DDS (Ver_09-12-01.01) - NTFSx86
Run by RickMaria at 12:14:11.78 on Wed 01/13/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.453 [GMT -6:00]
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FW: McAfee Personal Firewall Plus *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Wave Systems Corp\Services Manager\Secure Update\AutoUpdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Wave Systems Corp\Common\DataServer.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.7\bin\tcsd_win32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\RickMaria\Desktop\dds.scr
============== Pseudo HJT Report ===============
uSearch Bar =
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File
TB: {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - No File
TB: {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
uRun: [ModemOnHold] c:\program files\netwaiting\netWaiting.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [Document Manager] c:\program files\wave systems corp\services manager\docmgr\bin\docmgr.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [DXDllRegExe] dxdllreg.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk - c:\program files\adobe\acrobat 6.0\distillr\acrotray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\embass~1.lnk - c:\program files\wave systems corp\services manager\secure update\AutoUpdate.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1263337703448
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: igfxcui - igfxdev.dll
Notify: PCANotify - PCANotify.dll
AppInit_DLLs: wxvault.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 wvauth
============= SERVICES / DRIVERS ===============
R1 AW_HOST;AW_HOST;c:\windows\system32\drivers\AW_HOST5.sys [2003-10-23 16984]
R1 awlegacy;awlegacy;c:\windows\system32\drivers\AWLEGACY.sys [2003-11-17 11165]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-9-11 108792]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-9-11 735960]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-1-13 38224]
S3 awhost32;pcAnywhere Host Service;c:\program files\symantec\pcanywhere\awhost32.exe [2004-11-1 106496]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2008-5-27 174336]
=============== Created Last 30 ================
2010-01-13 10:06:48 0 d-----w- c:\windows\system32\Adobe
2010-01-13 10:02:26 0 d-----w- c:\windows\Downloaded Program Files
2010-01-13 09:26:05 0 d-----w- c:\program files\CCleaner
2010-01-13 09:20:02 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-13 09:19:58 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-13 09:14:50 0 d-----w- c:\docume~1\rickma~1\applic~1\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2010-01-13 08:56:49 0 d-----w- c:\docume~1\rickma~1\applic~1\ESET
2010-01-13 08:54:44 0 d-----w- c:\program files\ESET
2010-01-13 08:48:50 0 d-----w- c:\program files\Windows Installer Clean Up
2010-01-13 08:48:38 0 d-----w- c:\program files\MSECACHE
2010-01-13 08:44:58 504778 ----a-w- C:\BdUninstallTool2010.01.13-02.44.57.reg
2010-01-13 08:40:43 0 d-----w- c:\program files\Windows Live SkyDrive
2010-01-13 08:40:17 0 d-----w- c:\program files\Microsoft
2010-01-13 08:20:00 0 d-----w- c:\program files\common files\Windows Live
2010-01-13 08:17:55 0 d-----w- c:\windows\system32\GroupPolicy
2010-01-13 08:17:55 0 d-----w- c:\program files\Windows Desktop Search
2010-01-13 08:15:59 98304 ------w- c:\windows\system32\dllcache\nlhtml.dll
2010-01-13 08:15:59 29696 ------w- c:\windows\system32\dllcache\mimefilt.dll
2010-01-13 08:15:58 192000 ------w- c:\windows\system32\dllcache\offfilt.dll
2010-01-13 08:15:05 33664 ----a-w- c:\windows\system32\drivers\BCMWLNPF.SYS
2010-01-13 08:15:01 86016 ----a-w- c:\windows\system32\preflib.dll
2010-01-13 08:15:00 44032 ----a-w- c:\windows\system32\wltrynt.dll
2010-01-13 08:15:00 253952 ----a-w- c:\windows\system32\bcmwlu00.exe
2010-01-13 08:14:59 69632 ----a-w- c:\windows\system32\bcmwlpkt.dll
2010-01-13 08:14:58 3395584 ----a-w- c:\windows\system32\BCMWLCPL.CPL
2010-01-13 08:14:56 1392640 ----a-w- c:\windows\system32\WLTRAY.EXE
2010-01-13 06:29:47 0 d-sh--w- c:\documents and settings\rickmaria\PrivacIE
2010-01-13 06:17:29 0 ----a-w- c:\windows\system32\wsbl.dat
2010-01-13 06:17:29 0 ----a-w- c:\windows\system32\ph_white.dat
2010-01-13 06:17:29 0 ----a-w- c:\windows\system32\ph_summ.dat
2010-01-13 06:17:29 0 ----a-w- c:\windows\system32\ph_spoof.sig
2010-01-13 06:17:29 0 ----a-w- c:\windows\system32\ph_sign.slf
2010-01-13 06:17:29 0 ----a-w- c:\windows\system32\ph_fuzzy.sig
2010-01-13 06:17:29 0 ----a-w- c:\windows\system32\ph_black.dat
2010-01-13 06:17:29 0 ----a-w- c:\windows\system32\pcwords2.dat
2010-01-13 06:17:29 0 ----a-w- c:\windows\system32\pcwords.dat
2010-01-13 06:17:29 0 ----a-w- c:\windows\system32\pc_sign.slf
2010-01-13 06:17:29 0 ----a-w- c:\windows\system32\ab_sbl.sig
2010-01-13 05:51:42 0 d-----w- C:\Binaries
2010-01-13 05:42:28 0 d-sh--w- c:\documents and settings\rickmaria\IETldCache
2010-01-13 05:26:06 235229 ----a-w- C:\BdUninstallTool2010.01.12-11.26.05.reg
2010-01-13 04:50:30 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2010-01-13 04:50:29 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll
2010-01-13 04:50:29 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-01-13 04:50:28 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-13 04:50:28 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll
2010-01-13 04:50:28 11069952 ------w- c:\windows\system32\dllcache\ieframe.dll
2010-01-13 04:50:15 0 d-----w- c:\windows\ie8updates
2010-01-13 04:49:54 92160 ------w- c:\windows\system32\dllcache\iecompat.dll
2010-01-13 04:46:04 0 dc-h--w- c:\windows\ie8
2010-01-13 04:29:15 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-01-13 04:29:15 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-01-13 04:20:15 0 d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-01-13 04:13:24 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-01-13 04:13:24 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-01-13 03:32:54 0 d-----w- c:\windows\system32\scripting
2010-01-13 03:32:53 0 d-----w- c:\windows\l2schemas
2010-01-13 03:32:52 0 d-----w- c:\windows\system32\en
2010-01-13 03:32:52 0 d-----w- c:\windows\system32\bits
2010-01-13 03:25:53 0 d-----w- c:\windows\network diagnostic
2010-01-13 03:17:57 0 d-----w- c:\windows\EHome
2010-01-13 03:04:33 4 ----a-w- c:\windows\system32\aspdict-en.dat
2010-01-13 03:04:33 16 ----a-w- c:\windows\system32\asdict.dat
2010-01-13 03:04:33 0 ----a-w- c:\windows\system32\ab_bl.sig
2010-01-13 02:59:05 121 ----a-w- c:\windows\bdagent.INI
2010-01-13 00:10:35 0 ----a-w- c:\windows\system32\19169.exe
2010-01-12 23:07:43 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-01-12 23:07:43 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-12 23:07:41 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2010-01-12 21:06:22 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2010-01-12 21:02:16 0 ----a-w- C:\pcwords2.dat
2010-01-12 21:02:16 0 ----a-w- C:\pcwords.dat
2010-01-12 21:02:16 0 ----a-w- C:\pcconf.ini
2010-01-12 21:02:16 0 ----a-w- C:\pc_sign.slf
2010-01-12 21:01:35 0 ----a-w- c:\windows\system32\26500.exe
2010-01-12 20:41:35 0 ----a-w- c:\windows\system32\6334.exe
2010-01-12 20:21:35 0 ----a-w- c:\windows\system32\18467.exe
2010-01-12 19:57:04 0 d-----w- c:\program files\BitDefender
2010-01-11 18:54:49 0 d-----w- c:\docume~1\rickma~1\applic~1\Malwarebytes
2010-01-11 18:54:42 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-11 18:54:42 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
==================== Find3M ====================
2009-10-29 07:45:38 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:45:38 916480 ------w- c:\windows\system32\dllcache\wininet.dll
2009-10-29 07:45:37 5940736 ------w- c:\windows\system32\dllcache\mshtml.dll
2009-10-29 07:45:37 206848 ------w- c:\windows\system32\dllcache\occache.dll
2009-10-29 07:45:37 1208832 ------w- c:\windows\system32\dllcache\urlmon.dll
2009-10-29 07:45:35 25600 ------w- c:\windows\system32\dllcache\jsproxy.dll
2009-10-29 07:45:34 184320 ------w- c:\windows\system32\dllcache\iepeers.dll
2009-10-29 07:45:32 387584 ------w- c:\windows\system32\dllcache\iedkcs32.dll
2009-10-29 05:38:22 1509888 ------w- c:\windows\system32\dllcache\shdocvw.dll
2009-10-28 14:40:47 173056 ------w- c:\windows\system32\dllcache\ie4uinit.exe
2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38:36 75776 ------w- c:\windows\system32\dllcache\strmfilt.dll
2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-21 05:38:36 25088 ------w- c:\windows\system32\dllcache\httpapi.dll
2009-10-20 16:20:16 265728 ------w- c:\windows\system32\dllcache\http.sys
2009-09-04 16:40:55 103200 ----a-w- c:\program files\IN
============= FINISH: 12:15:08.32 ===============