ComboFix 08-11-13.01 - bob 2008-11-19 17:23:17.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.587 [GMT -6:00]
Running from: c:\documents and settings\bob\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\bob\Desktop\CFScript.txt
FILE ::
c:\windows\fiii
.
((((((((((((((((((((((((( Files Created from 2008-10-19 to 2008-11-19 )))))))))))))))))))))))))))))))
.
2008-11-17 19:56 . 2008-11-17 19:57 <DIR> d-------- c:\program files\Philips
2008-11-15 07:45 . 2008-11-15 07:45 127 --a------ c:\windows\system32\MRT.INI
2008-11-14 00:49 . 2008-10-24 05:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-14 00:46 . 2008-09-04 11:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-11-13 16:47 . 2008-11-13 16:47 <DIR> d-------- c:\program files\Avira
2008-11-13 16:47 . 2008-11-13 16:47 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avira
2008-11-07 05:41 . 2008-11-08 01:18 <DIR> d-------- C:\rsit
2008-11-07 05:33 . 2008-11-07 05:33 84 --ah----- C:\aaw7boot.cmd
2008-11-06 21:31 . 2008-11-06 21:31 <DIR> d-------- c:\program files\Lavasoft
2008-11-06 21:31 . 2008-11-06 21:33 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-11-06 21:30 . 2008-11-06 21:30 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-11-05 19:17 . 2008-11-05 19:17 <DIR> d-------- c:\program files\Windows Media Connect 2
2008-11-05 17:43 . 2008-11-05 17:43 0 --a------ c:\windows\nsreg.dat
2008-11-05 17:39 . 2008-11-06 21:12 4,062,621 --a------ C:\Breaking Benjamin - The Dairy Of Jane.mp3
2008-11-04 22:07 . 2008-11-04 22:07 <DIR> d-------- c:\program files\Trend Micro
2008-11-04 21:57 . 2001-08-17 22:36 8,704 --a------ c:\windows\system32\kbdjpn.dll
2008-11-04 21:57 . 2001-08-17 22:36 8,704 --a--c--- c:\windows\system32\dllcache\kbdjpn.dll
2008-11-04 21:57 . 2001-08-17 22:36 8,192 --a------ c:\windows\system32\kbdkor.dll
2008-11-04 21:57 . 2001-08-17 22:36 8,192 --a--c--- c:\windows\system32\dllcache\kbdkor.dll
2008-11-04 21:57 . 2001-08-17 14:55 6,144 --a------ c:\windows\system32\kbd101c.dll
2008-11-04 21:57 . 2001-08-17 14:55 6,144 --a------ c:\windows\system32\kbd101b.dll
2008-11-04 21:57 . 2001-08-17 14:55 6,144 --a--c--- c:\windows\system32\dllcache\kbd101c.dll
2008-11-04 21:57 . 2001-08-17 14:55 6,144 --a--c--- c:\windows\system32\dllcache\kbd101b.dll
2008-11-04 21:57 . 2001-08-17 14:55 5,632 --a------ c:\windows\system32\kbd103.dll
2008-11-04 21:57 . 2001-08-17 14:55 5,632 --a--c--- c:\windows\system32\dllcache\kbd103.dll
2008-11-04 21:56 . 2008-04-13 19:09 6,144 --a------ c:\windows\system32\kbd106.dll
2008-11-04 21:56 . 2008-04-13 19:09 6,144 --a--c--- c:\windows\system32\dllcache\kbd106.dll
2008-11-03 19:02 . 2008-11-12 21:09 534 --a------ c:\windows\wininit.ini
2008-11-03 18:59 . 2008-11-03 18:59 <DIR> d-------- c:\windows\fiii
2008-11-03 18:36 . 2008-11-03 20:38 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2008-11-03 18:36 . 2008-11-03 21:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-02 22:05 . 2008-11-02 22:05 664 --a------ c:\windows\system32\d3d9caps.dat
2008-11-02 21:06 . 2008-11-02 21:06 <DIR> d-------- c:\windows\Sun
2008-11-02 18:27 . 2008-11-02 18:27 147,456 --a------ c:\windows\system32\vbzip10.dll
2008-11-02 18:24 . 2008-11-16 08:40 <DIR> d-------- C:\Temp
2008-11-02 18:03 . 2008-11-02 18:04 <DIR> d-------- c:\program files\iTunes
2008-11-02 18:03 . 2008-11-02 18:03 <DIR> d-------- c:\program files\iPod
2008-11-02 18:03 . 2008-11-02 18:04 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-02 18:02 . 2008-11-02 18:02 <DIR> d-------- c:\program files\Bonjour
2008-11-02 18:01 . 2008-11-02 18:02 <DIR> d-------- c:\program files\QuickTime
2008-10-31 17:03 . 2006-02-28 06:00 221,184 --a------ c:\windows\system32\wmpns.dll
2008-10-31 17:03 . 2008-11-05 19:19 23,392 --a------ c:\windows\system32\nscompat.tlb
2008-10-31 17:03 . 2008-11-05 19:19 16,832 --a------ c:\windows\system32\amcompat.tlb
2008-10-31 16:51 . 2008-10-31 16:51 410,976 --a------ c:\windows\system32\deploytk.dll
2008-10-31 16:51 . 2008-10-31 16:51 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-10-31 16:50 . 2008-10-31 16:50 <DIR> d-------- c:\program files\Java
2008-10-31 16:10 . 2008-10-31 16:10 <DIR> d-------- c:\documents and settings\bob\Application Data\Windows Search
2008-10-30 13:01 . 2008-10-31 16:56 169 --a------ c:\windows\RtlRack.ini
2008-10-30 12:14 . 2008-10-30 12:14 0 --a------ c:\windows\ativpsrm.bin
2008-10-30 12:11 . 2008-10-30 12:11 <DIR> d-------- c:\documents and settings\bob\Application Data\Windows Desktop Search
2008-10-30 12:10 . 2008-10-30 12:10 <DIR> d-------- c:\windows\system32\GroupPolicy
2008-10-30 12:10 . 2008-10-30 12:10 <DIR> d-------- c:\program files\Windows Desktop Search
2008-10-30 12:10 . 2008-03-07 11:02 192,000 -----c--- c:\windows\system32\dllcache\offfilt.dll
2008-10-30 12:10 . 2008-03-07 11:02 98,304 -----c--- c:\windows\system32\dllcache\nlhtml.dll
2008-10-30 12:10 . 2008-03-07 11:02 29,696 -----c--- c:\windows\system32\dllcache\mimefilt.dll
2008-10-30 12:04 . 2008-10-30 12:05 <DIR> d-------- c:\windows\system32\URTTemp
2008-10-30 11:14 . 2008-10-30 11:14 <DIR> d-------- c:\windows\system32\scripting
2008-10-30 11:14 . 2008-10-30 11:14 <DIR> d-------- c:\windows\system32\en
2008-10-30 11:14 . 2008-10-30 11:14 <DIR> d-------- c:\windows\system32\bits
2008-10-30 11:14 . 2008-10-30 11:14 <DIR> d-------- c:\windows\l2schemas
2008-10-30 11:12 . 2008-10-30 11:12 <DIR> d-------- c:\windows\ServicePackFiles
2008-10-30 10:54 . 2004-08-03 21:41 1,041,536 --------- c:\windows\system32\drivers\hsfdpsp2.sys
2008-10-30 10:54 . 2004-08-03 21:41 685,056 --------- c:\windows\system32\drivers\hsfcxts2.sys
2008-10-30 10:54 . 2004-08-03 21:41 220,032 --------- c:\windows\system32\drivers\hsfbs2s2.sys
2008-10-30 10:54 . 2004-07-17 21:55 129,045 --------- c:\windows\system32\drivers\cxthsfs2.cty
2008-10-30 10:54 . 2004-08-03 21:41 11,868 --------- c:\windows\system32\drivers\mdmxsdk.sys
2008-10-30 10:13 . 2008-08-14 04:11 2,189,184 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-10-30 10:13 . 2008-08-14 04:09 2,145,280 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-10-30 10:13 . 2008-08-14 03:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-10-30 10:13 . 2008-08-14 03:33 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-10-30 10:13 . 2008-10-15 10:34 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2008-10-30 10:13 . 2008-09-08 04:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys
2008-10-30 10:12 . 2008-09-15 06:12 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys
2008-10-30 10:12 . 2008-08-14 04:04 138,496 -----c--- c:\windows\system32\dllcache\afd.sys
2008-10-30 10:11 . 2008-04-11 13:04 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2008-10-30 10:10 . 2008-06-13 05:05 272,128 --------- c:\windows\system32\drivers\bthport.sys
2008-10-30 10:10 . 2008-06-13 05:05 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2008-10-30 10:10 . 2008-05-08 08:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2008-10-30 09:50 . 2008-10-30 09:50 <DIR> d--hs---- c:\documents and settings\bob\UserData
2008-10-30 09:14 . 2001-07-06 00:19 164 --a------ c:\windows\avrack.ini
2008-10-30 09:13 . 2008-10-30 09:14 <DIR> d-------- c:\program files\Realtek AC97
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-18 01:57 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-03 00:01 --------- d-----w c:\program files\Common Files\Apple
2008-10-31 22:27 --------- d-----w c:\program files\Apple Software Update
2008-10-30 16:39 --------- d-----w c:\program files\ATI Technologies
2008-10-30 15:14 --------- d-----w c:\program files\AvRack
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-08 11:37 --------- d-----w c:\program files\EA GAMES
2008-10-04 12:18 --------- d-----w c:\documents and settings\bob\Application Data\Apple Computer
2008-09-24 21:42 --------- d-----w c:\program files\ABBYY FineReader 5.0 Sprint
2008-09-24 21:40 --------- d-----w c:\program files\Lexmark X5100 Series
2008-09-24 02:17 311,296 ----a-w c:\windows\system32\SET14.tmp
2008-09-24 01:54 4,008,864 ----a-w c:\windows\system32\SET1D.tmp
2008-09-24 01:12 573,440 ----a-w c:\windows\system32\SET17.tmp
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:14 1,307,648 ----a-w c:\windows\system32\msxml6.dll
2008-09-04 17:15 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-29 16:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-08-29 15:53 61,440 ----a-w c:\windows\system32\dnssd.dll
2008-08-26 07:24 826,368 ----a-w c:\windows\system32\wininet.dll
.
((((((((((((((((((((((((((((( snapshot@2008-11-15_ 8.07.20.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-05 02:16:46 1,887,080 ----a-w c:\windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
- 2006-11-02 00:31:34 315,904 ----a-w c:\windows\inf\unregmp2.exe
+ 2007-06-27 04:10:26 317,440 ----a-w c:\windows\inf\unregmp2.exe
- 2006-11-02 00:31:34 315,904 -c--a-w c:\windows\system32\dllcache\unregmp2.exe
+ 2007-06-27 04:10:26 317,440 -c--a-w c:\windows\system32\dllcache\unregmp2.exe
- 2008-06-27 21:03:55 75,072 ----a-w c:\windows\system32\drivers\avipbb.sys
+ 2008-11-16 02:19:44 75,072 ----a-w c:\windows\system32\drivers\avipbb.sys
+ 2008-10-05 03:16:26 235,936 ----a-r c:\windows\system32\Macromed\Flash\FlashUtil10a.exe
+ 2008-11-16 14:36:44 89,102 ----a-w c:\windows\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-11-19 23:12:29 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_6e4.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"PhilipsLime"="c:\program files\Philips\Philips Lime Service\bin\LimeAlive.exe" [2005-09-08 159744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"PhilipsDM"="c:\program files\Philips\Philips Device Manager\Bin\DeviceManager.exe" [2005-12-12 622592]
"SoundMan"="SOUNDMAN.EXE" [2006-08-03 c:\windows\soundman.exe]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-05-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-13 18:12 15360 c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 18:57 289576 c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X5100 Series]
--a------ 2003-03-04 06:49 86100 c:\program files\Lexmark X5100 Series\lxbabmgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 15:09 413696 c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-10-31 16:51 136600 c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite XII.SP2c\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R2 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe [2008-04-23 98488]
R3 BCM42XX;Broadcom iLine10(tm) Network Adapter Driver;c:\windows\system32\DRIVERS\bcm42xx5.sys [2001-08-17 54271]
.
Contents of the 'Scheduled Tasks' folder
2008-11-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-11-19 17:25:51
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-11-19 17:28:47
ComboFix-quarantined-files.txt 2008-11-19 23:27:58
ComboFix2.txt 2008-11-16 14:44:32
ComboFix3.txt 2008-11-15 14:08:46
Pre-Run: 23,840,591,872 bytes free
Post-Run: 23,832,899,584 bytes free
187 --- E O F --- 2008-11-16 16:52:10
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:33:11 PM, on 11/19/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Philips\Philips Lime Service\bin\Lime.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://msn.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
--
End of file - 5140 bytes