02 22:38 . 2008-06-02 22:38 <DIR> d-------- C:\Program Files\Lavasoft
2008-06-02 22:38 . 2008-06-02 22:38 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-06-02 22:18 . 2008-06-02 22:18 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-01 02:07 . 2008-06-01 02:07 6,148 --------- C:\Documents and Settings\.DS_Store
2008-06-01 00:35 . 2008-06-01 00:35 <DIR> d-------- C:\.Trashes
2008-06-01 00:35 . 2008-06-01 00:35 4,096 --------- C:\._.Trashes
2008-05-31 01:32 . 2008-05-31 01:46 <DIR> d-------- C:\YoutubeGet
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-15 23:05 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\FLEXnet
2008-06-04 21:15 --------- d-----w C:\Program Files\MagicDisc
2008-06-02 21:10 --------- d-----w C:\Documents and Settings\Administrator\Application Data\uTorrent
2008-05-27 21:18 --------- d-----w C:\Documents and Settings\Administrator\Application Data\FileZilla
2008-05-26 15:11 94,208 ----a-w C:\WINDOWS\DUMP7649.tmp
2008-05-22 18:19 94,208 ----a-w C:\WINDOWS\DUMP7985.tmp
2008-05-19 22:35 --------- d-----w C:\Documents and Settings\Administrator\Application Data\CoreFTP
2008-05-15 23:21 --------- d-----w C:\Program Files\FileZilla FTP Client
2008-05-15 18:01 4,952 --sha-r C:\bootfont.bin
2008-05-15 17:55 22,528 --sh--r C:\bootwiz.sys
2008-05-15 16:02 94,208 ----a-w C:\WINDOWS\DUMP755e.tmp
2008-05-14 14:39 2,145,386,496 --sha-w C:\WINDOWS\DUMP61a8.tmp
2008-05-12 23:18 --------- d-----w C:\Program Files\Chameleon Flash Lite edition
2008-05-10 12:24 --------- d-----w C:\Program Files\ADShareit
2008-05-09 22:51 --------- d-----w C:\Program Files\TeamViewer3
2008-05-09 22:20 --------- d-----w C:\Documents and Settings\Administrator\Application Data\TeamViewer
2008-05-08 12:14 203,008 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 04:55 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
2008-04-25 15:16 94,208 ----a-w C:\WINDOWS\DUMP60cd.tmp
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-19 19:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-19 19:19 --------- d-----w C:\Program Files\PTG Interactive
2008-04-19 19:14 --------- d-----w C:\Program Files\Real Alternative
2008-04-15 17:13 94,208 ----a-w C:\WINDOWS\DUMP5d91.tmp
2008-04-08 19:21 368,640 ----a-w C:\WINDOWS\system32\ReWire.dll
2008-04-08 19:21 233,472 ----a-w C:\WINDOWS\system32\REX Shared Library.dll
2008-03-26 08:09 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-25 08:20 219,936 ----a-w C:\WINDOWS\system32\msltus40.dll
2008-03-19 09:40 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys
.
((((((((((((((((((((((((((((( snapshot@2008-06-07_ 0.52.14.46 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-06 22:28:03 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-18 20:59:11 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-04-14 11:01:02 272,128 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
+ 2008-03-01 13:06:20 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
+ 2008-03-01 13:06:21 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
+ 2008-03-01 13:06:21 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
+ 2008-03-01 13:06:21 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
+ 2008-03-01 13:06:21 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
+ 2008-02-29 08:55:23 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2008-03-01 13:06:21 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
+ 2008-03-01 13:06:21 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
+ 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
+ 2008-03-01 13:06:22 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
+ 2008-03-01 13:06:22 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
+ 2008-03-01 13:06:24 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
+ 2008-03-01 13:06:24 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
+ 2008-03-01 13:06:25 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
+ 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
+ 2008-02-29 08:55:46 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
+ 2008-03-01 13:06:25 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
+ 2008-03-01 13:06:26 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
+ 2008-03-01 13:06:26 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
+ 2008-03-01 16:36:30 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
+ 2008-03-01 13:06:28 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
+ 2008-03-01 13:06:28 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
+ 2008-03-01 13:06:29 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
+ 2008-03-01 13:06:29 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
+ 2008-03-01 13:06:29 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
+ 2008-03-01 13:06:29 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
+ 2008-03-01 13:06:30 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
+ 2008-03-01 13:06:30 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
+ 2008-03-01 13:06:31 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
- 2008-05-17 01:49:42 593,920 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2008-06-14 14:01:48 593,920 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-05-17 01:49:42 12,288 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2008-06-14 14:01:48 12,288 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-05-17 01:49:42 86,016 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-06-14 14:01:48 86,016 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2008-05-17 01:49:41 135,168 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-06-14 14:01:47 135,168 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2008-05-17 01:49:42 11,264 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-06-14 14:01:48 11,264 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-05-17 01:49:42 27,136 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-06-14 14:01:48 27,136 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-05-17 01:49:42 4,096 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2008-06-14 14:01:48 4,096 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-05-17 01:49:42 794,624 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-06-14 14:01:48 794,624 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-05-17 01:49:41 249,856 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-06-14 14:01:47 249,856 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-05-17 01:49:41 61,440 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-06-14 14:01:47 61,440 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2008-05-17 01:49:42 23,040 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-06-14 14:01:48 23,040 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-05-17 01:49:41 286,720 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-06-14 14:01:47 286,720 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-05-17 01:49:41 409,600 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-06-14 14:01:47 409,600 ----a-r C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-03-01 13:06:20 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-04-23 04:16:28 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-03-01 13:06:20 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-04-23 04:16:28 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
- 2004-08-03 22:10:38 274,304 -c--a-w C:\WINDOWS\system32\dllcache\bthport.sys
+ 2008-04-14 11:01:02 272,128 -c--a-w C:\WINDOWS\system32\dllcache\bthport.sys
- 2008-03-01 13:06:21 347,136 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-04-23 04:16:28 347,136 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-03-01 13:06:21 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-04-23 04:16:28 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2008-03-01 13:06:21 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-04-23 04:16:28 133,120 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-03-01 13:06:21 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-04-23 04:16:28 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-02-29 08:55:23 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-04-22 07:39:58 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2008-03-01 13:06:21 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-04-23 04:16:28 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-03-01 13:06:21 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-04-23 04:16:28 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2008-03-01 13:06:22 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-04-23 04:16:28 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-03-01 13:06:22 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-04-23 04:16:28 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-03-01 13:06:24 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-04-23 04:16:28 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-03-01 13:06:24 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-04-23 04:16:28 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-03-01 13:06:25 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-04-23 04:16:28 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2008-02-29 08:55:46 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-04-22 07:40:18 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2008-03-01 13:06:25 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-04-23 04:16:28 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2008-03-01 13:06:26 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-04-23 04:16:28 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-03-01 13:06:26 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-04-23 04:16:28 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-03-01 16:36:30 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-04-23 20:16:30 3,591,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-03-01 13:06:28 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-04-23 04:16:28 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-03-01 13:06:28 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-04-23 04:16:28 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-03-01 13:06:29 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-04-23 04:16:28 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
- 2008-03-01 13:06:29 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-04-23 04:16:28 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-03-01 13:06:29 44,544 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-04-23 04:16:28 44,544 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-29 22:35:13 1,287,680 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
+ 2008-05-07 04:55:40 1,288,192 -c--a-w C:\WINDOWS\system32\dllcache\quartz.dll
- 2007-02-18 21:38:56 202,496 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
+ 2008-05-08 12:14:51 203,008 -c--a-w C:\WINDOWS\system32\dllcache\rmcast.sys
- 2008-03-01 13:06:29 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-04-23 04:16:28 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2008-03-01 13:06:30 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-04-23 04:16:29 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-03-01 13:06:30 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-04-23 04:16:29 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-03-01 13:06:31 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-04-23 04:16:29 826,368 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
- 2004-08-03 22:10:38 274,304 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
+ 2008-04-14 11:01:02 272,128 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
- 2008-03-01 13:06:21 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-04-23 04:16:28 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-03-01 13:06:21 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-04-23 04:16:28 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-03-01 13:06:21 133,120 ------w C:\WINDOWS\system32\extmgr.dll
+ 2008-04-23 04:16:28 133,120 ------w C:\WINDOWS\system32\extmgr.dll
- 2008-05-25 12:09:41 1,437,288 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-06-18 18:17:50 1,437,344 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2008-03-01 13:06:21 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-04-23 04:16:28 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-02-29 08:55:23 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-04-22 07:39:58 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2008-03-01 13:06:21 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
+ 2008-04-23 04:16:28 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2008-03-01 13:06:21 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
+ 2008-04-23 04:16:28 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2008-02-15 05:44:25 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2008-04-20 05:07:51 161,792 ------w C:\WINDOWS\system32\ieakui.dll
- 2008-03-01 13:06:22 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-04-23 04:16:28 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-03-01 13:06:22 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-04-23 04:16:28 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2008-03-01 13:06:24 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-04-23 04:16:28 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-03-01 13:06:24 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2008-04-23 04:16:28 44,544 ------w C:\WINDOWS\system32\iernonce.dll
- 2008-03-01 13:06:25 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-04-23 04:16:28 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2008-03-01 13:06:25 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2008-04-23 04:16:28 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2007-02-20 15:04:02 2,463,976 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2008-03-25 03:21:18 2,889,088 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
- 2007-02-20 15:04:04 190,696 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-03-25 03:21:20 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2008-06-08 12:09:40 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
- 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
- 2008-03-01 13:06:26 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-04-23 04:16:28 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-03-01 13:06:26 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-04-23 04:16:28 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-03-01 16:36:30 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-04-23 20:16:30 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-03-01 13:06:28 478,208 ------w C:\WINDOWS\system32\mshtmled.dll
+ 2008-04-23 04:16:28 478,208 ------w C:\WINDOWS\system32\mshtmled.dll
- 2008-03-01 13:06:28 193,024 ------w C:\WINDOWS\system32\msrating.dll
+ 2008-04-23 04:16:28 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2008-03-01 13:06:29 671,232 ------w C:\WINDOWS\system32\mstime.dll
+ 2008-04-23 04:16:28 671,232 ------w C:\WINDOWS\system32\mstime.dll
- 2008-03-01 13:06:29 102,912 ------w C:\WINDOWS\system32\occache.dll
+ 2008-04-23 04:16:28 102,912 ------w C:\WINDOWS\system32\occache.dll
- 2008-03-01 13:06:29 44,544 ------w C:\WINDOWS\system32\pngfilt.dll
+ 2008-04-23 04:16:28 44,544 ------w C:\WINDOWS\system32\pngfilt.dll
- 2007-01-03 10:21:06 14,640 ----a-w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 11:18:51 17,272 ------w C:\WINDOWS\system32\spmsg.dll
+ 2007-11-30 13:44:58 282,624 ----a-w C:\WINDOWS\system32\spool\drivers\color\MXF_SDK_GenericContainer_DV_r.4.1.1.223.dll
+ 2007-11-30 13:44:58 151,552 ----a-w C:\WINDOWS\system32\spool\drivers\color\MXF_SDK_GenericContainer_MPEG_ESAudio_r.4.1.1.223.dll
+ 2007-11-30 13:44:56 401,408 ----a-w C:\WINDOWS\system32\spool\drivers\color\MXF_SDK_GenericContainer_Wave_r.4.1.1.223.dll
- 2008-03-01 13:06:29 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-04-23 04:16:28 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-03-01 13:06:30 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-04-23 04:16:29 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-03-01 13:06:30 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-04-23 04:16:29 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56 15360]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 14:58 495616]
"TaskSwitchXP"="C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe" [2007-05-09 22:33 106904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="rundll32.exe" [2004-08-04 01:56 33280 C:\WINDOWS\system32\rundll32.exe]
"BtTray"="C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe" [2007-12-12 01:39 258134]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 13:10 267048]
"SAFE2007 HotKeys"="C:\Program Files\Steganos Safe 2007\SteganosHotKeyService.exe" [2007-03-29 16:43 25088]
"SAFE2007 File Redirection Starter"="C:\Program Files\Steganos Safe 2007\fredirstarter.exe" [2007-03-29 17:23 53248]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-12-21 09:21 1443072]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"OSSelectorReinstall"="C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [2007-02-22 20:53 2209224]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"Lexmark X83 Button Monitor"="C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe" [2001-10-18 11:25 40960]
"Lexmark X83 Button Manager"="C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe" [2001-06-14 13:42 53248]
"PrinTray"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe" [2002-06-27 04:47 36864]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 13:17 61440]
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 16:40:46 118784]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 16:39 294400]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2007-12-09 23:37 229376 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Ghost 9.0]
--a------ 2004-07-29 05:41 1122304 C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
"C:\\Program Files\\Autodesk\\3ds Max 9\\3dsmax.exe"=
"C:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"C:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"C:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\SopCast\\SopCast.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"C:\\Program Files\\TVAnts\\Tvants.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
R0 PQV2i;PQV2i;C:\WINDOWS\system32\drivers\PQV2i.sys [2004-07-29 04:33]
R1 bbcap;bbcap;C:\WINDOWS\system32\DRIVERS\bbcap.sys [2007-12-16 02:02]
R1 PQIMount;PQIMount;C:\WINDOWS\system32\drivers\PQIMount.sys [2004-07-29 05:13]
R1 SLEE_15_DRIVER;Steganos Live Encryption Engine 15 [Driver];C:\WINDOWS\system32\drivers\Sleen15.sys [2007-02-21 13:33]
R2 BlueSoleilCS;BlueSoleilCS;C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2007-12-12 01:39]
R2 Prvflder;Prvflder;C:\WINDOWS\system32\DRIVERS\prvflder.sys [2006-04-21 09:22]
R3 BsHelpCS;BsHelpCS;C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2007-08-17 16:58]
S3 wampapache;wampapache;"c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe" -k runservice []
S3 wampmysqld;wampmysqld;c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe wampmysqld []
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\Q]
\Shell\AutoRun\command - Q:\OnSpcLCK.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-06-18 18:20:28 C:\WINDOWS\Tasks\User_Feed_Synchronization-{5AB49690-B534-46EB-B40D-17828266B421}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-06-18 22:59:58
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\gearsec.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
C:\WINDOWS\system32\searchindexer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\searchprotocolhost.exe
C:\WINDOWS\system32\searchfilterhost.exe
.
**************************************************************************
Hijackthis
----------------------------------------------------------------
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Steganos Safe 2007\SteganosHotKeyService.exe
C:\Program Files\Steganos Safe 2007\fredirstarter.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\scanner.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] "rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SAFE2007 HotKeys] "C:\Program Files\Steganos Safe 2007\SteganosHotKeyService.exe"
O4 - HKLM\..\Run: [SAFE2007 File Redirection Starter] "C:\Program Files\Steganos Safe 2007\fredirstarter.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [OSSelectorReinstall] "C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [TaskSwitchXP] "C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe"
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
https://www.apple.com/qtactivex/qtplugin.cabO23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe