Problem not yet Solve! Pop still happened!
ComboFix 08-05-08.1 - Owner 2008-05-09 16:33:55.1 - NTFSx86
Running from: C:\Documents and Settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
[color=red]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/color]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\temp\tn3
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\ewwyotjx.ini
C:\WINDOWS\system32\geBspmkK.dll
C:\WINDOWS\system32\jmopAJlm.ini
C:\WINDOWS\system32\jmopAJlm.ini2
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mlJApomj.dll
C:\WINDOWS\system32\xavihmya.ini
C:\WINDOWS\system32\xjtoywwe.dll
C:\WINDOWS\system32\drivers\core.cache.dsk . . . . failed to delete
.
((((((((((((((((((((((((( Files Created from 2008-04-09 to 2008-05-09 )))))))))))))))))))))))))))))))
.
2008-05-09 16:41 . 2008-05-09 16:41 <DIR> d-------- C:\Temp\tn3
2008-05-09 16:25 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-05-09 16:23 . 2008-05-09 16:23 <DIR> d-------- C:\Program Files\Common Files\Java
2008-05-09 15:40 . 2008-05-09 15:44 <DIR> d-------- C:\Documents and Settings\Owner\.SunDownloadManager
2008-05-09 09:57 . 2008-05-09 09:57 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-09 02:24 . 2008-05-09 09:47 702 --a------ C:\WINDOWS\win.tmp
2008-05-09 02:24 . 2008-05-06 20:48 231 --a------ C:\WINDOWS\system.tmp
2008-05-08 22:04 . 2008-05-08 22:05 <DIR> d-------- C:\Program Files\Mozilla Firefox 3 Beta 5
2008-05-08 19:06 . 2008-05-08 19:06 2,112 --a------ C:\WINDOWS\system32\nkhbjghl.exe
2008-05-08 07:23 . 2008-05-09 16:40 0 --a------ C:\WINDOWS\system32\Sweeper.cfg
2008-05-07 20:08 . 2008-05-07 20:08 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\PC Tools
2008-05-07 20:08 . 2005-12-13 15:18 50,048 --a------ C:\WINDOWS\system32\drivers\ikhlayer.sys
2008-05-07 19:03 . 2008-05-07 19:03 2,112 --a------ C:\WINDOWS\system32\grntwyfr.exe
2008-05-07 07:09 . 2008-05-07 07:09 <DIR> dr-h----- C:\$VAULT$.AVG
2008-05-07 06:55 . 2008-05-09 11:21 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\AVG7
2008-05-07 06:54 . 2008-05-07 06:54 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-05-06 16:39 . 2008-03-01 06:06 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-05-06 16:39 . 2007-04-17 02:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-05-06 16:39 . 2007-03-07 22:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-05-06 16:39 . 2008-03-01 06:06 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-05-06 16:39 . 2008-03-01 06:06 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-05-06 16:39 . 2008-03-01 06:06 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-05-06 16:39 . 2008-03-01 06:06 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-05-06 16:39 . 2008-03-01 06:06 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-05-06 16:39 . 2008-02-22 03:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-05-06 11:32 . 2008-05-06 11:32 50 --ahs---- C:\WINDOWS\klif.spi
2008-05-06 10:30 . 2008-05-09 10:11 <DIR> d-------- C:\Program Files\XoftSpySE
2008-05-05 22:46 . 2008-05-05 22:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-05-05 19:19 . 2008-05-06 13:55 <DIR> d-------- C:\Program Files\Common Files\Scanner
2008-05-05 13:48 . 2008-05-09 09:49 16 --a------ C:\WINDOWS\popcinfo.dat
2008-05-05 12:58 . 2008-05-05 13:28 <DIR> d-------- C:\Program Files\Bejeweled 2
2008-05-05 12:32 . 2008-05-05 12:33 <DIR> d-------- C:\Program Files\SpongeBob Collapse
2008-04-17 18:33 . 2008-04-17 18:33 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\GRETECH
2008-04-17 18:32 . 2008-04-17 18:32 <DIR> d-------- C:\Program Files\GRETECH
2008-04-17 13:03 . 2008-05-09 14:00 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-17 13:03 . 2008-04-17 13:03 1,409 --a------ C:\WINDOWS\QTFont.for
2008-04-16 12:38 . 2008-04-16 12:38 <DIR> d-------- C:\WINDOWS\aod
2008-04-16 12:37 . 2008-04-16 12:47 <DIR> d-------- C:\Program Files\Common Files\Real
2008-04-15 17:37 . 2008-04-15 18:00 <DIR> d-------- C:\Documents and Settings\Owner\Application Data\FreeCall
2008-04-14 21:08 . 2008-04-14 21:08 <DIR> d-------- C:\Program Files\AVI MPEG RM WMV Splitter
2008-04-11 19:01 . 2008-04-11 19:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\CanonIJPLM
2008-04-11 18:42 . 2006-11-05 22:00 198,656 --a------ C:\WINDOWS\system32\CNMLM8O.DLL
2008-04-11 12:12 . 2008-04-11 12:12 253,952 --------- C:\WINDOWS\Setup1.exe
2008-04-11 12:12 . 2008-04-11 12:12 74,240 --a------ C:\WINDOWS\ST6UNST.EXE
2008-04-09 19:59 . 2008-05-05 11:06 165 --a------ C:\WINDOWS\wininit.ini
2008-04-09 01:14 . 2008-04-09 01:06 691,545 --a------ C:\WINDOWS\unins000.exe
2008-04-09 01:14 . 2008-04-09 01:14 2,545 --a------ C:\WINDOWS\unins000.dat
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-09 23:40 932 ------w C:\WINDOWS\system32\drivers\core.cache.dsk
2008-05-09 23:25 --------- d-----w C:\Program Files\Java
2008-05-09 17:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-09 17:06 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-08 03:11 --------- d-----w C:\Program Files\Spyware Doctor
2008-05-07 17:13 --------- d-----w C:\Documents and Settings\Owner\Application Data\uTorrent
2008-05-07 14:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avg7
2008-05-07 13:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
2008-05-06 20:55 --------- d-----w C:\Program Files\Yahoo!
2008-05-06 19:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-05-06 05:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-05-06 04:30 --------- d-----w C:\Program Files\Folder Lock
2008-05-01 16:13 --------- d-----w C:\Documents and Settings\Owner\Application Data\Skype
2008-04-20 10:57 --------- d-----w C:\Documents and Settings\Owner\Application Data\Chessmaster Challenge
2008-04-16 19:38 723 ----a-w C:\Program Files\INSTALL.LOG
2008-04-12 02:01 --------- d-----w C:\Program Files\Canon
2008-04-08 03:12 --------- d-----w C:\Program Files\Common Files\CyberSieve
2008-04-08 03:11 --------- d-----w C:\Program Files\SoftForYou
2008-04-08 01:20 --------- d-----w C:\Program Files\uTorrent
2008-04-06 16:09 --------- d-----w C:\Documents and Settings\Owner\Application Data\VoipBuster
2008-04-06 15:04 --------- d-----w C:\Program Files\WinBoard
2008-04-06 03:17 --------- d-----w C:\Program Files\ReflexiveArcade
2008-04-05 03:28 --------- d-----w C:\Program Files\BitComet
2008-04-05 03:26 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-04-05 03:26 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-05 03:26 --------- d-----w C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2008-03-25 02:51 --------- d-----w C:\Program Files\Common Files\Borland
2008-03-15 23:28 --------- d-----w C:\Program Files\Yahoo Funny 2.1
2008-03-15 21:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-02-29 20:10 8 ----a-w C:\Documents and Settings\All Users\Application Data\SDGLYBMPWPP.SYS
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-05-07 06:53 219136]
"Spyware Doctor"="C:\Program Files\Spyware Doctor\swdoctor.exe" [2006-02-06 14:40 1992928]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ljJAQKbX]
ljJAQKbX.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\6c6b3d01]
C:\WINDOWS\system32\xjtoywwe.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
--a------ 2008-05-07 07:15 579584 C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 05:00 15360 C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"=
"C:\\Program Files\\PC-Telephone\\PCTel.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\WINDOWS\\system32\\CSCP.exe"=
"C:\\WINDOWS\\system32\\CSNotify.exe"=
"C:\\WINDOWS\\system32\\CSSvr.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 7.0.1.325\\English\\setup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"13210:TCP"= 13210:TCP:BitCometBeta 13210 TCP
"13210:UDP"= 13210:UDP:BitCometBeta 13210 UDP
"8368:TCP"= 8368:TCP:BitComet 8368 TCP
"8368:UDP"= 8368:UDP:BitComet 8368 UDP
R1 ndiswann;ndiswann;C:\WINDOWS\system32\drivers\ndiswann.sys [2008-02-15 20:42]
R2 IJPLMSVC;PIXMA Extended Survey Program;C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 08:49]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-04 05:00]
S3 CSProt;CSProt;C:\WINDOWS\system32\CSProt.sys [2008-01-31 07:20]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
"2008-05-07 21:20:22 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-09 16:43:13
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
C:\sccfg.sys 20 bytes
scan completed successfully
hidden files: 1
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\WINDOWS\system32\CSsp.dll
PROCESS: C:\WINDOWS\explorer.exe
-> ?:\WINDOWS\System32\CSCDLL.dll
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
.
**************************************************************************
.
Completion time: 2008-05-09 16:48:25 - machine was rebooted [Owner]
ComboFix-quarantined-files.txt 2008-05-09 23:48:15
Pre-Run: 705,863,680 bytes free
Post-Run: 709,308,416 bytes free
195 --- E O F --- 2008-05-08 13:13:46
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:54, on 5/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\cssp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cssp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cssp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cssp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cssp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\cssp.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst20040510.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{58E011F5-8168-4B5C-A410-9F0617589A0D}: NameServer = 202.188.0.133 202.188.1.5
O20 - Winlogon Notify: ljJAQKbX - ljJAQKbX.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe (file missing)
--
End of file - 5525 bytes
and agree to merge the information into the registry,then restart your pc.