ComboFix 08-09-11.02 - tes 2008-09-12 19:19:09.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.155 [GMT 1:00]
Running from: C:\Documents and Settings\tes\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\tes\Desktop\WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\cookies.ini
C:\WINDOWS\eqrn.exe
C:\WINDOWS\system32\faknejfr.dll
C:\WINDOWS\system32\KUvwyccf.ini
C:\WINDOWS\system32\KUvwyccf.ini2
C:\WINDOWS\system32\lyejkhmc.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\rfjenkaf.ini
.
((((((((((((((((((((((((( Files Created from 2008-08-12 to 2008-09-12 )))))))))))))))))))))))))))))))
.
2008-09-11 13:42 . 2008-09-11 13:42 <DIR> d-------- C:\WINDOWS\ERUNT
2008-09-11 13:35 . 2008-09-11 13:35 <DIR> d-------- C:\Documents and Settings\Administrator
2008-09-11 13:16 . 2008-09-12 13:33 <DIR> d-------- C:\SDFix
2008-09-09 13:08 . 2008-09-09 13:08 136,832 --a------ C:\WINDOWS\system32\cjwovidr.dll
2008-09-03 14:02 . 2008-09-03 14:10 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-08-24 20:04 . 2008-08-24 20:04 <DIR> d-------- C:\Documents and Settings\tes\Phone Browser
2008-08-22 17:42 . 2008-08-22 17:42 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-08-22 17:42 . 2008-08-22 17:42 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-08-22 17:34 . 2008-08-22 17:34 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-08-22 17:33 . 2008-08-22 17:34 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-08-22 17:33 . 2008-08-22 17:34 <DIR> d-------- C:\Program Files\DIFX
2008-08-22 17:33 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-08-22 17:32 . 2008-05-02 10:58 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-08-19 14:41 . 2008-08-19 15:14 <DIR> d-------- C:\WINDOWS\system32\CatRoot_bak
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-30 08:44 97,928 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys
2008-08-22 16:44 --------- d-----w C:\Documents and Settings\tes\Application Data\Nokia
2008-08-22 16:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-08-22 16:34 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-08-22 16:33 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-08-22 16:32 --------- d-----w C:\Program Files\Nokia
2008-08-03 12:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Driving Test Success
2008-07-21 18:17 --------- d-----w C:\Program Files\Reference Assemblies
2008-07-21 18:17 --------- d-----w C:\Program Files\MSBuild
2008-07-21 18:10 --------- d-----w C:\Program Files\MSXML 6.0
2008-07-20 14:18 --------- d-----w C:\Program Files\3DFiBs
2008-07-18 21:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 21:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 21:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 21:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 21:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 21:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 21:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 21:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 21:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 21:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-16 10:14 --------- d-----w C:\Documents and Settings\tes\Application Data\Malwarebytes
2008-07-16 10:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-16 09:59 --------- d-----w C:\Program Files\Java
2008-07-15 18:16 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-07-13 15:03 76,040 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys
2008-07-13 15:03 10,520 ----a-w C:\WINDOWS\system32\avgrsstx.dll
2008-07-13 15:03 --------- d-----w C:\Program Files\AVG
2008-07-13 15:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avg8
2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:57 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2001-11-23 04:08 712,704 ----a-r C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-12-22 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960]
"SetDefPrt"="C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe" [2004-11-11 49152]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2004-11-11 864256]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-11-10 185632]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-30 1235736]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328]
"VTTimer"="VTTimer.exe" [2005-03-07 C:\WINDOWS\system32\VTTimer.exe]
"VTTrayp"="VTtrayp.exe" [2005-03-11 C:\WINDOWS\system32\VTTrayp.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 15360]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2006-12-15 962660]
Exif Launcher.lnk - C:\Program Files\FinePixViewer\QuickDCF.exe [2006-12-15 200704]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 282624]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-18 65588]
Microsoft Works Calendar Reminders.lnk - C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [1999-09-04 53317]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll znzosa.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
.
- - - - ORPHANS REMOVED - - - -
BHO-{4CC41A6A-5C31-43D1-BB9D-7EF04A6AE600} - C:\WINDOWS\system32\fccywvUK.dll
BHO-{eebf78d8-815b-4620-bd90-e4b82b090d14} - C:\WINDOWS\system32\znzosa.dll
HKLM-Run-3ccd30c0 - C:\WINDOWS\system32\faknejfr.dll
HKLM-Run-Cmaudio - cmicnfg.cpl
HKLM-Run-adiras - adiras.exe
ShellExecuteHooks-{ADEFCC73-BD41-44F8-8A2F-5DFB45EBD59B} - C:\WINDOWS\system32\fccaWPfc.dll
Notify-fccaWPfc - fccaWPfc.dll
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page =
hxxp://www.tiscali.co.uk/R1 -: HKCU-SearchURL,(Default) =
hxxp://www.google.com/search?q=%s
O8 -: &Google Search - C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 -: &Translate English Word - C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 -: Backward Links - C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 -: Cached Snapshot of Page - C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 -: Similar Pages - C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 -: Translate Page into English - C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-09-12 19:25:06
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
.
**************************************************************************
.
Completion time: 2008-09-12 19:28:55 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-12 18:28:42
Pre-Run: 152,765,173,760 bytes free
Post-Run: 152,735,100,928 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
184 --- E O F --- 2008-09-11 13:26:33
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:32, on 12/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.tiscali.co.uk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1454471165-1500820517-725345543-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O8 - Extra context menu item: &Google Search -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English -
res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C9727E1-A5B9-45CB-8B87-1106464E0014}: NameServer = 212.139.132.25 212.139.132.24
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll znzosa.dll
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 7208 bytes