.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 7.0.5730.11
Run by Dan at 1:36:08 on 2012-01-26
AV: ZoneAlarm Extreme Security Antivirus *Enabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
FW: ZoneAlarm Extreme Security Firewall *Enabled*
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mSearch Page = hxxp://www.google.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\spybot~1\SDHelper.dll
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
TB: {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No File
TB: BringMeSports: {cc53bd19-7b23-43b0-ab7c-0e06c708cced} -
TB: {91DA5E8A-3318-4F8C-B67E-5964DE3AB546} - No File
uRun: [SpybotSD TeaTimer] c:\spybot - search & destroy\TeaTimer.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [ISW] c:\program files\checkpoint\zaforcefield\ForceField.exe /icon="hidden"
mRun: [ZoneAlarm] c:\program files\checkpoint\zonealarm\zatray.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\dan\startm~1\programs\startup\canoni~1.lnk - c:\windows\system32\rundll32.exe
uPolicies-explorer: RestrictRun = 0 (0x0)
uPolicies-system: NoSecCPL = 0 (0x0)
uPolicies-system: NoDispAppearancePage = 0 (0x0)
uPolicies-system: NoDispSettingsPage = 0 (0x0)
uPolicies-system: NoDevMgrPage = 0 (0x0)
uPolicies-system: NoConfigPage = 0 (0x0)
uPolicies-system: NoVirtMemPage = 0 (0x0)
uPolicies-system: NoFileSysPage = 0 (0x0)
uPolicies-system: NoNetSetup = 0 (0x0)
uPolicies-system: NoNetSetupIDPage = 0 (0x0)
uPolicies-system: NoNetSetupSecurityPage = 0 (0x0)
uPolicies-system: NoWorkgroupContents = 0 (0x0)
uPolicies-system: NoEntireNetwork = 0 (0x0)
uPolicies-system: NoFileSharingControl = 0 (0x0)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{B5BBF516-DAC8-49AF-9072-BE661DCAEDDA} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{D3ED0C28-E21D-4495-BD8A-693A3E76478D} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll
Hosts: 127.0.0.1 http://www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\dan\application data\mozilla\firefox\profiles\mr3zb5oi.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\dan\application data\mozilla\firefox\profiles\mr3zb5oi.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko10.dll
FF - component: c:\documents and settings\dan\application data\mozilla\firefox\profiles\mr3zb5oi.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\dan\application data\mozilla\firefox\profiles\mr3zb5oi.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko5.dll
FF - component: c:\documents and settings\dan\application data\mozilla\firefox\profiles\mr3zb5oi.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko6.dll
FF - component: c:\documents and settings\dan\application data\mozilla\firefox\profiles\mr3zb5oi.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko7.dll
FF - component: c:\documents and settings\dan\application data\mozilla\firefox\profiles\mr3zb5oi.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko8.dll
FF - component: c:\documents and settings\dan\application data\mozilla\firefox\profiles\mr3zb5oi.default\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}\components\RadioWMPCoreGecko9.dll
FF - component: c:\documents and settings\dan\application data\mozilla\firefox\profiles\mr3zb5oi.default\extensions\support@lastpass.com\platform\winnt_x86-msvc\components\lpxpcom.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Multiple Tab Handler: multipletab@piro.sakura.ne.jp - %profile%\extensions\multipletab@piro.sakura.ne.jp
FF - Ext: TinEye Reverse Image Search: tineye@ideeinc.com - %profile%\extensions\tineye@ideeinc.com
FF - Ext: ZoneAlarm Security Community Toolbar: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - %profile%\extensions\{91da5e8a-3318-4f8c-b67e-5964de3ab546}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Malware Search: {27c60876-b5c9-4335-b4f3-52b26782220c} - %profile%\extensions\{27c60876-b5c9-4335-b4f3-52b26782220c}
FF - Ext: InvisibleHand: canitbecheaper@trafficbroker.co.uk - %profile%\extensions\canitbecheaper@trafficbroker.co.uk
FF - Ext: LastPass: support@lastpass.com - %profile%\extensions\support@lastpass.com
.
============= SERVICES / DRIVERS ===============
.
.
=============== File Associations ===============
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2012-01-26 01:21:06 -------- d-----w- c:\documents and settings\dan\application data\SUPERAntiSpyware.com
2012-01-26 01:20:09 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-26 01:20:09 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2012-01-26 01:11:14 14266192 ----a-w- c:\program files\SUPERAntiSpyware.exe
2012-01-25 23:34:14 607260 ------r- c:\program files\dds.scr
2012-01-25 22:49:25 331805736 ----a-w- C:\WindowsXP-KB936929-SP3-x86-ENU.exe
2012-01-24 08:46:35 -------- d-----w- c:\program files\SonicWallES
2012-01-24 07:41:00 -------- d-----w- c:\windows\system32\DisabledCPL
2012-01-24 06:25:10 11264 ----a-w- c:\windows\system32\drivers\uze1oti4.sys
2012-01-23 03:58:58 -------- d-----w- c:\documents and settings\dan\application data\Malwarebytes
2012-01-23 03:58:43 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-01-23 03:58:41 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-23 03:58:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-20 06:26:09 10134560 ----a-w- c:\program files\common files\lpuninstall.exe
2012-01-20 06:25:48 -------- d-----w- c:\program files\LastPass
2012-01-19 06:58:27 -------- d-----w- c:\program files\File Viewer
2012-01-16 22:57:39 -------- d-----w- c:\documents and settings\dan\local settings\application data\Solid State Networks
2012-01-16 18:27:54 -------- d-----w- c:\documents and settings\dan\local settings\application data\LastPass
2012-01-16 14:06:20 -------- d-----w- c:\program files\VideoLAN
2012-01-16 13:03:32 -------- d-----w- c:\documents and settings\dan\dwhelper
2012-01-16 08:46:05 -------- d-----w- C:\Driver downloads
2012-01-08 03:50:42 -------- d-----w- c:\program files\silverlight
2012-01-07 00:24:15 -------- d-----w- c:\documents and settings\dan\application data\OpenWith.org Downloaded Setups
2012-01-07 00:19:11 -------- d-----w- C:\bb
2012-01-03 13:10:44 182672 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2012-01-03 13:10:44 182672 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2011-12-31 03:50:55 -------- d--h--w- c:\documents and settings\all users\application data\CanonIJScan
.
==================== Find3M ====================
.
2012-01-25 23:07:17 617472 ----a-w- c:\windows\system32\comctl32.dll
2012-01-22 22:03:37 88 --sh--r- c:\windows\system32\D7A0CF68A8.sys
2012-01-22 22:03:37 4184 --sha-w- c:\windows\system32\KGyGaAvL.sys
2012-01-16 13:36:16 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-15 03:13:02 32608 ----a-w- c:\windows\king-uninstall.exe
2011-12-13 20:52:14 7253080 ----a-w- c:\program files\registrybooster.exe
2011-12-09 23:58:49 16409960 ----a-w- C:\spybotsd162.exe
2011-12-09 22:00:38 6013072 ----a-w- c:\program files\ExterminateItSetup.exe
2011-11-07 08:26:14 939368 ----a-w- c:\windows\system32\flash.ocx
2010-08-05 21:25:44 152190976 ----a-w- c:\program files\ZASPSetup_93_014_000_en.exe
2010-07-13 19:31:37 145181184 ----a-w- c:\program files\ZASPSetup_91_603_000_en.exe
2010-01-27 00:34:54 1236816 ----a-w- c:\program files\Setup.exe
2010-01-14 00:56:18 912089 ----a-w- c:\program files\unitconversion.exe
2009-12-27 00:12:39 3820454 ----a-w- c:\program files\ZoneAlarm Security.lnk.exe
2009-10-12 01:31:36 186880 ----a-w- c:\program files\LSPFix.exe
2009-09-26 01:55:41 8951576 ----a-w- c:\program files\is360setup.exe
2009-09-23 02:25:56 1296288 ----a-w- c:\program files\DMSetup-Serial.exe
2009-08-28 15:16:16 902656 ----a-w- c:\program files\Indihiang-x86.v0.2.1.msi
2009-08-28 15:15:45 912896 ----a-w- c:\program files\Indihiang-x64.v0.2.1.msi
2009-08-28 11:49:26 299288 ----a-w- c:\program files\GmailInstaller.exe
2000-09-01 00:39:48 1179695 ----a-w- c:\program files\MapSend.exe
2000-08-31 23:14:04 5472 ----a-w- c:\program files\lbltxt.fon
1998-10-27 11:08:04 317952 ----a-w- c:\program files\ROBOEX32.dll
Here is the attach text
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
===========================