ComboFix 07-10-02.2 - elizabeth 2007-10-02 9:42:02.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.298 [GMT 1:00]
Running from: C:\Documents and Settings\elizabeth\Local Settings\Temporary Internet Files\Content.IE5\SD4P23SL\ComboFix[1].exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\MabryObj.dll
.
((((((((((((((((((((((((( Files Created from 2007-09-02 to 2007-10-02 )))))))))))))))))))))))))))))))
.
2007-10-02 09:37 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-01 16:11 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Real
2007-10-01 15:23 <DIR> d-------- C:\WINDOWS\ERUNT
2007-10-01 14:46 <DIR> d-------- C:\Program Files\a-squared Free
2007-10-01 14:09 <DIR> d-------- C:\Program Files\Avira
2007-10-01 14:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-10-01 10:52 <DIR> d-------- C:\WINDOWS\$hf_mig$
2007-09-30 20:38 <DIR> d-------- C:\Program Files\NEXON
2007-09-30 17:49 <DIR> d-------- C:\Program Files\Messenger Plus! Live
2007-09-30 17:42 <DIR> d-------- C:\Documents and Settings\elizabeth\Contacts
2007-09-30 17:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2007-09-30 17:36 <DIR> d-------- C:\Program Files\Windows Live Toolbar
2007-09-30 17:35 <DIR> d-------- C:\Program Files\MSN Messenger
2007-09-29 14:21 <DIR> d-------- C:\Poker
2007-09-27 08:42 <DIR> d-------- C:\Documents and Settings\elizabeth\Application Data\Comodo
2007-09-27 08:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Comodo
2007-09-27 08:39 <DIR> d-------- C:\Program Files\Comodo
2007-09-26 22:51 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-09-26 22:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-09-26 21:26 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2007-09-26 21:08 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-09-26 20:37 28,672 --a------ C:\WINDOWS\system32\drivers\CO_Mon.sys
2007-09-26 07:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-09-25 20:15 <DIR> d-------- C:\WINDOWS\system32\bits
2007-09-25 20:13 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-09-25 20:10 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2007-09-24 18:42 4,682 --a------ C:\WINDOWS\system32\npptNT2.sys
2007-09-24 16:51 <DIR> d-------- C:\Program Files\Windows Live
2007-09-24 16:45 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-09-24 16:45 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-09-24 16:42 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-09-24 16:32 58,776 --a------ C:\WINDOWS\system32\ijjiPlugin2.dll
2007-09-24 16:31 692,224 --a------ C:\WINDOWS\system32\ijjiSetup.exe
2007-09-24 16:31 <DIR> d-------- C:\Program Files\NHN USA
2007-09-24 16:25 3,580 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-09-24 16:18 <DIR> d-------- C:\ijji
2007-09-24 16:04 <DIR> d-------- C:\Program Files\MAIET
2007-09-24 11:58 7,680 --------- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2007-09-24 11:58 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2007-09-24 11:58 7,168 --------- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2007-09-24 11:58 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2007-09-24 11:58 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2007-09-24 11:58 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-09-24 11:58 158,720 --------- C:\WINDOWS\system32\xpob2res.dll
2007-09-21 22:05 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-09-21 19:30 <DIR> d-------- C:\Program Files\CCleaner
2007-09-21 19:00 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2007-09-21 19:00 <DIR> d-------- C:\Documents and Settings\elizabeth\Application Data\Symantec
2007-09-21 18:36 <DIR> d-------- C:\Program Files\Motive
2007-09-21 18:36 <DIR> d-------- C:\Program Files\BT Broadband Desktop Help
2007-09-21 18:35 <DIR> d-------- C:\WINDOWS\LastGood
2007-09-21 18:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-09-21 18:13 <DIR> d-------- C:\Program Files\Symantec
2007-09-21 18:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-09-21 17:30 131,072 --a------ C:\WINDOWS\system32\Epcmlib.dll
2007-09-21 17:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\UDL
2007-09-21 17:29 91,648 --a------ C:\WINDOWS\system32\E_SAGSET.DLL
2007-09-21 17:29 64,000 --a------ C:\WINDOWS\system32\ECBTEG.DLL
2007-09-21 17:29 34,304 --a------ C:\WINDOWS\system32\EBPCHP.DLL
2007-09-21 17:29 31,744 --a------ C:\WINDOWS\system32\E_DCINST.DLL
2007-09-21 17:29 182 --a------ C:\WINDOWS\system32\EBPPORT4.DAT
2007-09-21 17:25 <DIR> d-------- C:\Program Files\EPSON
2007-09-21 17:24 76,054 --a------ C:\WINDOWS\system32\EBPMON24.DLL
2007-09-21 17:19 24,960 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-09-21 17:19 24,960 --a------ C:\WINDOWS\system32\dllcache\usbprint.sys
2007-09-21 16:35 <DIR> d-------- C:\Program Files\Common Files\SWF Studio
2007-09-21 16:34 <DIR> d-------- C:\Program Files\dizzler
2007-09-21 16:15 <DIR> d-------- C:\Documents and Settings\elizabeth\Application Data\Motive
2007-09-21 16:05 <DIR> d-------- C:\Program Files\MessengerPlus! 3
2007-09-21 16:03 <DIR> d-------- C:\WINDOWS\LastGood.Tmp
2007-09-21 15:56 <DIR> d---s---- C:\Documents and Settings\elizabeth\UserData
2007-09-21 15:33 <DIR> d-------- C:\Documents and Settings\elizabeth\Application Data\Yahoo!
2007-09-21 15:29 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-09-21 15:28 89,088 --a------ C:\WINDOWS\system32\ATL71.DLL
2007-09-21 15:28 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL
2007-09-21 15:28 65,536 --a------ C:\WINDOWS\system32\YCRWin32.dll
2007-09-21 15:28 <DIR> d-------- C:\Program Files\Yahoo!
2007-09-21 15:28 <DIR> d-------- C:\Program Files\btbb_wcm
2007-09-21 15:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\yahoo!
2007-09-21 15:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Motive
2007-09-21 15:27 <DIR> d-------- C:\Program Files\BT Home Hub
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-29 19:36 --------- d-------- C:\Documents and Settings\elizabeth\Application Data\Real
2007-09-29 12:07 --------- d-------- C:\Documents and Settings\elizabeth\Application Data\MSN6
2007-09-24 16:31 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-09-21 18:36 --------- d-------- C:\Program Files\Common Files\Motive
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"@"="" []
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 17:24 C:\WINDOWS\system32\Ati2mdxx.exe]
"ATIPTA"="C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-09-12 22:10]
"SoundMan"="SOUNDMAN.EXE" [2003-08-15 00:34 C:\WINDOWS\SOUNDMAN.EXE]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 12:31]
"BBSetdun"="C:\Program Files\BT Voyager 105 ADSL Modem\Setdun.exe" []
"Booster"="C:\PROGRA~1\BTVOYA~1\oamSender.exe" [2003-11-18 11:40]
"DSLSTATEXE"="C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe" [2007-01-25 10:19]
"DSLAGENTEXE"="C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe" [2007-01-25 10:18]
"btbb_wcm_McciTrayApp"="C:\Program Files\btbb_wcm\McciTrayApp.exe" [2006-12-07 07:59]
"YBrowser"="C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe" [2006-07-21 16:19]
"EPSON Stylus C46 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.exe" [2004-01-13 19:00]
"btbb_McciTrayApp"="C:\Program Files\BT Broadband Desktop Help\bin\BTHelpNotifier.exe" [2007-08-22 13:34]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-09-21 19:24]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 12:25]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2003-11-11 18:07]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [2007-09-27 08:39]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"@"="" []
"Windows Update "="curaarv.exe" []
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-06-07 14:08]
"eyeBeam SIP Client"="" []
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runservices]
"Windows Update"=mnz.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
BT Broadband Desktop Help.lnk - C:\Program Files\BT Broadband Desktop Help\bin\matcli.exe [2007-09-21 18:36:16]
TMMonitor.lnk - C:\Program Files\ArcSoft\TotalMedia\TMMonitor.exe [2007-05-28 19:40:14]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
BT Broadband Desktop Help.lnk - C:\Program Files\BT Broadband Desktop Help\bin\matcli.exe [2007-09-21 18:36:16]
TMMonitor.lnk - C:\Program Files\ArcSoft\TotalMedia\TMMonitor.exe [2007-05-28 19:40:14]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
R0 avgntmgr;avgntmgr;C:\WINDOWS\System32\DRIVERS\avgntmgr.sys
R1 Asapi;Asapi;C:\WINDOWS\System32\drivers\Asapi.sys
R1 avgntdd;avgntdd;C:\WINDOWS\System32\DRIVERS\avgntdd.sys
R1 vcsmpdrv;vcsmpdrv;C:\WINDOWS\System32\DRIVERS\vcsmpdrv.sys
R2 VCSSecS;Virtual CD v4 Security service (SDK - Version);C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
S3 BDA_Capture_225;USB Digital-TV receiver Driver 2.0.1.8;C:\WINDOWS\System32\Drivers\BDA_Capture_225.sys
S3 BDA_Loader_225;USB Digital-TV Receiver Firmware Loader 6.5.8.0;C:\WINDOWS\System32\Drivers\BDA_Loader_225.sys
S3 wanusb;BT Voyager 105 ADSL Modem;C:\WINDOWS\System32\DRIVERS\gwausb.sys
.
Contents of the 'Scheduled Tasks' folder
"2007-10-02 08:03:01 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
"2007-09-30 10:07:21 C:\WINDOWS\Tasks\HDReg.job"
- c:\Apps\HDReg\HDRegRem.exe
"2007-05-24 15:04:29 C:\WINDOWS\Tasks\Registration reminder 1.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
"2007-05-24 15:04:29 C:\WINDOWS\Tasks\Registration reminder 2.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
"2007-05-24 15:04:29 C:\WINDOWS\Tasks\Registration reminder 3.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-10-02 09:46:14
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-02 9:49:41 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-10-02 09:49
.
--- E O F ---
Logfile of HijackThis v1.99.1
Scan saved at 09:53:25, on 02/10/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\apps\ABoard\ABoard.exe
C:\PROGRA~1\BTVOYA~1\oamSender.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\btbb_wcm\McciTrayApp.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
C:\Program Files\BT Broadband Desktop Help\bin\BTHelpNotifier.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\ArcSoft\TotalMedia\TMMonitor.exe
C:\Program Files\BT Broadband Desktop Help\bin\mpbtn.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\Program Files\Hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
file://C:\APPS\IE\offline\uk.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://uk.red.clientapps.yahoo.com/cust ... yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://uk.red.clientapps.yahoo.com/cust ... _side.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://uk.red.clientapps.yahoo.com/cust ... yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://uk.red.clientapps.yahoo.com/cust ... yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.btbroadbandstart.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;2
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\apps\Adobe\Acrobat 5.1\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: SidebarAutoLaunch Class - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [BBSetdun] C:\Program Files\BT Voyager 105 ADSL Modem\Setdun.exe
O4 - HKLM\..\Run: [Booster] C:\PROGRA~1\BTVOYA~1\oamSender.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] C:\Program Files\btbb_wcm\McciTrayApp.exe
O4 - HKLM\..\Run: [YBrowser] C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46"
O4 - HKLM\..\Run: [btbb_McciTrayApp] C:\Program Files\BT Broadband Desktop Help\bin\BTHelpNotifier.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [Windows Update ] curaarv.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunServices: [Windows Update] mnz.exe
O4 - Global Startup: BT Broadband Desktop Help.lnk = C:\Program Files\BT Broadband Desktop Help\bin\matcli.exe
O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia\TMMonitor.exe
O8 - Extra context menu item: &Windows Live Search -
res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Open in new background tab -
res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/229?c4065fbf099b4867b73d3942912c059a
O8 - Extra context menu item: Open in new foreground tab -
res://C:\Program Files\Windows Live Toolbar\Components\en-gb\msntabres.dll.mui/230?c4065fbf099b4867b73d3942912c059a
O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/english/ka ... nicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan ... asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe