Thread: WinSpywareProtect - How can I remove it?
View Single Post
Old 06-16-2008, 01:43 PM   #3 (permalink)
Tox93
Registered User
 
Tox93's Avatar
 
Join Date: Dec 2007
Posts: 11
OS: Vista Home Premium (s.p.1)


Send a message via MSN to Tox93 Send a message via Skype™ to Tox93
Re: WinSpywareProtect - How can I remove it?
ComboFix 08-06-15.4 - Thoko 2008-06-16 22.26.55.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1118 [GMT 2:00]

Here are my logs - the first is the ComboFix log and the next is the HijackThis log.


Running from: C:\Users\Thoko\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\FunWebProducts
C:\Program Files\MyWebSearch
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
C:\ProgramData\Adsl Software Limited
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\LOG\20080608120754532.log
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\LOG\20080609174723714.log
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\LOG\20080609222502111.log
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\LOG\20080610075418358.log
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\LOG\20080610170618767.log
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\LOG\20080611173648573.log
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\LOG\20080612165909719.log
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\LOG\20080613175026787.log
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\LOG\20080614110708745.log
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\LOG\20080616180930298.log
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\LOG\20080616222505181.log
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe

.
((((((((((((((((((((((((( Files Created from 2008-05-16 to 2008-06-16 )))))))))))))))))))))))))))))))
.

2008-06-13 00:21 . 2008-06-13 00:21 50 --a------ C:\Windows\MegaManager.INI
2008-06-13 00:18 . 2008-06-13 00:18 <DIR> d-------- C:\Users\Thoko\AppData\Roaming\Megaupload
2008-06-13 00:12 . 2008-06-13 00:12 <DIR> d-------- C:\Users\Thoko\AppData\Roaming\MegauploadToolbar
2008-06-13 00:12 . 2008-06-13 00:19 <DIR> d-------- C:\Program Files\MegauploadToolbar
2008-06-13 00:11 . 2008-06-13 00:11 <DIR> d-------- C:\Program Files\Megaupload
2008-06-12 23:07 . 2008-06-12 23:07 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-06-11 20:07 . 2008-06-11 20:07 <DIR> d-------- C:\Deckard
2008-06-11 17:41 . 2008-04-25 04:12 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-06-11 17:41 . 2008-04-26 10:08 1,314,816 --a------ C:\Windows\System32\quartz.dll
2008-06-11 17:41 . 2008-04-25 06:35 826,880 --a------ C:\Windows\System32\wininet.dll
2008-06-11 17:41 . 2008-05-10 03:33 113,664 --a------ C:\Windows\System32\drivers\rmcast.sys
2008-06-09 23:50 . 2008-06-09 23:50 <DIR> d-------- C:\PerfLogs
2008-06-09 22:47 . 2008-06-10 18:19 <DIR> d-a------ C:\Users\All Users\TEMP
2008-06-09 22:47 . 2008-06-10 18:19 <DIR> d-a------ C:\ProgramData\TEMP
2008-06-09 21:55 . 2008-06-09 22:52 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-06-09 21:55 . 2005-04-15 19:58 1,071,088 --a------ C:\Windows\System32\MSCOMCTL.OCX
2008-06-09 21:55 . 2005-08-25 18:19 115,920 --a------ C:\Windows\System32\MSINET.OCX
2008-06-09 19:36 . 2008-06-09 19:39 <DIR> d-------- C:\Program Files\Panda Security
2008-06-07 23:42 . 2008-01-19 09:35 9,847,296 --a------ C:\Windows\System32\NlsData000a.dll
2008-06-07 23:41 . 2008-01-19 09:35 3,072,000 --a------ C:\Windows\System32\networkmap.dll
2008-06-07 23:40 . 2008-01-19 09:32 5,714,432 --a------ C:\Windows\System32\logon.scr
2008-06-07 23:39 . 2008-01-19 09:34 6,103,040 --a------ C:\Windows\System32\chtbrkr.dll
2008-06-07 23:38 . 2008-01-19 08:06 8,147,456 --a------ C:\Windows\System32\wmploc.DLL
2008-06-07 23:37 . 2008-01-19 09:36 357,888 --a------ C:\Windows\System32\wbemcomn.dll
2008-06-07 23:36 . 2008-01-19 09:36 704,512 --a------ C:\Windows\System32\SmiEngine.dll
2008-06-07 23:36 . 2008-01-19 09:34 305,152 --a------ C:\Windows\System32\msdelta.dll
2008-06-07 23:36 . 2008-01-19 09:34 258,560 --a------ C:\Windows\System32\dpx.dll
2008-06-07 23:36 . 2008-01-19 09:34 246,784 --a------ C:\Windows\System32\drvstore.dll
2008-06-07 23:36 . 2008-01-19 09:36 218,624 --a------ C:\Windows\System32\wdscore.dll
2008-06-07 23:36 . 2008-01-19 09:36 139,264 --a------ C:\Windows\System32\SmiInstaller.dll
2008-06-07 23:36 . 2008-01-19 09:33 130,560 --a------ C:\Windows\System32\PkgMgr.exe
2008-06-07 23:36 . 2008-01-19 09:35 35,328 --a------ C:\Windows\System32\mspatcha.dll
2008-06-07 20:26 . 2008-04-30 16:09 2,408,448 --a------ C:\Program Files\game.exe
2008-06-03 19:35 . 2008-06-08 15:12 <DIR> d-------- C:\Users\All Users\Viewpoint
2008-06-03 19:35 . 2008-06-08 15:12 <DIR> d-------- C:\ProgramData\Viewpoint
2008-06-03 19:34 . 2008-06-03 19:44 <DIR> d-------- C:\Users\All Users\AOL OCP
2008-06-03 19:34 . 2008-06-03 19:34 <DIR> d-------- C:\Users\All Users\AOL
2008-06-03 19:34 . 2008-06-03 19:44 <DIR> d-------- C:\ProgramData\AOL OCP
2008-06-03 19:34 . 2008-06-03 19:34 <DIR> d-------- C:\ProgramData\AOL
2008-06-03 19:34 . 2008-06-04 17:21 <DIR> d-------- C:\Program Files\Common Files\AOL
2008-06-03 19:33 . 2008-06-03 19:43 426 --ah----- C:\IPH.PH
2008-05-30 10:39 . 2008-03-08 04:08 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-05-30 10:39 . 2008-03-08 06:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
2008-05-25 15:35 . 2008-05-25 15:35 <DIR> dr------- C:\Windows\System32\config\systemprofile\Music
2008-05-17 22:21 . 2008-05-17 22:22 <DIR> d-------- C:\Program Files\Safari
2008-05-17 22:20 . 2008-05-17 22:20 <DIR> d-------- C:\Program Files\Apple Software Update

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-16 08:49 --------- d-----w C:\ProgramData\Google Updater
2008-06-13 21:55 --------- d-----w C:\Users\Thoko\AppData\Roaming\gtk-2.0
2008-06-13 16:31 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 4
2008-06-12 22:11 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-12 08:09 --------- d-----w C:\Program Files\Windows Mail
2008-06-11 19:39 --------- d-----w C:\Users\Thoko\AppData\Roaming\Skype
2008-06-11 19:00 --------- d-----w C:\Users\Thoko\AppData\Roaming\skypePM
2008-06-11 13:21 4,152 ----a-w C:\Users\Joy\AppData\Roaming\wklnhst.dat
2008-06-10 17:14 --------- d-----w C:\Users\Thoko\AppData\Roaming\Image Zone Express
2008-06-09 22:06 174 --sha-w C:\Program Files\desktop.ini
2008-06-09 21:56 --------- d-----w C:\Program Files\Windows Sidebar
2008-06-09 21:56 --------- d-----w C:\Program Files\Windows Calendar
2008-06-09 21:55 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-06-09 21:55 --------- d-----w C:\Program Files\Windows Journal
2008-06-09 21:55 --------- d-----w C:\Program Files\Windows Defender
2008-06-09 21:55 --------- d-----w C:\Program Files\Windows Collaboration
2008-06-09 21:02 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-06-09 21:02 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-06-07 18:48 3,476 ----a-w C:\Program Files\CONFIG.INI
2008-06-07 18:48 263 ----a-w C:\Program Files\Log.txt
2008-06-07 18:45 --------- d-----w C:\Program Files\GameGuard
2008-06-07 18:37 710,594 ----a-w C:\Program Files\data.sah
2008-06-07 18:37 70 ----a-w C:\Program Files\Version.ini
2008-06-07 18:37 1,820,869,059 ----a-w C:\Program Files\data.saf
2008-05-31 11:51 805 ----a-w C:\Windows\system32\drivers\SYMEVENT.INF
2008-05-31 11:51 123,952 ----a-w C:\Windows\system32\drivers\SYMEVENT.SYS
2008-05-31 11:51 10,671 ----a-w C:\Windows\system32\drivers\SYMEVENT.CAT
2008-05-31 11:51 --------- d-----w C:\Program Files\Symantec
2008-05-25 12:28 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-05-23 22:56 --------- d-----w C:\Program Files\Incomplete
2008-05-11 17:30 --------- d-----w C:\ProgramData\Symantec
2008-05-11 17:30 --------- d-----w C:\Program Files\SweetIM
2008-05-11 16:10 --------- d-----w C:\Users\Thoko\AppData\Roaming\LimeWire
2008-05-11 13:23 --------- d-----w C:\ProgramData\SweetIM
2008-05-10 21:25 85,640 ----a-w C:\Users\Thoko\AppData\Roaming\GDIPFONTCACHEV1.DAT
2008-05-09 13:13 --------- d-----w C:\Users\Maggie\AppData\Roaming\HP
2008-05-08 20:00 1,088 ----a-w C:\Users\Thoko\AppData\Roaming\wklnhst.dat
2008-05-08 19:48 --------- d-----w C:\Program Files\Paint.NET
2008-05-07 14:56 --------- d-----w C:\Users\Maggie\AppData\Roaming\Roxio
2008-05-07 14:56 --------- d-----w C:\Users\Maggie\AppData\Roaming\ATI
2008-05-07 14:55 --------- d-----w C:\Users\Maggie\AppData\Roaming\GTek
2008-05-06 20:08 --------- d-----w C:\Program Files\SGBIS
2008-05-01 10:38 --------- d-----w C:\Program Files\Norton 360
2008-04-30 16:40 --------- d-----w C:\Program Files\DivX
2008-04-30 16:40 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-04-29 18:37 --------- d-----w C:\Users\Phiri\AppData\Roaming\Printer Info Cache
2008-04-29 18:37 --------- d-----w C:\Users\Phiri\AppData\Roaming\Image Zone Express
2008-03-31 21:25 831,488 ----a-w C:\Windows\System32\divx_xx0a.dll
2008-03-31 21:25 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-03-31 21:25 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-03-31 21:25 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-03-31 21:25 682,496 ----a-w C:\Windows\System32\DivX.dll
2008-03-31 21:25 161,096 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-03-29 02:19 372,736 ----a-w C:\Windows\System32\ATIDEMGX.dll
2008-03-29 02:19 315,392 ----a-w C:\Windows\System32\atipdlxx.dll
2008-03-29 02:19 159,744 ----a-w C:\Windows\System32\atitmmxx.dll
2008-03-29 02:18 43,520 ----a-w C:\Windows\System32\ati2edxx.dll
2008-03-29 02:18 253,952 ----a-w C:\Windows\System32\Ati2evxx.dll
2008-03-29 02:18 249,856 ----a-w C:\Windows\System32\Oemdspif.dll
2008-03-29 02:17 667,648 ----a-w C:\Windows\System32\Ati2evxx.exe
2008-03-29 02:12 9,662,464 ----a-w C:\Windows\System32\atioglxx.dll
2008-03-29 02:10 1,499,136 ----a-w C:\Windows\System32\atidxx32.dll
2008-03-29 02:05 3,074,560 ----a-w C:\Windows\System32\atiumdag.dll
2008-03-29 01:51 4,088,320 ----a-w C:\Windows\System32\atiumdva.dll
2008-03-29 01:41 47,104 ----a-w C:\Windows\System32\amdpcom32.dll
2008-03-21 20:30 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-03-21 20:30 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-03-21 20:30 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-03-21 20:30 129,784 ------w C:\Windows\System32\PxAFS.DLL
2008-03-21 20:30 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-03-21 20:28 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-03-21 20:28 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-03-21 20:28 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-03-21 20:28 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-03-21 20:28 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-03-21 20:28 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-03-21 20:28 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-03-21 20:28 196,608 ----a-w C:\Windows\System32\dtu100.dll
2008-03-21 20:28 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2008-02-23 17:17 32 ----a-w C:\Users\All Users\ezsid.dat
2008-02-23 17:17 32 ----a-w C:\ProgramData\ezsid.dat
2008-01-27 20:46 340 ----a-w C:\Program Files\ShaiyaUS.ini
2008-01-13 17:37 274,625 ----a-w C:\Program Files\GameGuard.des
2007-12-18 10:23 684 ----a-w C:\Program Files\tip.txt
2007-12-17 09:07 851 ----a-w C:\Program Files\notice.txt
2007-12-13 09:55 2,596,864 ----a-w C:\Program Files\Updater.exe
2007-10-09 18:40 29,184 ----a-w C:\Program Files\CONFIG.exe
2003-12-15 07:42 372,736 ----a-w C:\Program Files\ijl15.dll
2000-12-03 13:59 53,760 ----a-w C:\Program Files\zlib.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-03-27 14:12 1164600 --a------ C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-03-27 14:12 1164600]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-03-27 14:12 1164600]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 09:33 125952]
"ISUSPM"="C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 16:41 222128]
"googletalk"="C:\Users\Thoko\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 23:22 3739648]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 11:23 202544]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]
"WinSpywareProtect"="C:\ProgramData\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="C:\Dell\E-Center\EULALauncher.exe" [2007-05-25 08:03 17920]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 08:22 4907008 C:\Windows\RtHDVCpl.exe]
"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe" [ ]
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2008-01-21 20:11 77824]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 14:35 90112]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 13:37 81920]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 13:22 221184]
"NMSSupport"="C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" [2007-06-27 12:14 439512]
"CCUTRAYICON"="C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2007-06-27 12:18 215256]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-01-21 20:23 1838592]
"dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 11:24 16384]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 22:52 49152]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 07:59 115816]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 18:38 583048]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"SweetIM"="C:\Program Files\SweetIM\Messenger\SweetIM.exe" [2008-03-27 19:31 111928]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 11:23 202544]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [3/4/2008 9:59:26 PM 125624]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [1/2/2007 10:40:10 PM 210520]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 2:01:04 AM 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{B2224C36-FFAE-4490-8BD4-5B3577453FCF}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{F3FE623F-9D18-49C8-9725-9967A3B1A347}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{1D14D6A8-9522-4CA2-90B8-C668EE696F46}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{608D14B6-8FB1-494A-B2F7-01EAF3142D78}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{AAD7D3ED-A920-4C28-AA71-D20B941977B3}"= UDP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{D81AA98E-A8CC-499C-8542-947E90AD8BF8}"= TCP:Profile=Private|Profile=Public:LocalSubnet:LocalSubnet|C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{A3096D21-0BEA-4267-92C7-995C4696A1B9}"= TCP:Profile=Private|Profile=Public|9442:127.0.0.1:Intel(R) Viiv(TM) Media Server Discovery
"{F91873B1-D06C-457D-8859-38BC72B968D2}"= TCP:Profile=Private|Profile=Public|1900:LocalSubnet:LocalSubnet:Intel(R) Viiv(TM) Media Server UPnP Discovery
"{F67D6F08-6447-4069-AF34-CCFC0AFCAFFA}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{576B594F-F8E7-441C-B1C0-B98AAD4E8CDE}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{ED01ED0D-EC62-4B79-B150-61B36B6323BD}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{11435DCC-599C-4F02-B425-85941C5D7E79}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{2AA2CE25-5626-4355-9D80-D2A522F73900}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{7360A952-E585-4A9B-ABE5-57FFFF4503F2}"= UDP:C:\Users\Thoko\Desktop\FrostWire\FrostWire.exe:LimeWire
"{1E483B85-9A84-424A-9D11-0364854310F6}"= TCP:C:\Users\Thoko\Desktop\FrostWire\FrostWire.exe:LimeWire
"{10DAB463-D9B8-4C81-BB31-8B87237151AD}"= UDP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{B97D6092-9007-4CA0-89F8-BEDC1B53D3D7}"= TCP:C:\Program Files\Common Files\AOL\Loader\aolload.exe:AOL Loader

R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080613.001\IDSvix86.sys [2008-02-14 03:39]
R2 AERTFilters;Andrea RT Filters Service;C:\Windows\system32\AERTSrv.exe [2007-12-05 07:17]
R2 DQLWinService;DQLWinService;"C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe" [2007-02-12 13:46]
R2 NMSCore;Intel(R) NMSCore;"C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe" [2007-06-27 12:14]
R2 nmsunidr;UniDriver for NMS;C:\Windows\system32\DRIVERS\nmsunidr.sys [2007-02-18 22:34]
R2 QualityManager;Intel(R) Quality Manager;"C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe" [2007-06-27 12:17]
R2 RapiMgr;Windows Mobile-based device connectivity;C:\Windows\system32\svchost.exe [2008-01-19 09:33]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 11:23]
R2 WcesComm;Windows Mobile-2003-based device connectivity;C:\Windows\system32\svchost.exe [2008-01-19 09:33]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-29 06:24]
R3 IntelDH;IntelDH Driver;C:\Windows\system32\Drivers\IntelDH.sys [2008-01-21 20:20]
R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2007-01-10 00:32]
S3 DHTRACE;Intel(R) DHTrace Controller;C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [2007-06-27 12:15]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-03-29 06:24]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\shell\AutoRun\command - F:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\shell\AutoRun\command - J:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{81257c1d-e7f4-11dc-b30d-001d0980d630}]
\shell\AutoRun\command - J:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{81257c1f-e7f4-11dc-b30d-001d0980d630}]
\shell\AutoRun\command - K:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df18f2d5-e221-11dc-874e-001d0980d630}]
\shell\AutoRun\command - F:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e2814f98-e301-11dc-a6d7-001d0980d630}]
\shell\AutoRun\command - F:\StartVMCLite.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2008-02-23 16:05:36 C:\Windows\Tasks\Verifica aggiornamenti per Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-16 22:31:24
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-06-16 22.32.32
ComboFix-quarantined-files.txt 2008-06-16 20:32:13

Pre-Run: 422,815,293,440 bytes free
Post-Run: 422,798,581,760 bytes free

300 --- E O F --- 2008-06-11 21:44:59

here is the HijackThis log.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22.36.53, on 16/06/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Windows\ehome\ehtray.exe
C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Users\Thoko\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
F:\PhoneConnectorVMC.exe
C:\Program Files\vodafone\vmclite\vmc.exe
C:\Windows\system32\conime.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\notepad.exe
C:\Windows\Explorer.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [CCUTRAYICON] "C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [googletalk] C:\Users\Thoko\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [WinSpywareProtect] "C:\ProgramData\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3335789715-1905851267-2765387284-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-3335789715-1905851267-2765387284-1001\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter (User 'Phiri')
O4 - HKUS\S-1-5-21-3335789715-1905851267-2765387284-1002\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (User 'Maggie')
O4 - HKUS\S-1-5-21-3335789715-1905851267-2765387284-1003\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Joy')
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O13 - Gopher Prefix:
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/noc...tup1.0.1.0.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/ca..._2.3.6.108.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/...oUploader3.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FED65F38-E694-4D9D-9F26-50377375441C}: NameServer = 83.224.66.134 83.224.65.134
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Intel(R) DHTrace Controller (DHTRACE) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Intel(R) NMSCore (NMSCore) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
O23 - Service: Intel(R) Quality Manager (QualityManager) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 15830 bytes
Tox93 is offline