Adware.DropSpam it is located in: HKEY_CLASSES_ROOT:typelib\de6317f7-6ef0-45c2-88d1-8e094-15817f1\
Is it legit or should it be fixed? I have it on my laptop as well. If it needs to be fixed can i use the same procedures? Here is the AD-Aware logfile and my Hijackthis log.
Ad-Aware SE Build 1.06r1
Logfile Created on:Friday, March 16, 2007 2:02:28 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R160 14.03.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.DropSpam(TAC index:6):1 total references
MRU List(TAC index:0):39 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
3-16-2007 2:02:28 AM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Administrator\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Administrator\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\automap\11.0\findmru
Description : list of recently used find queries used in microsoft automap-based products
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\automap\11.0\recent file list
Description : list of recently used files in microsoft automap-based products
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\clipart gallery\2.0\mrudescription
Description : most recently used description in microsoft clipart gallery
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\mediaplayer\preferences
Description : last search path used in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\office\9.0\common\open find\microsoft powerpoint\settings\insert picture\file name mru
Description : list of recent pictured inserted in microsoft powerpoint
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\office\9.0\common\open find\microsoft powerpoint\settings\save as\file name mru
Description : list of recent documents saved by microsoft powerpoint
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\office\9.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\office\9.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\office\9.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\office\9.0\powerpoint\recent typeface list
Description : list of recently used typefaces in microsoft powerpoint
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\office\9.0\publisher\recent file list
Description : list of recent files used by microsoft publisher
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\nico mak computing\winzip\filemenu
Description : winzip recently used archives
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-73586283-1957994488-1060284298-500\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 164
ThreadCreationTime : 3-14-2007 7:09:05 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 192
ThreadCreationTime : 3-14-2007 7:09:11 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 212
ThreadCreationTime : 3-14-2007 7:09:14 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINNT\system32\
ProcessID : 240
ThreadCreationTime : 3-14-2007 7:09:17 PM
BasePriority : Normal
FileVersion : 5.00.2195.7035
ProductVersion : 5.00.2195.7035
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINNT\system32\
ProcessID : 252
ThreadCreationTime : 3-14-2007 7:09:17 PM
BasePriority : Normal
FileVersion : 5.00.2195.7011
ProductVersion : 5.00.2195.7011
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Executable and Server DLL (Export Version)
InternalName : lsasrv.dll and lsass.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : lsasrv.dll and lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 428
ThreadCreationTime : 3-14-2007 7:09:24 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:7 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ProcessID : 472
ThreadCreationTime : 3-14-2007 7:09:25 PM
BasePriority : Normal
FileVersion : 5.00.2195.7059
ProductVersion : 5.00.2195.7059
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : spoolss.exe
#:8 [servic~1.exe]
FilePath : C:\PROGRA~1\CHARTE~1\backweb\3528733\Program\
ProcessID : 500
ThreadCreationTime : 3-14-2007 7:09:25 PM
BasePriority : Normal
#:9 [syncservice.exe]
FilePath : c:\program files\ge security supra\
ProcessID : 512
ThreadCreationTime : 3-14-2007 7:09:26 PM
BasePriority : Normal
#:10 [svchost.exe]
FilePath : C:\WINNT\System32\
ProcessID : 616
ThreadCreationTime : 3-14-2007 7:09:40 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:11 [fsgk32st.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\
ProcessID : 640
ThreadCreationTime : 3-14-2007 7:09:41 PM
BasePriority : Normal
FileVersion : 1.00.11280
ProductVersion : 1, 0, 11280, 0
ProductName : F-Secure Corp. Startup service
CompanyName : F-Secure Corporation
FileDescription : fsgk32st
InternalName : fsgk32
LegalCopyright : Copyright © 2004
OriginalFilename : fsgk32st.exe
Comments : Startup service for Gatekeeper Handler
#:12 [fsgk32.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\
ProcessID : 656
ThreadCreationTime : 3-14-2007 7:09:41 PM
BasePriority : Normal
FileVersion : 6.10.12200
ProductVersion : 6.10.12200
ProductName : F-Secure Corp. fsgk32
CompanyName : F-Secure Corp.
FileDescription : Gatekeeper Handler II
InternalName : fsgk32
LegalCopyright : Copyright © 2004-2006
OriginalFilename : fsgk32.exe
Comments : release
#:13 [fsbwsys.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\program\
ProcessID : 676
ThreadCreationTime : 3-14-2007 7:09:43 PM
BasePriority : Normal
FileVersion : 6.90.881
ProductVersion : 6.90
ProductName : F-Secure BackWeb
CompanyName : F-Secure Corp.
FileDescription : fsbwsys
InternalName : fsbwsys
LegalCopyright : Copyright © 2005 F-Secure Corporation
OriginalFilename : fsbwsys.exe
#:14 [proxydaemon.exe]
FilePath : C:\Program Files\GE Security Supra\
ProcessID : 688
ThreadCreationTime : 3-14-2007 7:09:44 PM
BasePriority : Normal
#:15 [fsma32.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\Common\
ProcessID : 728
ThreadCreationTime : 3-14-2007 7:09:45 PM
BasePriority : Normal
FileVersion : 6.05.8452
ProductVersion : 6.05 Build 8452
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Management Agent
InternalName : VCH
LegalCopyright : Copyright © 1998-2005 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows is a trademark of Microsoft Corporation
OriginalFilename : FSMA32.EXE
#:16 [stunnel-4.10.exe]
FilePath : C:\SSL\
ProcessID : 736
ThreadCreationTime : 3-14-2007 7:09:46 PM
BasePriority : Normal
#:17 [gearsec.exe]
FilePath : C:\WINNT\system32\
ProcessID : 768
ThreadCreationTime : 3-14-2007 7:09:48 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 3
ProductVersion : 1, 0, 0, 3
ProductName : gearsec
CompanyName : GEAR Software
FileDescription : gearsec
InternalName : gearsec
LegalCopyright : Copyright © 2001 GEAR Software
OriginalFilename : gearsec.exe
#:18 [fsmb32.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\Common\
ProcessID : 776
ThreadCreationTime : 3-14-2007 7:09:48 PM
BasePriority : Normal
FileVersion : 6.05.8452
ProductVersion : 6.05 Build 8452
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Message Broker
InternalName : FSMB
LegalCopyright : Copyright © 1998-2005 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows is a trademark of Microsoft Corporation
OriginalFilename : FSMB32.EXE
#:19 [regsvc.exe]
FilePath : C:\WINNT\system32\
ProcessID : 868
ThreadCreationTime : 3-14-2007 7:09:50 PM
BasePriority : Normal
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : REGSVC.EXE
#:20 [fch32.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\Common\
ProcessID : 884
ThreadCreationTime : 3-14-2007 7:09:50 PM
BasePriority : Normal
FileVersion : 6.05.8452
ProductVersion : 6.05 Build 8452
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Configuration Handler
InternalName : FCH
LegalCopyright : Copyright © 1998-2005 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows is a trademark of Microsoft Corporation
OriginalFilename : FCH32.EXE
#:21 [mstask.exe]
FilePath : C:\WINNT\system32\
ProcessID : 932
ThreadCreationTime : 3-14-2007 7:09:52 PM
BasePriority : Normal
FileVersion : 4.71.2195.6972
ProductVersion : 4.71.2195.6972
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright © Microsoft Corp. 1997
OriginalFilename : mstask.exe
#:22 [stisvc.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1024
ThreadCreationTime : 3-14-2007 7:09:55 PM
BasePriority : Normal
FileVersion : 5.00.2195.6656
ProductVersion : 5.00.2195.6656
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Still Image Devices Monitor
InternalName : STIMON
LegalCopyright : Copyright © Microsoft Corp. 1996-1997
OriginalFilename : STIMON.EXE
#:23 [winmgmt.exe]
FilePath : C:\WINNT\System32\WBEM\
ProcessID : 1112
ThreadCreationTime : 3-14-2007 7:09:57 PM
BasePriority : Normal
FileVersion : 1.50.1085.0100
ProductVersion : 1.50.1085.0100
ProductName : Windows Management Instrumentation
CompanyName : Microsoft Corporation
FileDescription : Windows Management Instrumentation
InternalName : WINMGMT
LegalCopyright : Copyright © Microsoft Corp. 1995-1999
#:24 [mspmspsv.exe]
FilePath : C:\WINNT\System32\
ProcessID : 1124
ThreadCreationTime : 3-14-2007 7:10:00 PM
BasePriority : Normal
FileVersion : 7.10.00.3068
ProductVersion : 7.10.00.3068
ProductName : Microsoft ® DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : MSPMSPSV.EXE
#:25 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1136
ThreadCreationTime : 3-14-2007 7:10:00 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:26 [fameh32.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\Common\
ProcessID : 1212
ThreadCreationTime : 3-14-2007 7:10:02 PM
BasePriority : Normal
FileVersion : 6.05.8452
ProductVersion : 6.05 Build 8452
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Alert and Management Extension Handler
InternalName : FAMEH
LegalCopyright : Copyright © 1998-2005 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows is a trademark of Microsoft Corporation
OriginalFilename : FAMEH32.EXE
#:27 [fsqh.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\
ProcessID : 1220
ThreadCreationTime : 3-14-2007 7:10:02 PM
BasePriority : Normal
FileVersion : 6.00.11240
ProductVersion : 6.00 Build 11240
ProductName : F-Secure Anti-Virus
CompanyName : F-Secure Corporation
FileDescription : F-Secure Quarantine Handler
InternalName : FSQH
LegalCopyright : Copyright © 1998-2005 F-Secure Corporation. All rights reserved.
LegalTrademarks : F-Secure ® is a registered trademark of F-Secure Corporation.
OriginalFilename : FSQH.EXE
#:28 [fsrw.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\
ProcessID : 1252
ThreadCreationTime : 3-14-2007 7:10:03 PM
BasePriority : Normal
FileVersion : 1.1.222
ProductName : F-Secure Anti-Virus
CompanyName : F-Secure Corporation
FileDescription : F-Secure System Control
InternalName : FSRW
LegalCopyright : Copyright © 1998-2005 F-Secure Corporation. All rights reserved.
LegalTrademarks : F-Secure ® is a registered trademark of F-Secure Corporation.
OriginalFilename : FSRW.EXE
#:29 [fspc.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\FSPC\
ProcessID : 1256
ThreadCreationTime : 3-14-2007 7:10:03 PM
BasePriority : Normal
FileVersion : 5.00.160
ProductVersion : 5.00 Build 160
ProductName : F-Secure Parental Control
CompanyName : F-Secure Corporation
FileDescription : F-Secure Parental Control
InternalName : FSPC
LegalCopyright : Copyright © 1998-2004 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows is a trademark of Microsoft Corporation
OriginalFilename : FSPC.EXE
#:30 [fshttps.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\FSPC\fshttps\
ProcessID : 1468
ThreadCreationTime : 3-14-2007 7:10:21 PM
BasePriority : Normal
FileVersion : 5.00.160
ProductVersion : 5.00 Build 160
ProductName : F-Secure Parental Control
CompanyName : F-Secure Corporation
FileDescription : F-Secure Http Server
InternalName : FSHTTPS
LegalCopyright : Copyright © 1998-2004 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows is a trademark of Microsoft Corporation
OriginalFilename : FSHTTPS.EXE
#:31 [fsdfwd.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\FWES\Program\
ProcessID : 1480
ThreadCreationTime : 3-14-2007 7:10:22 PM
BasePriority : Normal
FileVersion : 5.91.210
ProductVersion : 5.91 Build 210
ProductName : F-Secure Anti-Virus Internet Shield
CompanyName : F-Secure Corporation
FileDescription : F-Secure Anti-Virus Internet Shield daemon
InternalName : fsdfwd
LegalCopyright : Copyright © F-Secure Corporation 1997-2005
OriginalFilename : fsdfwd.exe
#:32 [fssm32.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\
ProcessID : 1700
ThreadCreationTime : 3-14-2007 7:10:38 PM
BasePriority : Normal
FileVersion : 6.10.12200
ProductVersion : 6.10.12200
ProductName : F-Secure Corp. fssm32
CompanyName : F-Secure Corp.
FileDescription : fssm32
InternalName : fssm32
LegalCopyright : Copyright © 2004-2005
OriginalFilename : fssm32.exe
Comments : release
#:33 [fsav32.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\
ProcessID : 2012
ThreadCreationTime : 3-14-2007 7:11:55 PM
BasePriority : Normal
FileVersion : 6.10.11370
ProductVersion : 6.10.11370
ProductName : F-Secure Anti-Virus
CompanyName : F-Secure Corporation
FileDescription : FSAV Handler
InternalName : FSAV32
LegalCopyright : Copyright © 1998-2005, F-Secure Corporation
OriginalFilename : FSAV32.exe
#:34 [explorer.exe]
FilePath : C:\WINNT\
ProcessID : 1992
ThreadCreationTime : 3-14-2007 7:11:59 PM
BasePriority : Normal
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : EXPLORER.EXE
#:35 [fsm32.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\Common\
ProcessID : 2072
ThreadCreationTime : 3-14-2007 7:12:43 PM
BasePriority : Normal
FileVersion : 6.05.8452
ProductVersion : 6.05 Build 8452
ProductName : F-Secure Management Agent
CompanyName : F-Secure Corporation
FileDescription : F-Secure Settings and Statistics
InternalName : FSM
LegalCopyright : Copyright © 1998-2005 F-Secure Corporation. All rights reserved.
LegalTrademarks : Windows is a trademark of Microsoft Corporation
OriginalFilename : FSM32.EXE
#:36 [iobit smartdefrag.exe]
FilePath : D:\Program Files\IObit SmartDefrag\
ProcessID : 2184
ThreadCreationTime : 3-14-2007 7:12:57 PM
BasePriority : Normal
#:37 [fsaw.exe]
FilePath : C:\PROGRA~1\CHARTE~1\ANTI-S~1\
ProcessID : 2192
ThreadCreationTime : 3-14-2007 7:13:00 PM
BasePriority : Normal
FileVersion : 1.1.197
ProductName : F-Secure Anti-Spyware
CompanyName : F-Secure Corporation
FileDescription : F-Secure Browser Control
InternalName : FSAW
LegalCopyright : Copyright © 1998-2005 F-Secure Corporation. All rights reserved.
LegalTrademarks : F-Secure ® is a registered trademark of F-Secure Corporation.
OriginalFilename : FSAW.EXE
#:38 [freeram xp pro.exe]
FilePath : D:\Program Files\YourWare Solutions\FreeRAM XP Pro\
ProcessID : 2216
ThreadCreationTime : 3-14-2007 7:13:02 PM
BasePriority : Normal
FileVersion : 1.5.1.0
ProductVersion : 1.0.0.0
ProductName : FRXPRO
CompanyName : YourWare Solutions
FileDescription : FreeRAM XP Pro (YourWare Solutions)
InternalName : FRXPRO
LegalCopyright : Copyright YourWare Solutions , 2001-2005
LegalTrademarks : YourWare Solutions, FreeRAM XP, FreeRAM XP Lite, FreeRAM XP Professional
OriginalFilename : FRXPRO
Comments : Freeware application that frees and defragments your computer's memory to increse performance. Enjoy! Visit website for periodic updates.
#:39 [googletoolbarnotifier.exe]
FilePath : C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\
ProcessID : 2240
ThreadCreationTime : 3-14-2007 7:13:09 PM
BasePriority : Normal
FileVersion : 1, 2, 1128, 5462
ProductVersion : 1, 2, 1128, 5462
ProductName : GoogleToolbarNotifier
CompanyName : Google Inc.
FileDescription : GoogleToolbarNotifier
LegalCopyright : Copyright © 2005-2006
OriginalFilename : GoogleToolbarNotifier.exe
#:40 [fspex.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Program\
ProcessID : 2320
ThreadCreationTime : 3-14-2007 7:13:22 PM
BasePriority : Normal
#:41 [logitechdesktopmessenger.exe]
FilePath : C:\Program Files\Logitech\Desktop Messenger\8876480\Program\
ProcessID : 2160
ThreadCreationTime : 3-14-2007 7:13:27 PM
BasePriority : Normal
FileVersion : 2.52.21.16
ProductVersion : 2.52.21.16
ProductName : Logitech Desktop Messenger
CompanyName : Logitech Inc.
FileDescription : Logitech Desktop Messenger
InternalName : Logitech BackWeb Runner
LegalCopyright : Copyright © Logitech 2000-2007. All rights reserved
OriginalFilename : runner.exe
Comments : About:
www.logitech.com/ldm
Privacy Policy:
www.logitech.com/privacy
#:42 [sd monitor.exe]
FilePath : C:\Program Files\SanDisk\SanDisk TransferMate\
ProcessID : 2336
ThreadCreationTime : 3-14-2007 7:13:55 PM
BasePriority : Normal
FileVersion : 1.0.1.51
ProductVersion : 1.0.1.51
ProductName : SD Monitor
CompanyName : SanDisk
FileDescription : SD Monitor
InternalName : SD Monitor
LegalCopyright : Copyright ArcSoft 2005
OriginalFilename : SD Monitor.exe
#:43 [googlewebaccwarden.exe]
FilePath : C:\Program Files\Google\Web Accelerator\
ProcessID : 2356
ThreadCreationTime : 3-14-2007 7:14:11 PM
BasePriority : Normal
#:44 [fsguidll.exe]
FilePath : C:\Program Files\Charter High-Speed Security Suite\FSGUI\
ProcessID : 2404
ThreadCreationTime : 3-14-2007 7:14:38 PM
BasePriority : Normal
FileVersion : 6, 20, 350, 0
ProductVersion : 6, 12, 10, 0
ProductName : F-Secure Internet Security 2006 version 6.12
CompanyName : F-Secure Corporation
FileDescription : F-Secure GUI component
InternalName : fsguiexe
LegalCopyright : Copyright © 2003-2006 F-Secure Corporation
OriginalFilename : fsguiexe.exe
#:45 [googlewebaccclient.exe]
FilePath : C:\Program Files\Google\Web Accelerator\
ProcessID : 2588
ThreadCreationTime : 3-14-2007 7:15:46 PM
BasePriority : Normal
#:46 [fsav.exe]
FilePath : C:\PROGRA~1\CHARTE~1\ANTI-V~1\
ProcessID : 299496
ThreadCreationTime : 3-16-2007 9:11:37 AM
BasePriority : Normal
FileVersion : 1.08.5240
ProductVersion : 1.08.5240
ProductName : F-Secure Anti-Virus
CompanyName : F-Secure Corporation
FileDescription : FSAV Command-Line Scanner
InternalName : FSAV
LegalCopyright : Copyright © 1998-2004, F-Secure Corporation
OriginalFilename : fsav.exe
#:47 [ad-aware.exe]
FilePath : D:\Program Files\Ad-Aware SE Personal\
ProcessID : 297228
ThreadCreationTime : 3-16-2007 10:00:24 AM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 39
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.DropSpam Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{de6317f7-6ef0-45c2-88d1-8e09415817f1}
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 40
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 40
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 40
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 40
Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 40
Scanning Hosts file......
Hosts file location:"C:\WINNT\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 40
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 40
2:50:24 AM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:47:55.555
Objects scanned:138651
Objects identified:1
Objects ignored:0
New critical objects:1
---------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 10:59:00 AM, on 3/16/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\PROGRA~1\CHARTE~1\backweb\3528733\Program\SERVIC~1.EXE
c:\program files\ge security supra\syncservice.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\FSGK32.EXE
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\program\fsbwsys.exe
C:\Program Files\GE Security Supra\ProxyDaemon.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
C:\SSL\stunnel-4.10.exe
C:\WINNT\system32\gearsec.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FSMB32.EXE
C:\WINNT\system32\regsvc.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FCH32.EXE
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Charter High-Speed Security Suite\Common\FAMEH32.EXE
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsqh.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsrw.exe
C:\Program Files\Charter High-Speed Security Suite\FSPC\fspc.exe
C:\Program Files\Charter High-Speed Security Suite\FSPC\fshttps\fshttps.exe
C:\Program Files\Charter High-Speed Security Suite\FWES\Program\fsdfwd.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fssm32.exe
C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsav32.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE
D:\Program Files\IObit SmartDefrag\IObit SmartDefrag.exe
C:\PROGRA~1\CHARTE~1\ANTI-S~1\fsaw.exe
D:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Program\fspex.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Charter High-Speed Security Suite\FSGUI\fsguidll.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
D:\Program Files\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\Hijack This\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Charter High-Speed Security Suite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Charter High-Speed Security Suite\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [SmartDefrag] "D:\Program Files\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKCU\..\Run: [FreeRAM XP] "D:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Charter High-Speed Security Suite.lnk = C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\Program\fspex.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Block this popup - C:\Program Files\Charter High-Speed Security Suite\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Web Filter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Web Filter - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Suspend Webpage Filter - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Deny this website - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Allow this website - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program Files\Charter High-Speed Security Suite\FSPC\fspcmsie.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Charter High-Speed Security Suite\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Charter High-Speed Security Suite\Anti-Spyware\ieshield.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com...p/PCPitStop.CAB
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zone...ee/cm/ICSCM.cab
O16 - DPF: {4169B5A0-9048-11D6-BDFF-00C0F024AF20} (ActiveXTester.TesterControl) - http://www.jasons-to...tiveXTester.ocx
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1131764818812
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalci....1.11_en_dl.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abac...es/abasetup.cab
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.h.../qdiagh.cab?316
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Charter High-Speed Security Suite (BackWeb Client - 3528733) - BackWeb Technologies Inc. - C:\PROGRA~1\CHARTE~1\backweb\3528733\Program\SERVIC~1.EXE
O23 - Service: DkeySync - GE Security Supra - c:\program files\ge security supra\syncservice.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe
O23 - Service: FSBWSYS (fsbwsys) - F-Secure Corp. - C:\Program Files\Charter High-Speed Security Suite\backweb\3528733\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\FSPC\fshttps\fshttps.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\system32\gearsec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe