As requested...
DDS (Ver_09-02-01.01) - NTFSx86
Run by HP_Owner at 18:15:31.31 on Mon 03/09/2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1527.611 [GMT -5:00]
FW: Sygate Security Agent *enabled*
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\mcshield.exe
C:\Program Files\Network Associates\VirusScan\vstskmgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Sygate\SSA\smc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
"C:\WINDOWS\system32\svchost.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\tbmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Brownie\BrstsWnd.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Brownie\Brnipmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Owner\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page =
hxxp://my.yahoo.com/uSearch Page =
hxxp://www.google.comuSearch Bar =
hxxp://www.google.com/ieuSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyServer = http=localhost:7171
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant =
hxxp://www.google.com/ieuSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
mSearchAssistant =
hxxp://www.google.com/ieBHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: HP view: {b2847e28-5d7d-4deb-8b67-05d28bcf79f5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [dll] rundll32 dll32,sm
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
mRun: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe
mRun: [HPHmon06] c:\windows\system32\hphmon06.exe
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [PS2] c:\windows\system32\ps2.exe
mRun: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe
mRun: [REGSHAVE] c:\program files\regshave\REGSHAVE.EXE /AUTORUN
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [ShStatEXE] "c:\program files\network associates\virusscan\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\UpdaterUI.exe" /StartedFromRunKey
mRun: [Network Associates Error Reporting Service] "c:\program files\common files\network associates\talkback\tbmon.exe"
mRun: [SmcService] c:\progra~1\sygate\ssa\smc.exe -startgui
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [BrStsWnd] c:\program files\brownie\BrstsWnd.exe Autorun
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
IE: Add To HP Organize... - c:\progra~1\hewlet~1\hporga~1\bin/module.main/favorites\ie_add_to.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: ameritrade.com
Trusted Zone: aol.com
Trusted Zone: auntiesbeads.com
Trusted Zone: autotrader.com
Trusted Zone: avon.com
Trusted Zone: bankofamerica.com
Trusted Zone: bellsouth.com
Trusted Zone: bellsouth.net
Trusted Zone: bodybuilding.com
Trusted Zone: cabelas.com
Trusted Zone: cingular.com
Trusted Zone: colsoc.com\www
Trusted Zone: craigslist.org
Trusted Zone: cunamutual.com
Trusted Zone: directv.com
Trusted Zone: ebay.com
Trusted Zone: fedex.com
Trusted Zone: gatelco.org
Trusted Zone: microsoft.com
Trusted Zone: midwayusa.com
Trusted Zone: ml.com
Trusted Zone: paypal.com
Trusted Zone: samsclub.com
Trusted Zone: turbotax.com
Trusted Zone: unionplanters.com
Trusted Zone: usps.com
Trusted Zone: vanguard.com
Trusted Zone: walmart.com
Trusted Zone: wildlifelicense.com
Trusted Zone: yahoo.com
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} -
hxxp://office.microsoft.com/templates/ieawsdc.cabDPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} -
hxxp://download.microsoft.com/download/ ... ontrol.cabDPF: {17492023-C23A-453E-A040-C7C580BBF700} -
hxxp://download.microsoft.com/download/ ... ontrol.cabDPF: {233C1507-6A77-46A4-9443-F871F945D258} -
hxxp://download.macromedia.com/pub/shoc ... tor/sw.cabDPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} -
hxxp://mediaplayer.walmart.com/installer/install.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
hxxp://fpdownload.macromedia.com/get/fl ... rashim.cabDPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} -
hxxp://web1.shutterfly.com/downloads/Uploader.cabDPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} -
hxxp://a532.g.akamai.net/f/532/6712/5m/ ... taller.exeHandler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {FA010552-4A27-4cb1-A1BB-3E2D697F1639} - No File
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
============= SERVICES / DRIVERS ===============
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-3-5 130424]
R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [2005-8-29 58464]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\network associates\common framework\FrameworkService.exe [2005-8-29 102463]
R2 McShield;Network Associates McShield;c:\program files\network associates\virusscan\mcshield.exe [2005-8-22 221191]
R2 McTaskManager;Network Associates Task Manager;c:\program files\network associates\virusscan\vstskmgr.exe [2005-8-22 29184]
R3 NaiAvFilter1;NaiAvFilter1;c:\windows\system32\drivers\naiavf5x.sys [2005-8-29 114624]
S3 JL2005C;Dual Mode Camera;c:\windows\system32\drivers\jl2005c.sys [2007-1-26 68954]
S3 magaService;Lan Discover Agent;c:\program files\sygate\ssa\maga\Maga.exe [2005-6-6 323658]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-3-5 348752]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-3-5 1095560]
S4 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2005-7-21 189792]
=============== Created Last 30 ================
2009-03-06 21:43 <DIR> --d----- c:\docume~1\hp_owner\applic~1\Malwarebytes
2009-03-06 21:43 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-03-06 21:43 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-06 21:43 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-03-06 21:43 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-03-06 20:14 12,800 a------- c:\windows\system32\dll32.dll
2009-03-05 21:39 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-03-05 21:38 130,424 a------- c:\windows\system32\drivers\PCTCore.sys
2009-03-05 21:38 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys
2009-03-05 21:38 64,392 a------- c:\windows\system32\drivers\pctplsg.sys
2009-03-05 21:38 <DIR> --d----- c:\program files\common files\PC Tools
2009-03-05 21:38 <DIR> --d----- c:\program files\Spyware Doctor
2009-03-05 21:38 <DIR> --d----- c:\docume~1\hp_owner\applic~1\PC Tools
2009-03-05 21:38 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2009-03-04 07:36 1 ----h--- c:\windows\t55ft3223f44.dat
2009-03-04 07:36 1 ----h--- c:\windows\t55ft3518f44.dat
2009-03-03 07:58 <DIR> --d----- c:\program files\websrvx
2009-03-03 07:58 1 a------- c:\windows\9gdfgjf23
2009-03-03 07:58 1 ----h--- c:\windows\t55ft3949f44.dat
2009-03-03 07:58 1 ----h--- c:\windows\t55ft4244f44.dat
2009-03-01 10:52 0 a------- c:\windows\system32\nfr.gpref
2009-03-01 10:52 0 a------- c:\windows\system32\nfr.assembly
2009-02-28 00:12 26,112 a------- c:\windows\system32\stu2.exe
2009-02-23 21:03 <DIR> --d--r-- c:\docume~1\hp_owner\applic~1\Brother
2009-02-23 20:57 146 a------- c:\windows\BRVIDEO.INI
2009-02-23 20:57 0 a------- c:\windows\brmx2001.ini
2009-02-23 20:57 426 a------- c:\windows\BRWMARK.INI
2009-02-23 20:57 77,824 -------- c:\windows\system32\brlmw03a.dll
2009-02-23 20:57 114 -------- c:\windows\system32\brlmw03a.ini
2009-02-23 20:57 9,853 a------- c:\windows\HL-2170W.INI
2009-02-23 20:57 34 a------- c:\windows\system32\BD2170W.DAT
2009-02-23 20:57 <DIR> --d----- c:\program files\Brownie
2009-02-23 20:56 176,128 a------- c:\windows\system32\BROSNMP.DLL
2009-02-23 20:56 94,208 a------- c:\windows\system32\BRRBTOOL.EXE
2009-02-23 20:56 24,223 a------- c:\windows\system32\BRLM03A.DLL
2009-02-23 20:56 <DIR> --d----- c:\program files\Brother
2009-02-23 20:56 192,512 -------- c:\windows\system32\Pdrvinst.dll
2009-02-23 20:56 331 a------- c:\windows\Brownie.ini
2009-02-23 20:46 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Brother
==================== Find3M ====================
2009-02-28 00:12 8,704 a------- c:\windows\system32\userinit.exe
2009-01-16 22:35 3,594,752 a------- c:\windows\system32\dllcache\mshtml.dll
2009-01-02 22:55 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-01 21:57 47,056 a------- c:\docume~1\hp_owner\applic~1\GDIPFONTCACHEV1.DAT
2008-12-19 04:10 70,656 a------- c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 04:10 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 00:25 634,024 a------- c:\windows\system32\dllcache\iexplore.exe
2008-12-19 00:23 161,792 a------- c:\windows\system32\dllcache\ieakui.dll
2008-12-11 05:57 333,952 -------- c:\windows\system32\dllcache\srv.sys
2005-05-19 19:12 0 a------- c:\docume~1\hp_owner\applic~1\wklnhst.dat
2005-05-20 22:00 22 a--sh--- c:\windows\sminst\HPCD.sys
2008-07-17 07:05 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008071720080718\index.dat
============= FINISH: 18:16:54.96 ===============
You do not have the required permissions to view the files attached to this post.