clamenza
2009-11-20, 04:44
Here's the HJT log. I don't know if this came from HotSpot Shield, which is a banner ad program.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:24 PM, on 11/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\avgrsx.exe
C:\WINDOWS\system32\CSHelper.exe
C:\Program Files\HotspotShield\bin\openvpnas.exe
C:\Program Files\HotspotShield\HssWPR\hsssrv.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Mozy\mozybackup.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\JRE\bin\jusched.exe
C:\Program Files\Microsoft\ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\PROGRA~1\MICROS~2\ACTIVE~1\rapimgr.exe
C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
C:\Program Files\Mozy\mozystat.exe
C:\Program Files\RSIGuard\RSIGuard.exe
C:\Program Files\ZoneAlarm\zlclient.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\KeyText\KeyText.exe
C:\Program Files\NoteTab\NoteTab.exe
C:\Program Files\Mozilla\Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HotspotShield\bin\openvpntray.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\HotspotShield\bin\openvpn.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/reqs.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\OrbitDL\orbitcth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\JRE\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\HotspotShield\hssie\HssIE.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [RTHDCPL] "C:\WINDOWS\RTHDCPL.EXE"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [UserFaultCheck] "%systemroot%\system32\dumprep" 0 -u
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\JRE\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft\ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x0992 -f video -m logitech -d 11.5.0.1145 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x0992 -f video -m logitech -d 11.5.0.1145 (User 'Default user')
O4 - Startup: Explorer.lnk = C:\WINDOWS\explorer.exe
O4 - Startup: KeyText.lnk = C:\Program Files\KeyText\KeyText.exe
O4 - Startup: NotePro.lnk = C:\Program Files\NoteTab\NoteTab.exe
O4 - Global Startup: Belkin.lnk = C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
O4 - Global Startup: HotSpot.lnk = C:\Program Files\HotspotShield\bin\openvpntray.exe
O4 - Global Startup: Mozy.lnk = C:\Program Files\Mozy\mozystat.exe
O4 - Global Startup: RSIGuard.lnk = ?
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\ZoneAlarm\zlclient.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\OrbitDL\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\OrbitDL\orbitmxt.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\OrbitDL\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\OrbitDL\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\ACTIVE~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\ACTIVE~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\ACTIVE~1\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1214611352327
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\avgwdsvc.exe
O23 - Service: CopySafe Helper Service (CSHelper) - Unknown owner - C:\WINDOWS\system32\CSHelper.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\HotspotShield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\HotspotShield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\HotspotShield\bin\HssTrayService.EXE
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MozyHome Backup Service (mozybackup) - Mozy, Inc. - C:\Program Files\Mozy\mozybackup.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 9287 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:24 PM, on 11/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\avgrsx.exe
C:\WINDOWS\system32\CSHelper.exe
C:\Program Files\HotspotShield\bin\openvpnas.exe
C:\Program Files\HotspotShield\HssWPR\hsssrv.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Mozy\mozybackup.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\JRE\bin\jusched.exe
C:\Program Files\Microsoft\ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\PROGRA~1\MICROS~2\ACTIVE~1\rapimgr.exe
C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
C:\Program Files\Mozy\mozystat.exe
C:\Program Files\RSIGuard\RSIGuard.exe
C:\Program Files\ZoneAlarm\zlclient.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\KeyText\KeyText.exe
C:\Program Files\NoteTab\NoteTab.exe
C:\Program Files\Mozilla\Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HotspotShield\bin\openvpntray.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\HotspotShield\bin\openvpn.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/reqs.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\OrbitDL\orbitcth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\JRE\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\HotspotShield\hssie\HssIE.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [RTHDCPL] "C:\WINDOWS\RTHDCPL.EXE"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [UserFaultCheck] "%systemroot%\system32\dumprep" 0 -u
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\JRE\bin\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft\ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x0992 -f video -m logitech -d 11.5.0.1145 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x0992 -f video -m logitech -d 11.5.0.1145 (User 'Default user')
O4 - Startup: Explorer.lnk = C:\WINDOWS\explorer.exe
O4 - Startup: KeyText.lnk = C:\Program Files\KeyText\KeyText.exe
O4 - Startup: NotePro.lnk = C:\Program Files\NoteTab\NoteTab.exe
O4 - Global Startup: Belkin.lnk = C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
O4 - Global Startup: HotSpot.lnk = C:\Program Files\HotspotShield\bin\openvpntray.exe
O4 - Global Startup: Mozy.lnk = C:\Program Files\Mozy\mozystat.exe
O4 - Global Startup: RSIGuard.lnk = ?
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\ZoneAlarm\zlclient.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\OrbitDL\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\OrbitDL\orbitmxt.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\OrbitDL\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\OrbitDL\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\ACTIVE~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\ACTIVE~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\ACTIVE~1\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1214611352327
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/downloadcontrol.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\avgwdsvc.exe
O23 - Service: CopySafe Helper Service (CSHelper) - Unknown owner - C:\WINDOWS\system32\CSHelper.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\HotspotShield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\HotspotShield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\HotspotShield\bin\HssTrayService.EXE
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MozyHome Backup Service (mozybackup) - Mozy, Inc. - C:\Program Files\Mozy\mozybackup.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 9287 bytes