DDS (Ver_09-09-29.01) - NTFSx86 Run by JHerpy at 11:05:48.39 on Sun 10/04/2009 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_05 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.345 [GMT -7:00] AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe C:\WINDOWS\Explorer.EXE c:\program files\common files\mcafee\mna\mcnasvc.exe C:\WINDOWS\stsystra.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files\DellSupport\DSAgnt.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Brother\Brmfcmon\BrMfimon.exe C:\Program Files\MySpace\IM\MySpaceIM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\Program Files\NETGEAR\WG111v3\WG111v3.exe svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k netsvcs C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\JHerpy\Local Settings\Temporary Internet Files\Content.IE5\BLYQB0DJ\dds[1].pif ============== Pseudo HJT Report =============== uStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = ;*.local uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\progra~1\mcafee\viruss~1\scriptsn.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [SigmatelSysTrayApp] stsystra.exe mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe" mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_05\bin\jusched.exe" mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe" mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe" mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe" mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini" mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript dRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v3\WG111v3.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll Trusted Zone: musicmatch.com\online DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} - hxxp://www.ipix.com/download/ipixx.cab DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab TCP: {0AA96EE7-4CB9-4039-913E-C508A829F307} = 4.2.2.1,4.2.2.2 Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll ================= FIREFOX =================== FF - ProfilePath - FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom c:\program files\mozilla firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties"); ============= SERVICES / DRIVERS =============== R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2006-10-6 214024] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-11-13 210216] R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2008-5-10 359952] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2006-10-6 144704] R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2006-10-6 606736] R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2006-10-6 79816] R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2006-10-6 35272] R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2006-10-6 40552] R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2007-4-23 224896] S2 0318341254615896mcinstcleanup;McAfee Application Installer Cleanup (0318341254615896);c:\windows\temp\031834~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\windows\temp\031834~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?] S3 acfva;acfva;c:\windows\system32\drivers\acfva.sys [2004-12-6 86528] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-9-5 29744] S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2006-10-6 34248] =============== Created Last 30 ================ 2009-10-03 13:19 --d----- c:\docume~1\jherpy\applic~1\Malwarebytes 2009-10-03 13:19 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-03 13:19 19,160 a------- c:\windows\system32\drivers\mbam.sys 2009-10-03 13:19 --d----- c:\program files\Malwarebytes' Anti-Malware 2009-10-03 13:19 --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-10-03 12:26 a-dshr-- C:\cmdcons 2009-10-03 12:25 229,888 a------- c:\windows\PEV.exe 2009-10-03 12:25 161,792 a------- c:\windows\SWREG.exe 2009-10-03 12:25 98,816 a------- c:\windows\sed.exe 2009-09-23 18:41 --d----- c:\program files\Shared 2009-09-21 13:01 242 a------- c:\windows\Brpfx04a.ini 2009-09-21 13:01 93 a------- c:\windows\brpcfx.ini 2009-09-21 13:01 419 a------- c:\windows\BRWMARK.INI 2009-09-21 13:01 27 a------- c:\windows\BRPP2KA.INI 2009-09-21 13:01 6,784 a------- c:\windows\system32\drivers\serscan.sys 2009-09-21 13:01 6,784 a------- c:\windows\system32\dllcache\serscan.sys 2009-09-21 13:01 50 a------- c:\windows\system32\bridf08b.dat 2009-09-21 13:01 73,728 -------- c:\windows\system32\BRCrypt.dll 2009-09-21 13:00 --d----- c:\program files\Brother 2009-09-21 12:57 --d----- c:\program files\Nuance 2009-09-21 12:56 31,567 a------- c:\windows\maxlink.ini 2009-09-21 12:56 --d----- c:\program files\common files\ScanSoft Shared 2009-09-21 12:55 --d----- c:\program files\ScanSoft 2009-09-21 12:55 --d----- c:\docume~1\alluse~1\applic~1\Brother 2009-09-09 15:41 153,088 -------- c:\windows\system32\dllcache\triedit.dll ==================== Find3M ==================== 2009-09-21 13:50 3,558 a--sh--- c:\windows\system32\KGyGaAvL.sys 2009-08-13 08:16 512,000 a------- c:\windows\system32\dllcache\jscript.dll 2009-08-05 02:11 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-08-05 02:11 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll 2009-07-19 06:33 3,597,824 -------- c:\windows\system32\dllcache\mshtml.dll 2009-07-19 06:32 6,067,200 -------- c:\windows\system32\dllcache\ieframe.dll 2009-07-17 11:55 58,880 a------- c:\windows\system32\atl.dll 2009-07-17 11:55 58,880 -------- c:\windows\system32\dllcache\atl.dll 2009-07-13 10:08 286,720 a------- c:\windows\system32\wmpdxm.dll 2009-07-13 10:08 286,720 -------- c:\windows\system32\dllcache\wmpdxm.dll 2009-07-13 10:08 5,537,792 -------- c:\windows\system32\dllcache\wmp.dll 2009-07-10 06:42 1,315,328 -------- c:\windows\system32\dllcache\msoe.dll 2007-04-23 14:21 269,824 a------- c:\windows\inf\wg111v3\vista64\wg111v3.sys 2007-04-23 14:11 224,896 a------- c:\windows\inf\wg111v3\wg111v3.sys 2006-12-15 11:30 315,392 a------- c:\windows\inf\wg111v3\InstallDriver.exe 2006-12-15 11:30 212,992 a------- c:\windows\inf\wg111v3\CopyWHQLDriver.exe 2006-12-15 11:30 98,304 a------- c:\windows\inf\wg111v3\UScanM.exe 2006-12-15 11:30 66,048 a------- c:\windows\inf\wg111v3\EAPPkt.sys 2006-12-15 11:30 28,672 a------- c:\windows\inf\wg111v3\SetDrv.exe 2006-12-15 11:30 20,480 a------- c:\windows\inf\wg111v3\RTWUPath.exe 2006-12-15 11:30 19,968 a------- c:\windows\inf\wg111v3\RTWREFU.EXE ============= FINISH: 11:06:34.18 ===============