DDS (Ver_09-10-13.01) - NTFSx86 Run by Robert at 19:02:20.18 on Thu 10/15/2009 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_11 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1356 [GMT -5:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\WINDOWS\system32\jwpen.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\Novatel Wireless\Sprint\Sprint PCS Connection Manager\OSCMUtilityService.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\WLTRAY.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\X3watch\x3watch.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\VM_STI.EXE C:\WINDOWS\system32\HWKeyPlus.exe C:\WINDOWS\system32\HWTabTray.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Philips\Philips SPC315NC Webcam\TrayMin315.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Program Files\MagicDisc\MagicDisc.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Robert\Desktop\Tech\dds.pif ============== Pseudo HJT Report =============== uStart Page = about:blank mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com uURLSearchHooks: H - No File uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe" uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 1.1.4322; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www2.tcnet.ne.jp/metadoll/mov13.htm" mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [x3watch] c:\program files\x3watch\x3watch.exe mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [BigDogPath] c:\windows\vm_sti.exe %;usb\VID_0AC8&PID_0302.DeviceDesc% mRun: [HWTablet KeyPlus] c:\windows\system32\HWKeyPlus.exe mRun: [HWTablet Service] c:\windows\system32\HWTabTray.exe StartupFolder: c:\docume~1\robert\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe StartupFolder: c:\docume~1\robert\startm~1\programs\startup\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\traymi~1.lnk - c:\program files\philips\philips spc315nc webcam\TrayMin315.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll Notify: avgrsstarter - avgrsstx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-9-16 335240] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-9-16 108552] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-9-16 297752] R2 HWSuperPowerTablet;HWSuperPowerTablet;c:\windows\system32\jwpen.exe [2009-10-13 225280] R2 Stuffit Archive Name Service;Stuffit Archive Name Service;c:\program files\smith micro\stuffit11\ArcNameService.exe [2007-5-1 157264] S2 gupdate1ca4c651c6ccf02;Google Update Service (gupdate1ca4c651c6ccf02);c:\program files\google\update\GoogleUpdate.exe [2009-10-13 133104] S2 HYRDBios;HYRDBios;c:\windows\system32\drivers\hyrdbios.sys --> c:\windows\system32\drivers\HYRDBios.sys [?] S2 MediaMall Server;MediaMall Server;c:\program files\mediamall\MediaMallServer.exe [2009-2-13 16] S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2007-10-12 99200] S3 rkhdrv40;Rootkit Unhooker Driver; [x] =============== Created Last 30 ================ 2009-10-15 16:50 --d----- c:\program files\common files\DivX Shared 2009-10-14 20:10 --d----- c:\program files\Graphmatica 2009-10-13 22:46 --d----- c:\program files\Iteral 2009-10-13 19:52 5,504 ac------ c:\windows\system32\dllcache\mstee.sys 2009-10-13 19:52 5,504 a------- c:\windows\system32\drivers\MSTEE.sys 2009-10-13 19:52 10,880 ac------ c:\windows\system32\dllcache\ndisip.sys 2009-10-13 19:52 10,880 a------- c:\windows\system32\drivers\NdisIP.sys 2009-10-13 19:52 16,384 ac------ c:\windows\system32\dllcache\ipsink.ax 2009-10-13 19:52 15,232 ac------ c:\windows\system32\dllcache\streamip.sys 2009-10-13 19:52 16,384 a------- c:\windows\system32\ipsink.ax 2009-10-13 19:52 15,232 a------- c:\windows\system32\drivers\StreamIP.sys 2009-10-13 19:49 262,254 a------- c:\windows\system32\VM31bPrp.Ax 2009-10-13 19:49 147,456 a------- c:\windows\VMCap.exe 2009-10-13 19:49 91,527 a------- c:\windows\system32\drivers\usbVM31b.sys 2009-10-13 19:49 61,440 a------- c:\windows\system32\VM31bSTI.dll 2009-10-13 19:49 53,248 a------- c:\windows\amcap.exe 2009-10-13 19:49 40,960 a------- c:\windows\VM_STI.EXE 2009-10-13 19:49 --d----- c:\program files\Philips 2009-10-13 19:27 --d--r-- c:\program files\Skype 2009-10-11 21:24 --d----- C:\Downloads 2009-10-11 16:48 --d----- c:\docume~1\robert\applic~1\Free Download Manager 2009-10-11 16:47 --d----- c:\program files\Free Download Manager 2009-10-08 07:49 --d----- c:\program files\XVideoConverter 2009-09-27 13:12 --d----- c:\docume~1\robert\applic~1\StreamTorrent 2009-09-27 12:55 --d----- c:\docume~1\alluse~1\applic~1\TVU Networks 2009-09-27 12:55 --d----- c:\documents and settings\robert\LocalLow 2009-09-22 22:12 --d----- C:\RkUnhooker 2009-09-21 14:01 a-dshr-- C:\cmdcons 2009-09-20 13:21 --d----- C:\UBCD4Win 2009-09-18 09:49 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-18 09:49 19,160 a------- c:\windows\system32\drivers\mbam.sys 2009-09-17 09:09 --d----- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar 2009-09-17 08:58 --d----- c:\program files\Trend Micro 2009-09-17 07:58 229,888 a------- c:\windows\PEV.exe 2009-09-17 07:58 161,792 a------- c:\windows\SWREG.exe 2009-09-17 07:58 98,816 a------- c:\windows\sed.exe 2009-09-16 20:54 4 a------- C:\KLSA.DAT 2009-09-16 20:28 --d----- c:\program files\SpywareDetector 2009-09-16 20:27 --d----- C:\SDFix 2009-09-16 19:07 --d----- C:\$AVG8.VAULT$ 2009-09-16 19:05 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-09-16 19:05 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-09-16 19:05 335,240 a------- c:\windows\system32\drivers\avgldx86.sys 2009-09-16 19:04 --d----- c:\windows\system32\drivers\Avg 2009-09-16 19:04 --d----- c:\program files\AVG 2009-09-16 18:54 --d----- c:\docume~1\robert\applic~1\AVG8 ==================== Find3M ==================== 2009-10-14 20:18 3,116 a------- c:\windows\system32\HWTablet.bin 2009-09-15 23:43 81,984 a------- c:\windows\system32\bdod.bin 2009-09-10 13:12 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_xusb21_01005.Wdf 2009-08-05 04:01 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-08-03 15:07 403,816 a------- c:\windows\system32\OGACheckControl.dll 2009-08-03 15:07 322,928 a------- c:\windows\system32\OGAAddin.dll 2009-08-03 15:07 230,768 a------- c:\windows\system32\OGAEXEC.exe 2009-07-22 21:42 47,360 a------- c:\docume~1\robert\applic~1\pcouffin.sys 2008-12-02 12:02 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008120220081203\index.dat 2008-12-03 22:01 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008120320081204\index.dat ============= FINISH: 19:02:58.56 ===============