The 2 emails contain info from comcast notifying me of those 2 emails being undeliverable, but there's not any record of the emails themselves in my sent/outbox (emails that I never sent anyway).
I've ran further scans, with no results, so I'm not sure if I'm still infected (if that was the cause anyway).
Any help would be greately appreciated. Thank you.
DDS (Ver_09-05-14.01) - NTFSx86
Run by Jason Lake at 16:51:26.59 on Fri 06/12/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.410 [GMT -4:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9FA.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\System32\LVComsX.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\Jason Lake\Desktop\dds.scr
============== Pseudo HJT Report ===============
uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.comcast.net/
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = localhost;*.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {fdd3b846-8d59-4ffb-8758-209b6ad74acc} - c:\program files\microsoft money\system\mnyviewer.dll
TB: {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [EPSON Stylus Photo R320 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /M "Stylus Photo R320" /EF "HKCU"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\WCESCOMM.EXE"
mRun: [EPSON Stylus Photo R320 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [LogitechVideoTray] c:\program files\logitech\video\LogiTray.exe
mRun: [LogitechVideoRepair] c:\program files\logitech\video\ISStart.exe
mRun: [EEventManager] c:\program files\epson\creativity suite\event manager\EEventManager.exe
mRun: [ccApp] c:\program files\common files\symantec shared\ccApp.exe
dRun: [Exetender] "c:\program files\free ride games\GPlayer.exe /runonstartup"
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INETREPL.DLL
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INETREPL.DLL
IE: {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - {301DA1EE-F65C-4188-A417-9E915CC8FBFA} - c:\program files\microsoft money\system\mnyviewer.dll
DPF: CabBuilder - hxxp://ak.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7}
DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://connect.sparrow.org/dana-cached/setup/JuniperSetupSP1.cab
Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - c:\program files\microsoft activesync\AATP.DLL
WinCE Filter: image/bmp - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
WinCE Filter: image/gif - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
WinCE Filter: image/jpeg - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
WinCE Filter: image/xbm - {86F59FAE-FB3A-11D1-AA72-00C04FAE2D4B} - c:\program files\microsoft activesync\CENETFLT.DLL
WinCE Filter: text/asp - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - c:\program files\microsoft activesync\CENETFLT.DLL
WinCE Filter: text/html - {6C5C3074-FFAB-11d1-8EC4-00C04F98D57A} - c:\program files\microsoft activesync\CENETFLT.DLL
Notify: avgrsstarter - avgrsstx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-28 327688]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-5-28 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-28 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-5-28 908568]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-5-28 298776]
R2 IntuitUpdateService;Intuit Update Service;c:\program files\common files\intuit\update service\IntuitUpdateService.exe [2008-10-10 13088]
S3 asbp2poa;asbp2poa;\??\c:\docume~1\jasonl~1\locals~1\temp\asbp2poa.sys --> c:\docume~1\jasonl~1\locals~1\temp\asbp2poa.sys [?]
============== File Associations ===============
txtfile=NOTEPAD.EXE "%1"
=============== Created Last 30 ================
2009-06-12 16:08 <DIR> --d----- c:\program files\Trend Micro
2009-06-11 10:21 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll
2009-06-11 10:21 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll
2009-06-03 18:05 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-06-03 18:03 <DIR> --d----- c:\program files\iPod
2009-06-03 18:02 <DIR> --d----- c:\program files\iTunes
2009-05-28 18:26 196 a---h--- C:\aaw7boot.cmd
2009-05-28 15:48 <DIR> --d----- c:\docume~1\jasonl~1\applic~1\IObit
2009-05-28 15:47 <DIR> --d----- c:\program files\Lavasoft
2009-05-28 12:49 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-05-28 09:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-05-28 09:54 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-05-28 09:54 <DIR> --d----- c:\docume~1\jasonl~1\applic~1\SUPERAntiSpyware.com
2009-05-28 09:40 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-05-28 09:40 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-05-28 09:39 327,688 a------- c:\windows\system32\drivers\avgldx86.sys
2009-05-28 09:39 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-05-28 09:38 <DIR> --d----- c:\program files\AVG
2009-05-28 09:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-05-27 22:08 240 a------- C:\cc_20090527_220826.reg
2009-05-27 22:06 1,197,622 a------- C:\cc_20090527_220640.reg
2009-05-27 19:19 <DIR> --d----- c:\docume~1\jasonl~1\applic~1\Malwarebytes
2009-05-27 19:19 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-05-27 19:19 40,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-27 19:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-05-27 19:18 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-05-27 18:29 <DIR> --d----- c:\program files\CONEXANT
2009-05-27 18:27 1,089,593 -c------ c:\windows\system32\dllcache\ntprint.cat
2009-05-27 17:10 <DIR> --d----- c:\windows\system32\XPSViewer
2009-05-27 17:05 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-05-27 17:05 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll
2009-05-27 17:05 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-05-27 17:05 575,488 -------- c:\windows\system32\xpsshhdr.dll
2009-05-27 17:05 117,760 -------- c:\windows\system32\prntvpt.dll
2009-05-27 17:05 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll
2009-05-27 17:05 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-05-27 17:05 <DIR> --d----- C:\7d85b46275cba0a9dd825b1b3cfa
2009-05-27 17:03 <DIR> --d----- c:\windows\SxsCaPendDel
2009-05-27 16:45 <DIR> --d----- C:\524515b745b8c165ce8378
2009-05-27 16:44 <DIR> --d----- C:\8b0e46fe4d221f7a970bfb04
2009-05-27 16:16 <DIR> -cd-h--- c:\windows\ie8
2009-05-27 14:55 12,160 ac------ c:\windows\system32\dllcache\mouhid.sys
2009-05-27 14:55 12,160 a------- c:\windows\system32\drivers\mouhid.sys
2009-05-27 14:53 21,504 ac------ c:\windows\system32\dllcache\hidserv.dll
2009-05-27 14:53 21,504 a------- c:\windows\system32\hidserv.dll
2009-05-27 14:53 14,592 ac------ c:\windows\system32\dllcache\kbdhid.sys
2009-05-27 14:53 14,592 a------- c:\windows\system32\drivers\kbdhid.sys
2009-05-27 14:53 10,368 ac------ c:\windows\system32\dllcache\hidusb.sys
2009-05-27 14:53 10,368 a------- c:\windows\system32\drivers\hidusb.sys
2009-05-26 21:29 <DIR> --d----- c:\windows\3074EB891BCA4AEFAFF4EFB4634C1923.TMP
2009-05-26 17:18 90,112 a------- c:\windows\system32\QuickTimeVR.qtx
2009-05-26 17:18 57,344 a------- c:\windows\system32\QuickTime.qts
2009-05-23 21:15 <DIR> --d----- c:\program files\MSECache
==================== Find3M ====================
2009-05-13 01:15 915,456 a------- c:\windows\system32\wininet.dll
2009-05-07 11:32 345,600 -------- c:\windows\system32\localspl.dll
2009-05-02 20:26 99,232 a------- c:\docume~1\jasonl~1\applic~1\GDIPFONTCACHEV1.DAT
2009-04-17 08:26 1,847,168 -------- c:\windows\system32\win32k.sys
2009-04-15 10:51 585,216 a------- c:\windows\system32\rpcrt4.dll
2007-12-25 17:01 22,328 ac------ c:\docume~1\jasonl~1\applic~1\PnkBstrK.sys
2006-06-11 01:10 774,144 ac------ c:\program files\RngInterstitial.dll
2008-09-03 15:57 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090320080904\index.dat
============= FINISH: 16:52:18.32 ===============