Help
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.
This topic is locked
DDS (Ver_09-05-14.01) - NTFSx86
Run by Tony at 1:14:38.03 on Fri 06/05/2009
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_14
Microsoft® Windows Vista™ Business 6.0.6001.1.1252.1.1033.18.2037.810 [GMT -4:00]
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: ESET Smart Security 3.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FW: ESET Personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\dvd43\DVD43_Tray.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\lxcecoms.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\STacSV.exe
C:\Program Files\Digital Asphyxia\Y!TunnelPro 2.5\YTPro.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Yahoo!\Messenger\yahoomessenger.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\calc.exe
C:\Program Files\Xi\NetXfer\NetTransport.exe
C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe
C:\Program Files\NETGEAR\PS121v2\PS121v2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\HandBrake\Handbrake.exe
C:\Program Files\YAMB\Yamb.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Mozilla Firefox 3.5 Beta 4\firefox.exe
C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe
C:\Program Files\Red Kawa\Video Converter App\VideoConverterApp.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\HandBrake\Handbrake.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Tony\Downloads\dds.scr
============== Pseudo HJT Report ===============
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\program files\orbitdownloader\orbitcth.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: NXIECatcher Class: {83b80a9c-d91a-4f22-8dcf-ea7204039f79} - c:\program files\xi\netxfer\NXIEHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: NetXfer: {c16cbaac-a75c-4db5-a0dd-cdf5cafcdd3a} - c:\program files\xi\netxfer\NXToolBar.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - c:\program files\orbitdownloader\GrabPro.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
uRun: [Y!TunnelPro] "c:\program files\digital asphyxia\y!tunnelpro 2.5\YTPro.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [Windows Defender] "%ProgramFiles%\Windows Defender\MSASCui.exe" -hide
mRun: [SigmatelSysTrayApp] "%ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe"
mRun: [IgfxTray] "c:\windows\system32\igfxtray.exe"
mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe"
mRun: [Persistence] "c:\windows\system32\igfxpers.exe"
mRun: [PS121v2] "c:\program files\netgear\ps121v2\PS121v2.exe" /hide
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [dvd43] "c:\program files\dvd43\dvd43_tray.exe"
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [LXCECATS] "rundll32" c:\windows\system32\spool\drivers\w32x86\3\LXCEtime.dll,_RunDLLEntry@16
mRun: [SpySweeper] "c:\program files\webroot\webrootsecurity\SpySweeperUI.exe" /startintray
mRunOnce: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /install /silent
StartupFolder: c:\users\tony\appdata\roaming\micros~1\windows\startm~1\programs\startup\iphone~1.lnk - c:\program files\iphoneringtonemaker\iPhoneRingToneMaker.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\audibl~1.lnk - c:\program files\audible\bin\AudibleDownloadHelper.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\monitor.lnk - c:\program files\philips webcam\Monitor.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\orbit.lnk - c:\program files\orbitdownloader\orbitdm.exe
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38E51477-DDB4-4aed-9D61-D0C193E10749} {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38e51477-ddb4-4aed-9d61-d0c193e10749}\inprocserver32 does not exist!
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Notify: igfxcui - igfxdev.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\tony\appdata\roaming\mozilla\firefox\profiles\adsuumvq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://search.orbitdownloader.com
FF - component: c:\program files\paypal\paypal plug-in\components\PayPalPlugin.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\mozilla firefox 3.5 beta 4\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox 3.5 beta 4\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox 3.5 beta 4\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox 3.5 beta 4\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox 3.5 beta 4\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox 3.5 beta 4\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox 3.5 beta 4\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox 3.5 beta 4\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox 3.5 beta 4\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox 3.5 beta 4\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox 3.5 beta 4\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox 3.5 beta 4\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox 3.5 beta 4\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox 3.5 beta 4\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox 3.5 beta 4\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox 3.5 beta 4\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox 3.5 beta 4\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox 3.5 beta 4\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox 3.5 beta 4\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
============= SERVICES / DRIVERS ===============
R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [2009-2-13 29808]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2009-1-16 100368]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2009-1-16 41680]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-1-20 179712]
R3 NETGEARUHOST;NETGEAR Network USB Host Controller;c:\windows\system32\drivers\NETGEARUHOST.sys [2009-1-15 13824]
R3 NETGEARUHUB;NETGEAR Network USB Root Hub;c:\windows\system32\drivers\NETGEARUHUB.sys [2009-1-15 35840]
R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-8-29 3664384]
R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [2009-2-8 23096]
R3 SndTVideo;SndTVideo;c:\windows\system32\drivers\SndTVideo.sys [2009-2-8 3768]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2008-12-17 81360]
S3 Ca2001v;CA2001 WebCam Driver;c:\windows\system32\drivers\Ca2001v.sys [2008-2-19 2333568]
S3 NETGEARUCOMP;NETGEAR Network USB Composite Device;c:\windows\system32\drivers\NETGEARUCOMP.sys [2009-1-15 14336]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-1-25 42000]
S3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\drivers\PCAMp50.sys [2006-11-28 28224]
=============== Created Last 30 ================
2009-06-03 16:22 <DIR> --d----- c:\users\tony\appdata\roaming\Red Kawa
2009-06-03 01:31 <DIR> --d----- c:\program files\Regensoft
2009-06-03 01:30 <DIR> --d----- c:\program files\Red Kawa
2009-06-02 02:50 <DIR> --d----- c:\users\tony\appdata\roaming\HandBrake
2009-05-29 01:43 <DIR> --d----- C:\Rooter$
2009-05-26 23:02 <DIR> --d----- c:\program files\Mozilla Firefox 3.5 Beta 4
2009-05-17 00:41 <DIR> --d----- c:\program files\PayPal
==================== Find3M ====================
2009-05-29 01:04 410,984 a------- c:\windows\system32\deploytk.dll
2009-05-26 13:20 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-26 13:19 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-05-04 13:37 323,584 a------- c:\windows\system32\AUDIOGENIE2.DLL
2009-04-21 22:53 86,016 a------- c:\windows\inf\infstor.dat
2009-04-21 22:53 51,200 a------- c:\windows\inf\infpub.dat
2009-04-21 22:53 143,360 a------- c:\windows\inf\infstrng.dat
2009-03-16 23:38 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-03-16 23:38 13,824 a------- c:\windows\system32\apilogen.dll
2009-03-16 23:38 24,064 a------- c:\windows\system32\amxread.dll
2009-01-23 14:33 87,608 a------- c:\users\tony\appdata\roaming\inst.exe
2009-01-23 14:33 47,360 a------- c:\users\tony\appdata\roaming\pcouffin.sys
2009-01-13 22:24 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-20 22:43 174 a--sh--- c:\program files\desktop.ini
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-01-14 00:40 16,384 a--sh--- c:\windows\temp\cookies\index.dat
2009-01-14 00:40 16,384 a--sh--- c:\windows\temp\history\history.ie5\index.dat
2009-01-14 00:40 49,152 a--sh--- c:\windows\temp\temporary internet files\content.ie5\index.dat
============= FINISH: 1:17:21.89 ===============
Attached File(s)
-
Attach.txt (4.54K)
Number of downloads: 3
Back to top
