123456
08-24-2007, 09:23 AM
I think I have some spyware on my Vista installation. Windows Defender refuses to open and some shady spyware detector is there. Here's my HJT log.
EDIT: Ended processes avp.exe and xpupdate.exe. Fake spyware removal programs no longer in sys tray.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:21:42 AM, on 8/24/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
D:\Windows\System32\smss.exe
D:\Windows\system32\csrss.exe
D:\Windows\system32\wininit.exe
D:\Windows\system32\csrss.exe
D:\Windows\system32\services.exe
D:\Windows\system32\lsass.exe
D:\Windows\system32\lsm.exe
D:\Windows\system32\winlogon.exe
D:\Windows\system32\svchost.exe
D:\Windows\system32\svchost.exe
D:\Windows\System32\svchost.exe
D:\Windows\System32\svchost.exe
D:\Windows\System32\svchost.exe
D:\Windows\system32\svchost.exe
D:\Windows\system32\SLsvc.exe
D:\Windows\system32\svchost.exe
D:\Windows\system32\svchost.exe
D:\Windows\System32\ZoneLabs\vsmon.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Windows\System32\spoolsv.exe
D:\Windows\system32\svchost.exe
D:\Windows\system32\taskeng.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Windows\System32\svchost.exe
D:\Windows\System32\svchost.exe
D:\Windows\system32\svchost.exe
D:\Program Files\Common Files\Protexis\License Service\PSIService.exe
D:\Windows\system32\svchost.exe
D:\Windows\System32\svchost.exe
D:\Windows\system32\SearchIndexer.exe
D:\Windows\system32\taskeng.exe
D:\Program Files\Windows Defender\MSASCui.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Windows\WindowsMobile\wmdSync.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Windows\System32\rundll32.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Windows\avp.exe
D:\Windows\ehome\ehtray.exe
D:\Program Files\Windows Media Player\wmpnscfg.exe
D:\Windows\system32\svchost.exe
C:\WINDOWS\xpupdate.exe
D:\Windows\ehome\ehmsas.exe
D:\Program Files\Windows Media Player\wmpnetwk.exe
D:\Program Files\Last.fm\LastFMHelper.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\AIM6\aim6.exe
D:\Program Files\AIM6\aolsoftware.exe
D:\Windows\mgrs.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Windows\servicing\TrustedInstaller.exe
D:\Windows\SoftwareDistribution\SelfUpdate\Handler \WuSetupV.exe
D:\My Documents\HiJackThis.exe
D:\Windows\system32\SearchProtocolHost.exe
D:\Windows\system32\SearchFilterHost.exe
D:\Windows\system32\wbem\wmiprvse.exe
d:\program files\aim6\anotify.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7FB2CDEF-B963-4996-9DC5-BDD96441190A} - D:\Windows\system32\jkhhh.dll (file missing)
O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - D:\Windows\system32\qfvwwjbu.dll
O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE D:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSScheduler] "D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "D:\Windows\system32\oxmfpnho.dll",forkonce
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "D:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [avp] D:\Windows\avp.exe
O4 - HKLM\..\Run: [CTDrive] rundll32.exe D:\Windows\system32\drvmoc.dll,startup
O4 - HKCU\..\Run: [ehTray.exe] D:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] D:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "D:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [ISUSPM] "D:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Desktop Manager.lnk = D:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Global Startup: Last.fm Helper.lnk = D:\Program Files\Last.fm\LastFMHelper.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: hggfghe - D:\Windows\SYSTEM32\hggfghe.dll
O20 - Winlogon Notify: winlkv32 - D:\Windows\SYSTEM32\winlkv32.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - D:\Windows\System32\DreamScene.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - D:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DesktopCont rolPanel.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - D:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamContro l.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ProtexisLicensing - Unknown owner - D:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - D:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - D:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - D:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - D:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - D:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - D:\Windows\System32\ZoneLabs\vsmon.exe
--
End of file - 9798 bytes
EDIT: Ended processes avp.exe and xpupdate.exe. Fake spyware removal programs no longer in sys tray.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:21:42 AM, on 8/24/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
D:\Windows\System32\smss.exe
D:\Windows\system32\csrss.exe
D:\Windows\system32\wininit.exe
D:\Windows\system32\csrss.exe
D:\Windows\system32\services.exe
D:\Windows\system32\lsass.exe
D:\Windows\system32\lsm.exe
D:\Windows\system32\winlogon.exe
D:\Windows\system32\svchost.exe
D:\Windows\system32\svchost.exe
D:\Windows\System32\svchost.exe
D:\Windows\System32\svchost.exe
D:\Windows\System32\svchost.exe
D:\Windows\system32\svchost.exe
D:\Windows\system32\SLsvc.exe
D:\Windows\system32\svchost.exe
D:\Windows\system32\svchost.exe
D:\Windows\System32\ZoneLabs\vsmon.exe
D:\Windows\system32\Dwm.exe
D:\Windows\Explorer.EXE
D:\Windows\System32\spoolsv.exe
D:\Windows\system32\svchost.exe
D:\Windows\system32\taskeng.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Windows\System32\svchost.exe
D:\Windows\System32\svchost.exe
D:\Windows\system32\svchost.exe
D:\Program Files\Common Files\Protexis\License Service\PSIService.exe
D:\Windows\system32\svchost.exe
D:\Windows\System32\svchost.exe
D:\Windows\system32\SearchIndexer.exe
D:\Windows\system32\taskeng.exe
D:\Program Files\Windows Defender\MSASCui.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Windows\WindowsMobile\wmdSync.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Windows\System32\rundll32.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Windows\avp.exe
D:\Windows\ehome\ehtray.exe
D:\Program Files\Windows Media Player\wmpnscfg.exe
D:\Windows\system32\svchost.exe
C:\WINDOWS\xpupdate.exe
D:\Windows\ehome\ehmsas.exe
D:\Program Files\Windows Media Player\wmpnetwk.exe
D:\Program Files\Last.fm\LastFMHelper.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\Program Files\AIM6\aim6.exe
D:\Program Files\AIM6\aolsoftware.exe
D:\Windows\mgrs.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Windows\servicing\TrustedInstaller.exe
D:\Windows\SoftwareDistribution\SelfUpdate\Handler \WuSetupV.exe
D:\My Documents\HiJackThis.exe
D:\Windows\system32\SearchProtocolHost.exe
D:\Windows\system32\SearchFilterHost.exe
D:\Windows\system32\wbem\wmiprvse.exe
d:\program files\aim6\anotify.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7FB2CDEF-B963-4996-9DC5-BDD96441190A} - D:\Windows\system32\jkhhh.dll (file missing)
O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - D:\Windows\system32\qfvwwjbu.dll
O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE D:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSScheduler] "D:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SystemOptimizer] rundll32.exe "D:\Windows\system32\oxmfpnho.dll",forkonce
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "D:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [avp] D:\Windows\avp.exe
O4 - HKLM\..\Run: [CTDrive] rundll32.exe D:\Windows\system32\drvmoc.dll,startup
O4 - HKCU\..\Run: [ehTray.exe] D:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] D:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ISUSPM Startup] "D:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [ISUSPM] "D:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Windows update loader] C:\Windows\xpupdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Desktop Manager.lnk = D:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Global Startup: Last.fm Helper.lnk = D:\Program Files\Last.fm\LastFMHelper.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\Program Files\AIM\aim.exe
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: hggfghe - D:\Windows\SYSTEM32\hggfghe.dll
O20 - Winlogon Notify: winlkv32 - D:\Windows\SYSTEM32\winlkv32.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - D:\Windows\System32\DreamScene.dll
O22 - SharedTaskScheduler: Stardock Vista ControlPanel Extension - {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - D:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DesktopCont rolPanel.dll
O22 - SharedTaskScheduler: StardockDreamController - {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - D:\PROGRA~1\Stardock\OBJECT~1\DESKSC~1\DreamContro l.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ProtexisLicensing - Unknown owner - D:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - D:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - D:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - D:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - D:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - D:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - D:\Windows\System32\ZoneLabs\vsmon.exe
--
End of file - 9798 bytes