. DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 6.0.2900.2180 Run by Chris at 11:12:18 on 2012-09-17 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.428 [GMT -4:00] . AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: McAfee VirusScan *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe svchost.exe svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\WINDOWS\eHome\ehRecvr.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\WINDOWS\stsystra.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Creative\VoiceCenter\AndreaVC.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\DOCUME~1\Chris\LOCALS~1\Temp\clclean.0001 C:\Program Files\AVAST Software\Avast\avastUI.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe svchost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe c:\program files\common files\installshield\updateservice\isuspm.exe C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\DOCUME~1\Chris\LOCALS~1\Temp\nsb518.tmp\MBR.DAT . ============== Pseudo HJT Report =============== . uStart Page = about:blank uSearch Bar = mDefault_Page_URL = hxxp://www.dell.com mStart Page = about:blank uInternet Connection Wizard,ShellNext = hxxp://www.dell.com/ uInternet Settings,ProxyOverride = BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll uRun: [ModemOnHold] c:\program files\netwaiting\netWaiting.exe uRun: [SetDefaultMIDI] MIDIDef.exe uRun: [Creative Detector] "c:\program files\creative\mediasource\detector\CTDetect.exe" /R mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe" mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless mRun: [SigmatelSysTrayApp] stsystra.exe mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r mRun: [MBMon] Rundll32 CTMBHA.DLL,MBMon mRun: [UpdReg] c:\windows\UpdReg.EXE mRun: [VoiceCenter] "c:\program files\creative\voicecenter\AndreaVC.exe" /tray mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe" mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [dla] c:\windows\system32\dla\tfswctrl.exe mRun: [] mRun: [BuildBU] c:\dell\bldbubg.exe mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [HTAReg] "c:\program files\creative\sound blaster audigy advanced mb\product registration\english\HTAReg.exe" /Reboot=1 StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll Trusted Zone: musicmatch.com\online DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{03C02C4E-EFB1-445B-8BBE-D35D513ECBB1} : DhcpNameServer = 209.18.47.61 209.18.47.62 Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Notify: AtiExtEvent - Ati2evxx.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\chris\application data\mozilla\firefox\profiles\z4r2bh9e.default\ FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_265.dll . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-9-13 729752] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-9-13 355632] R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2012-9-13 101112] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-9-13 21256] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-9-13 44808] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-13 399432] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-9-13 676936] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-9-13 22856] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-9-16 129976] . =============== Created Last 30 ================ . 2012-09-16 16:12:10 -------- d-----w- c:\program files\Mozilla Maintenance Service 2012-09-16 16:11:57 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll 2012-09-16 16:11:57 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll 2012-09-16 16:11:56 588728 ----a-w- c:\program files\mozilla firefox\gkmedias.dll 2012-09-16 16:11:56 157352 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe 2012-09-16 16:11:56 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe 2012-09-16 16:11:55 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll 2012-09-16 16:11:55 43960 ----a-w- c:\program files\mozilla firefox\mozglue.dll 2012-09-16 16:11:54 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll 2012-09-16 16:11:54 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll 2012-09-14 16:17:31 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-09-14 16:17:31 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-14 06:52:25 -------- d-----w- c:\documents and settings\chris\local settings\application data\Adobe 2012-09-14 06:50:33 59264 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys 2012-09-14 06:50:33 59264 ----a-w- c:\windows\system32\dllcache\usbaudio.sys 2012-09-14 04:51:42 1409 ----a-w- c:\windows\QTFont.for 2012-09-14 02:32:13 42864 ----a-w- c:\windows\system32\sbbd.exe 2012-09-14 02:32:13 101112 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2012-09-14 02:32:04 -------- d-----w- C:\VIPRERESCUE 2012-09-14 00:04:30 205072 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2012-09-13 23:52:21 -------- d-----w- c:\documents and settings\chris\application data\Malwarebytes 2012-09-13 23:52:14 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-09-13 23:52:13 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-13 23:52:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-13 18:03:15 -------- d-----w- c:\documents and settings\chris\application data\McAfee.com Personal Firewall 2012-09-13 17:59:16 21504 ----a-w- c:\windows\system32\hidserv.dll 2012-09-13 17:59:13 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2012-09-13 17:59:06 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys 2012-09-13 17:59:01 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2012-09-13 17:58:57 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys 2012-09-13 17:34:40 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-09-13 17:34:02 41224 ----a-w- c:\windows\avastSS.scr 2012-09-13 17:33:40 -------- d-----w- c:\program files\AVAST Software 2012-09-13 17:33:40 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software 2012-09-13 17:10:22 26496 ----a-w- c:\windows\system32\dllcache\usbstor.sys . ==================== Find3M ==================== . . ============= FINISH: 11:12:36.10 ===============