السلام عليكم
هذا تقريرcombo fix
ملحوظة الحهاز لم يعمل اعادة تشغيل ورسالة واحدة اللى ظهرت وضغت yes
ComboFix 08-12-02.02 - adel 12/03/2008 16:47:37.1 -
FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1256.1.1033.18.1040 [GMT 2:00]
Running from: c:\documents and settings\adel\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\IE4 Error Log.txt
c:\windows\system32\avrt.dll
c:\windows\system32\d3d10core.dll
c:\windows\system32\D3DX10d_39.dll
.
((((((((((((((((((((((((( Files Created from 2008-11-03 to 2008-12-03 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-01 20:48 --------- d-----w c:\program files\XP TCPIP Repair
2008-11-29 20:05 --------- d-----w c:\documents and settings\adel\Application Data\Nokia Multimedia Player
2008-11-29 15:13 --------- d-----w c:\program files\Yahoo!
2008-11-29 11:20 --------- d-----w c:\program files\Valusoft
2008-11-29 11:10 --------- d-----w c:\program files\Trymedia
2008-11-29 09:38 --------- d-----w c:\program files\PopCap Games
2008-11-27 19:12 --------- d-----w c:\documents and settings\adel\Application Data\CyberScrub
2008-11-27 19:12 --------- d-----w c:\documents and settings\adel\Application Data\cleaner
2008-11-25 16:33 --------- d-----w c:\program files\Cosmic Stacker
2008-11-22 17:17 --------- d-----w c:\program files\Real
2008-11-22 17:17 --------- d-----w c:\program files\Common Files\xing shared
2008-11-22 11:53 --------- d-----w c:\program files\Common Files\PCSuite
2008-11-22 11:53 --------- d-----w c:\program files\Common Files\Nokia
2008-11-22 11:53 --------- d-----w c:\documents and settings\All Users\Application Data\PC Suite
2008-11-22 11:53 --------- d-----w c:\documents and settings\adel\Application Data\Nokia
2008-11-22 11:52 --------- d-----w c:\program files\PC Connectivity Solution
2008-11-22 11:52 --------- d-----w c:\program files\Nokia
2008-11-22 11:52 --------- d-----w c:\program files\DIFX
2008-11-22 11:52 --------- d-----w c:\documents and settings\adel\Application Data\PC Suite
2008-11-22 10:31 --------- d-----w c:\program files\microsoft frontpage
2008-11-20 22:06 --------- d-----w c:\program files\Google
2008-11-20 19:31 --------- d-----w c:\program files\Windows Doctor
2008-11-20 18:40 --------- d-----w c:\program files\TeamViewer3
2008-11-20 18:40 --------- d-----w c:\documents and settings\adel\Application Data\TeamViewer
2008-11-20 18:32 --------- d-----w c:\program files\Internet Download Manager
2008-11-20 18:32 --------- d-----w c:\documents and settings\adel\Application Data\IDM
2008-11-20 18:32 --------- d-----w c:\documents and settings\adel\Application Data\DMCache
2008-11-20 15:40 --------- d-----w c:\program files\Common Files\DirectX
2008-11-20 15:29 2,885 ----a-w c:\program files\Common Files\unins000.dat
2008-11-20 15:28 728,858 ----a-w c:\program files\Common Files\unins000.exe
2008-11-20 14:53 --------- d-----w c:\program files\EA GAMES
2008-11-20 13:23 --------- d-----w c:\program files\Ela-Salaty
2008-11-20 09:26 --------- d-----w c:\program files\Turbo BaramgyFox English Edition
2008-11-20 09:26 --------- d-----w c:\program files\myproxy
2008-11-19 23:03 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo!
2008-11-19 22:48 --------- d-----w c:\program files\Trend Micro
2008-11-19 22:48 --------- d-----w c:\documents and settings\All Users\Application Data\Trend Micro
2008-11-19 22:34 --------- d-----w c:\documents and settings\adel\Application Data\Media Player Classic
2008-11-19 22:33 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-19 22:33 --------- d-----w c:\program files\Realtek
2008-11-19 22:33 --------- d-----w c:\program files\Common Files\InstallShield
2008-11-19 22:32 4,716 ----a-w c:\windows\gdrv.sys
2008-11-19 22:30 --------- d-----w c:\program files\Intel
2008-11-19 22:29 --------- d-----w c:\program files\Winamp
2008-11-19 22:29 --------- d-----w c:\program files\Ringz Studio
2008-11-19 22:29 --------- d-----w c:\program files\Common Files\Real
2008-11-19 22:29 --------- d-----w c:\documents and settings\adel\Application Data\Winamp
2008-11-19 22:28 --------- d-----w c:\program files\Nero
2008-11-19 22:28 --------- d-----w c:\program files\Common Files\Ahead
2008-11-19 22:27 --------- d-----w c:\program files\Common Files\Adobe
2008-11-19 22:23 76,160 ----a-w c:\windows\system32\drivers\lnsfw1.sys
2008-11-19 22:23 46,208 ----a-w c:\windows\system32\drivers\lnsfw.sys
2008-11-19 22:23 36,924 ----a-w c:\windows\system32\fwapi.dll
2008-11-19 22:23 --------- d-----w c:\program files\Soft4Ever
2008-11-19 22:23 --------- d-----w c:\program files\Maxthon
2008-11-19 22:23 --------- d-----w c:\program files\Foxit Pdf Tools
2008-11-19 22:22 --------- d-----w c:\program files\Microsoft.NET
2008-11-19 22:22 --------- d-----w c:\program files\Microsoft ActiveSync
2008-11-19 22:21 --------- d-----w c:\program files\HighMAT CD Writing Wizard
2008-11-19 22:14 --------- d-----w c:\program files\Java
2008-11-19 22:14 --------- d-----w c:\program files\Common Files\Java
2008-11-19 22:13 --------- d-----w c:\program files\K-Lite Codec Pack
2008-11-19 22:13 --------- d-----w c:\program files\7-Zip
2008-11-19 22:13 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 11:21 455,296 ------w c:\windows\system32\DllCache\mrxsmb.sys
2008-10-17 05:09 602,112 ----a-w c:\windows\system32\nvapi.dll
2008-10-16 12:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 12:13 202,776 ----a-w c:\windows\system32\DllCache\wuweb.dll
2008-10-16 12:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 12:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 12:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 12:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 12:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 12:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 12:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 12:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 12:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-15 16:34 337,408 ------w c:\windows\system32\DllCache\netapi32.dll
2008-09-18 13:47 940,304 ----a-w c:\windows\system32\msjava.dll
2008-09-18 13:47 73,728 ----a-w c:\windows\system32\CompressATI2.dll
2008-09-18 13:47 430,088 ----a-w c:\windows\system32\D3D10SDKLayers.DLL
2008-09-18 13:47 1,171,456 ----a-w c:\windows\system32\msvcr80d.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-15 12:12 1,846,400 ------w c:\windows\system32\DllCache\win32k.sys
2008-09-12 10:44 206,256 ----a-w c:\windows\system32\idmmbc.dll
2008-09-10 01:14 1,307,648 ----a-w c:\windows\system32\msxml6.dll
2008-09-10 01:14 1,307,648 ------w c:\windows\system32\DllCache\msxml6.dll
2008-09-08 10:41 333,824 ------w c:\windows\system32\DllCache\srv.sys
2008-09-05 21:30 241,704 ------w c:\windows\system32\DllCache\wgaLogon.dll
2008-09-05 21:29 917,032 ------w c:\windows\system32\DllCache\WgaTray.exe
2008-09-04 17:15 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-09-04 17:15 1,106,944 ------w c:\windows\system32\DllCache\msxml3.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OE"="c:\program files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe" [08/18/2006 01:06 PM 315392]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [10/28/2008 01:39 PM 2606512]
"TransBar"="h:\برامج\Vortex Tools\Classes\vortex\vista\TransBar\TransBar.exe" [10/17/2007 10:28 PM 65536]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [04/14/2008 02:12 AM 1695232]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [05/02/2006 03:51 PM 3334144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"pccguide.exe"="c:\program files\Trend Micro\Internet Security 2007\pccguide.exe" [08/25/2006 01:25 PM 3112960]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [01/23/2007 11:19 AM 223232]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [11/22/2008 07:17 PM 185872]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [04/14/2008 02:12 AM 15360]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [11/09/2006 05:15 PM 1634304]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlsf"="move" [X]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [10/10/2006 02:00 PM 44544]
c:\documents and settings\adel\Start Menu\Programs\Startup\
Ela-Salaty.lnk - c:\program files\Ela-Salaty\Salaty.exe [2007-03-05 5090816]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.3iv2"= c:\progra~1\K-LITE~1\codecs\3IVXVF~1.DLL
"VIDC.VP70"= c:\progra~1\K-LITE~1\codecs\vp7vfw.dll
"VIDC.VP31"= vp31vfw.dll
"msacm.ac3acm"= c:\progra~1\K-LITE~1\codecs\ac3acm.acm
"msacm.l3fhg"= c:\progra~1\K-LITE~1\codecs\l3codecp.acm
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 12/16/2005 12:57 PM 94208 c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 04/14/2008 02:12 AM 15360 c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
--a------ 11/28/2005 07:52 AM 77824 c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
--a------ 11/28/2005 07:55 AM 118784 c:\windows\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
--a------ 11/28/2005 07:55 AM 98304 c:\windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Look 'n' Stop]
--a------ 11/20/2008 12:23 AM 368710 c:\program files\Soft4Ever\looknstop\looknstop.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
--a------ 05/02/2006 03:51 PM 3334144 c:\program files\Yahoo!\Messenger\YahooMessenger.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 07/09/2001 10:50 AM 155648 c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StormCodec_Helper]
--a------ 02/07/2005 04:04 AM 94037 c:\program files\Ringz Studio\Storm Codec\StormSet.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 12/20/2007 05:16 PM 37376 c:\program files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 05/03/2005 12:43 PM 69632 c:\windows\Alcmtr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 07/21/2006 10:56 AM 16261632 c:\windows\RTHDCPL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
--a------ 05/16/2006 12:04 PM 2879488 c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\MYPROXY\\MyProxy.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Valusoft\\18 Wheels of Steel - Across America\\prism3d.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\TeamViewer3\\TeamViewer.exe"=
R1 lnsfw1;lnsfw1;c:\windows\system32\drivers\lnsfw1.sys [2008-11-20 76160]
R2 Tmpreflt;Tmpreflt;c:\windows\system32\drivers\Tmpreflt.sys [2006-08-16 36368]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\DRIVERS\TM_CFW.sys [2006-08-24 281600]
S2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\TRENDM~1\INTERN~1\Tmntsrv.exe [2006-08-25 503808]
S2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\TRENDM~1\INTERN~1\TmPfw.exe [2006-08-25 933949]
S2 tmproxy;Trend Micro Proxy Service;c:\progra~1\TRENDM~1\INTERN~1\tmproxy.exe [2006-08-25 561220]
*Newly Created Service* - PROCEXP90
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2008-12-03 16:48:53
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 12/03/2008 16:49:19
ComboFix-quarantined-files.txt 2008-12-03 14:49:18
Pre-Run: 1,772,937,216 bytes free
Post-Run: 1,803,657,216 bytes free
210 --- E O F --- 2008-11-24 10:39:13
ودة تقرير الهاى جاك
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 04:54:30 م, on 03/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Ela-Salaty\Salaty.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
H:\منوع\اداة الهاى جاك\Zyzoom_HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll (file missing)
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [OE] "C:\Program Files\Trend Micro\Internet Security 2007\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [TransBar] H:\برامج\Vortex Tools\Classes\vortex\vista\TransBar\TransBar.exe /s
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O4 - Startup: Ela-Salaty.lnk = C:\Program Files\Ela-Salaty\Salaty.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
--
End of file - 6609 bytes
