DDS (Version 1.1.0) - NTFSx86 Run by Kevgeez at 1:47:18.34 on Wed 12/24/2008 Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_10 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.894.88 [GMT -5:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\iWin Games\iWinGamesInstaller.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\TUProgSt.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\AIM6\aim6.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\AIM6\aolsoftware.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\ImgBurn\ImgBurn.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Windows\servicing\TrustedInstaller.exe c:\program files\windows defender\MpCmdRun.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Kevgeez\Desktop\dds.com C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T5230 mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T5230 uInternet Settings,ProxyOverride = ;*.local mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T5230 BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg8\avgssie.dll BHO: Yahoo! IE Services Button: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Yahoo! ¤u¨ã¦C: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll TB: Veoh Browser Plug-in: {D0943516-5076-4020-A3B5-AEFAF26AB263} - c:\program files\veoh networks\veoh\plugins\reg\VeohToolbar.dll TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - c:\program files\daemon tools toolbar\DTToolbar.dll uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background uRun: [Yahoo! Pager] "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide mRun: [CanonSolutionMenu] "c:\program files\canon\solutionmenu\CNSLMAIN.exe" /logon mRun: [CanonMyPrinter] "c:\program files\canon\myprinter\BJMyPrt.exe" /logon mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe" mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [BlackBerryAutoUpdate] c:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe /background mRun: [] mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe" mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe StartupFolder: c:\users\kevgeez\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\owner\appdata\roaming\microsoft\windows\start menu\programs\imvu\Run IMVU.lnk IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\owner\appdata\roaming\microsoft\windows\start menu\programs\imvu\Run IMVU.lnk IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe LSP: c:\windows\system32\wpclsp.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll AppInit_DLLs: avgrsstx.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\kevgeez\appdata\roaming\mozilla\firefox\profiles\yrcjvcmi.default\ FF - prefs.js: browser.search.selectedEngine - DAEMON Search FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157 FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_ZangoSA.dll FF - plugin: c:\program files\mozilla firefox\plugins\npkanevapatch.dll FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll FF - plugin: c:\program files\yahoo!\common\npyaxmpb.dll FF - plugin: c:\program files\yahoo!\shared\npYState.dll ============= SERVICES / DRIVERS =============== =============== Created Last 30 ================ 2008-12-23 00:00 --d----- c:\users\kevgeez\appdata\roaming\Malwarebytes 2008-12-23 00:00 15,504 a------- c:\windows\system32\drivers\mbam.sys 2008-12-23 00:00 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2008-12-23 00:00 --d----- c:\programdata\Malwarebytes 2008-12-23 00:00 --d----- c:\program files\Malwarebytes' Anti-Malware 2008-12-23 00:00 --d----- c:\progra~2\Malwarebytes 2008-12-22 21:36 --d----- C:\SDFix 2008-12-21 15:01 --d----- c:\program files\EA GAMES 2008-12-21 14:02 442,368 a----r-- c:\windows\system32\vp6vfw.dll 2008-12-21 12:57 --d----- c:\program files\DAEMON Tools Lite 2008-12-21 12:50 717,296 a------- c:\windows\system32\drivers\sptd.sys 2008-12-19 02:41 603,904 a------- c:\windows\system32\TUProgSt.exe 2008-12-19 02:41 27,904 a------- c:\windows\system32\uxtuneup.dll 2008-12-19 02:41 17,152 a------- c:\windows\system32\authuitu.dll 2008-12-19 02:41 360,192 a------- c:\windows\system32\TuneUpDefragService.exe 2008-12-19 02:40 --d----- c:\users\kevgeez\appdata\roaming\TuneUp Software 2008-12-19 02:40 --d----- c:\programdata\TuneUp Software 2008-12-19 02:40 --d----- c:\program files\TuneUp Utilities 2009 2008-12-19 02:40 --d----- c:\progra~2\TuneUp Software 2008-12-19 02:38 --dsh--- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357} 2008-12-19 02:38 --dsh--- c:\progra~2\{55A29068-F2CE-456C-9148-C869879E2357} 2008-12-16 13:25 --d-h--- C:\$AVG8.VAULT$ 2008-12-16 12:37 10,520 a------- c:\windows\system32\avgrsstx.dll 2008-12-16 12:37 69,128 a------- c:\windows\system32\drivers\avgwfpx.sys 2008-12-16 12:37 97,928 a------- c:\windows\system32\drivers\avgldx86.sys 2008-12-16 12:36 --d----- c:\windows\system32\drivers\Avg 2008-12-16 12:36 --d----- c:\program files\AVG 2008-12-16 12:36 --d----- c:\programdata\avg8 2008-12-16 12:36 --d----- c:\progra~2\avg8 2008-12-15 19:10 --d----- c:\users\kevgeez\appdata\roaming\Research In Motion 2008-12-15 18:37 --d----- c:\programdata\Sonic 2008-12-15 18:33 --d----- c:\programdata\Roxio 2008-12-15 18:33 --d----- c:\program files\common files\Sonic Shared 2008-12-15 18:33 --d----- c:\program files\Roxio 2008-12-15 18:27 26,496 a------- c:\windows\system32\drivers\RimSerial.sys 2008-12-15 18:25 --d----- c:\program files\common files\Research In Motion 2008-12-15 18:25 --d----- c:\program files\Research In Motion 2008-12-15 12:44 --d----- c:\programdata\acccore 2008-12-15 12:44 --d----- c:\progra~2\acccore 2008-12-15 12:41 --d----- c:\programdata\AOL Downloads 2008-12-12 23:09 --d----- c:\programdata\WindowsSearch 2008-12-12 16:31 --d----- c:\programdata\Kaspersky Lab 2008-12-12 16:31 --d----- c:\progra~2\Kaspersky Lab 2008-12-12 16:27 --d----- c:\programdata\Kaspersky Lab Setup Files 2008-12-12 16:27 --d----- c:\progra~2\Kaspersky Lab Setup Files 2008-11-30 00:31 1,524,736 a------- c:\windows\system32\wucltux.dll 2008-11-30 00:31 83,456 a------- c:\windows\system32\wudriver.dll 2008-11-30 00:30 162,064 a------- c:\windows\system32\wuwebv.dll 2008-11-30 00:30 31,232 a------- c:\windows\system32\wuapp.exe 2008-11-29 19:55 --d----- c:\program files\WildGames 2008-11-27 11:13 --d----- c:\program files\LBA2 Twinsen's Odyssey Demo 2008-11-26 12:43 410,976 a------- c:\windows\system32\deploytk.dll 2008-11-26 12:34 241,152 a------- c:\windows\system32\PortableDeviceApi.dll 2008-11-26 12:34 212,480 a------- c:\windows\system32\drivers\mrxsmb10.sys 2008-11-26 12:33 1,191,936 a------- c:\windows\system32\msxml3.dll 2008-11-26 12:33 712,704 a------- c:\windows\system32\WindowsCodecs.dll 2008-11-26 12:33 425,472 a------- c:\windows\system32\PhotoMetadataHandler.dll 2008-11-26 12:33 347,136 a------- c:\windows\system32\WindowsCodecsExt.dll 2008-11-26 12:33 1,645,568 a------- c:\windows\system32\connect.dll 2008-11-26 12:33 1,334,272 a------- c:\windows\system32\msxml6.dll ==================== Find3M ==================== 2008-12-16 12:13 86,016 a------- c:\windows\inf\infstrng.dat 2008-12-16 12:13 86,016 a------- c:\windows\inf\infstor.dat 2008-12-16 12:13 51,200 a------- c:\windows\inf\infpub.dat 2008-12-12 13:24 123,952 a------- c:\windows\system32\drivers\SYMEVENT.SYS 2008-12-12 13:24 10,671 a------- c:\windows\system32\drivers\SYMEVENT.CAT 2008-12-12 13:24 805 a------- c:\windows\system32\drivers\SYMEVENT.INF 2008-10-28 07:58 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2008-10-26 11:19 174 a--sh--- c:\program files\desktop.ini 2008-10-26 10:50 665,600 a------- c:\windows\inf\drvindex.dat 2008-10-26 09:59 101,888 a------- c:\windows\system32\ifxcardm.dll 2008-10-26 09:59 82,432 a------- c:\windows\system32\axaltocm.dll 2008-10-14 02:27 356,352 a------- c:\windows\eSellerateEngine.dll 2008-10-01 22:49 827,392 a------- c:\windows\system32\wininet.dll 2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll 2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat 2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat 2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat 2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat 2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat 2008-05-23 10:03 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat 2008-05-23 10:03 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat 2008-05-23 10:03 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat 2008-04-29 06:02 16,384 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat 2008-04-29 06:02 32,768 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat 2008-04-29 06:02 16,384 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat ============= FINISH: 1:48:26.21 ===============