.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Kimberly at 7:42:38 on 2012-02-10
.
============== Running Processes ===============
.
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Symantec\pcAnywhere\awhost32.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\TechSmith\Snagit 10\Snagit32.exe
C:\Program Files\TechSmith\Snagit 10\TSCHelp.exe
C:\Program Files\TechSmith\Snagit 10\SnagPriv.exe
C:\Program Files\TechSmith\Snagit 10\snagiteditor.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Documents and Settings\Kimberly\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Documents and Settings\Kimberly\Local Settings\Application Data\Akamai\netsession_win.exe
\\Chartnet4\chartnet\bin\MTCLIENT.EXE
\\CHARTNET4\CHARTNET\BIN\mtvclient.exe
\\CHARTNET4\CHARTNET\BIN\mtplay.exe
C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE
C:\Program Files\GFI Software\VIPRE\sbamui.exe
C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
C:\Program Files\GFI Software\VIPRE\SBAMTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Eusing Free Registry Cleaner\Regcleaner.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Documents and Settings\Kimberly\Local Settings\Temporary Internet Files\Content.IE5\QJVCXLNG\dds[1].scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k Akamai
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page =
uSearch Bar =
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;
mSearchAssistant =
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 10\SnagitBHO.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No File
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - No File
TB: Snagit: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 10\SnagitIEAddin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Akamai NetSession Interface] "c:\documents and settings\kimberly\local settings\application data\akamai\netsession_win.exe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [BlackBerryAutoUpdate] c:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe /background
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [SBAMTray] "c:\program files\gfi software\vipre\SBAMTray.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
IE: &Search
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/produ ... wsdc32.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net ... plugin.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/200 ... oader5.cab
DPF: {254AA86E-5655-4518-AA87-185D7CC41801} - hxxps://secure.logmeinrescue.com/TechCo ... ontrol.cab
DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} - hxxps://remote.irmc.cc/vdesk/terminal/u ... ,1215,1100
DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} - hxxps://remote.irmc.cc/vdesk/terminal/f ... ,1215,1053
DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} - hxxps://remote.irmc.cc/vdesk/terminal/I ... ontrol.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupda ... 0426681406
DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/200 ... ader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {B8E73359-3422-4384-8D27-4EA1B4C01232} - hxxps://portal.brrh.com/+CSCOL+/cscopf.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://javadl-esd.sun.com/update/1.6.0/ ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} - hxxps://remote.irmc.cc/vdesk/terminal/u ... 0,617,2010
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {DD5E6739-FDD6-4542-8940-4A4B8AB5276E} - hxxps://1.1.0.20/NGVPNTunnel.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://aegisbpo.webex.com/client/T27LB ... eatgpc.cab
DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} - hxxps://remote.irmc.cc/vdesk/terminal/u ... 10,902,806
DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://connect2.msmc.com/dana-cached/s ... tupSP1.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/Juni ... Client.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/RACtrl.cab
DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} - hxxps://www.plaxo.com/activex/plx_upldr-2k-xp.cab
TCP: DhcpNameServer = 1.1.0.15 166.102.165.11
TCP: Interfaces\{75D7D7C2-F25C-4F9B-998B-836CB6BCC840} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{75D7D7C2-F25C-4F9B-998B-836CB6BCC840} : DhcpNameServer = 1.1.0.15 166.102.165.11
TCP: Interfaces\{D9C09EBF-AD58-46E1-A8D0-0FE2F82BD3C3} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{D9C09EBF-AD58-46E1-A8D0-0FE2F82BD3C3} : DhcpNameServer = 192.168.59.59
TCP: Interfaces\{EB2EDFF8-5223-4E3E-9993-F9FFC14EB297} : NameServer = 8.26.56.26,156.154.70.22
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: LMIinit - LMIinit.dll
Notify: PCANotify - PCANotify.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 10.108.38.38 mlvvrdps1
Hosts: 10.108.38.38 syngovoice1
Hosts: 10.108.38.39 syngovoice2
Hosts: 10.108.17.252 smsradap
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\kimberly\application data\mozilla\firefox\profiles\1qszyp4b.default\
FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=20100929142129187&tb_oid=30-09-2010&tb_mrud=30-09-2010
FF - prefs.js: browser.startup.homepage - hxxp://facebook.com/
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/red ... 010&query=
FF - component: c:\documents and settings\kimberly\application data\mozilla\firefox\profiles\1qszyp4b.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}\components\MailUtil.dll
FF - plugin: c:\documents and settings\kimberly\application data\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\documents and settings\kimberly\application data\move networks\plugins\npqmp071701000002.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R? cerc6;cerc6
R? CT20XUT;CT20XUT
R? CTEXFIFX;CTEXFIFX
R? CTHWIUT;CTHWIUT
R? f5ipfw;F5 Networks StoneWall Filter
R? gupdate;Google Update Service (gupdate)
R? gupdatem;Google Update Service (gupdatem)
R? ha20x22k;Creative 20X2 HAL Driver
R? LkWebLink;Inter-Tel Collaboration Remote Client
R? LMIRfsClientNP;LMIRfsClientNP
R? nosGetPlusHelper;getPlus(R) Helper 3004
R? NWUSBCDFIL;Novatel Wireless Installation CD
R? NWUSBModem_000;Novatel Wireless USB Modem Driver (vGEN)
R? NWUSBPort_000;Novatel Wireless USB Status Port Driver (vGEN)
R? NWUSBPort2_000;Novatel Wireless USB Status2 Port Driver (vGEN)
R? SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver
R? vsdatant;vsdatant
S? !SASCORE;SAS Core Service
S? Akamai;Akamai NetSession Interface
S? AW_HOST;AW_HOST
S? awhost32;pcAnywhere Host Service
S? awlegacy;awlegacy
S? ctxusbm;Citrix USB Monitor Driver
S? LMIGuardianSvc;LMIGuardianSvc
S? LMIInfo;LogMeIn Kernel Information Provider
S? LMIRfsDriver;LogMeIn Remote File System Driver
S? MBAMProtector;MBAMProtector
S? MBAMService;MBAMService
S? NEOFLTR_600_13911;Juniper Networks TDI Filter Driver (NEOFLTR_600_13911)
S? NGSSLDrv;VPN Tunnel NGSSLDrv Adapter
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
S? SBAMSvc;VIPRE Antivirus
S? sbaphd;sbaphd
S? sbapifs;sbapifs
S? SBPIMSvc;SB Recovery Service
S? SBRE;SBRE
S? SbTis;SbTis
S? urvpndrv;F5 Networks VPN Adapter
.
=============== Created Last 30 ================
.
2012-02-09 18:05:25 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll
2012-02-09 18:05:25 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll
2012-02-09 18:05:25 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll
2012-02-09 18:05:25 43992 ----a-w- c:\program files\mozilla firefox\mozutils.dll
2012-01-18 18:48:43 -------- d-----w- c:\documents and settings\kimberly\local settings\application data\Mikogo4
.
==================== Find3M ====================
.
2012-01-24 14:03:25 3140 --sha-w- c:\documents and settings\all users\application data\KGyGaAvL.sys
2011-12-19 17:46:15 87424 ----a-w- c:\windows\system32\LMIinit.dll
2011-12-19 17:46:15 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2011-12-19 17:46:15 52096 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
2011-12-19 17:46:15 30592 ----a-w- c:\windows\system32\LMIport.dll
2011-12-12 12:14:43 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
============= FINISH: 7:45:04.25 ===============