Ok done, here are the logs
DDS (Ver_09-12-01.01) - NTFSx86
Run by Seth_2 at 12:02:44.04 on Sat 12/05/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.526 [GMT -6:00]
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Dell AIO Printer A920\dlbkbmon.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Documents and Settings\Seth_2\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = about:blank
uInternet Connection Wizard,ShellNext =
hxxp://www.octoshape.com/play.asp?varia ... RD&lang=enuInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [ICQ] "c:\program files\icq6\ICQ.exe" silent
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
uRun: [AIM] c:\program files\aim\aim.exe -cnetwait.odl
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide
mRun: [Dell AIO Printer A920] "c:\program files\dell aio printer a920\dlbkbmgr.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [SearchSettings] c:\program files\search settings\SearchSettings.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
hxxp://fpdownload.macromedia.com/get/fl ... wflash.cabNotify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\seth_2\applic~1\mozilla\firefox\profiles\7fwv5dho.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.com/firefox?client=fi ... S:officialFF - plugin: c:\documents and settings\all users\application data\id software\quakelive\npquakezero.dll
FF - plugin: c:\program files\byond\bin\npbyond.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbyond.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
============= SERVICES / DRIVERS ===============
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 142832]
S3 scskusbf;USB SCSK Filter Driver Service;c:\windows\system32\drivers\scskusbf.sys [2008-6-3 19504]
S3 scskusbs;USB SCSK Driver Service;c:\windows\system32\drivers\scskusbs.sys [2008-6-3 83160]
=============== Created Last 30 ================
2009-11-27 18:46:45 0 d-----w- c:\program files\World of Warcraft
2009-11-26 23:37:54 0 d-----w- c:\program files\Trend Micro
2009-11-25 21:02:34 0 d-----w- c:\docume~1\seth_2\applic~1\Malwarebytes
2009-11-25 21:02:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-25 21:02:26 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-11-25 21:02:25 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-25 21:02:25 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-24 04:09:01 32 ----a-r- c:\documents and settings\all users\hash.dat
2009-11-23 21:04:58 242 ----a-w- c:\windows\dellstat.ini
2009-11-23 21:03:42 201216 ----a-w- c:\windows\system32\LEXP2P32.DLL
2009-11-23 21:03:41 73728 ----a-w- c:\windows\system32\dlbkpwr.dll
2009-11-23 21:03:41 40960 ----a-w- c:\windows\system32\dlbkvs.dll
2009-11-23 21:03:41 303104 ----a-w- c:\windows\system32\LEXBCES.EXE
2009-11-23 21:03:41 196096 ----a-w- c:\windows\system32\LEX2KUSB.DLL
2009-11-23 21:03:41 147456 ----a-w- c:\windows\system32\LEXBCE.DLL
2009-11-23 21:03:40 286720 ----a-w- c:\windows\system32\dlbkcomm.dll
2009-11-23 21:03:40 192512 ----a-w- c:\windows\system32\lexlmpm.dll
2009-11-23 21:03:15 0 d-----w- c:\program files\Dell AIO Printer A920
2009-11-23 21:03:05 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2009-11-23 21:03:05 87040 ----a-w- c:\windows\system32\wiafbdrv.dll
2009-11-23 21:02:56 69632 ----a-w- c:\windows\system32\dlbkscin.dll
2009-11-23 21:02:56 57344 ----a-w- c:\windows\system32\dlbkcinf.dll
2009-11-23 21:02:56 49152 ----a-w- c:\windows\system32\dlbkcoin.dll
2009-11-23 21:02:56 255 ----a-w- c:\windows\system32\dlbkcoin.ini
2009-11-23 21:02:55 0 d-----w- c:\program files\Dell A920
2009-11-23 21:02:37 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-11-23 21:02:37 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-11-20 04:28:03 0 ----a-r- C:\logwmemory.bin
2009-11-20 04:25:03 0 d-----w- C:\Soldat
2009-11-20 04:25:03 0 d-----w- c:\docume~1\seth_2\applic~1\Soldat
2009-11-16 23:54:09 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-11-16 23:50:40 0 d-----w- c:\program files\Microsoft Security Essentials
2009-11-12 04:32:48 0 d-----w- c:\docume~1\seth_2\applic~1\LucasArts
2009-11-06 21:25:46 0 d-----w- c:\program files\iPod
==================== Find3M ====================
2009-10-31 02:39:22 21840 ----atw- c:\windows\system32\SIntfNT.dll
2009-10-31 02:39:21 17212 -c--atw- c:\windows\system32\SIntf32.dll
2009-10-31 02:39:21 12067 -c--atw- c:\windows\system32\SIntf16.dll
2009-10-28 03:19:42 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-10-11 10:17:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-20 16:14:06 189784 -c--a-w- c:\windows\system32\PnkBstrB.exe
2009-09-19 22:58:21 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-09-19 22:58:21 2373712 ----a-w- c:\windows\system32\pbsvc.exe
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2008-08-21 10:17:08 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008082120080822\index.dat
============= FINISH: 12:03:07.26 ===============
****
Here is the 2nd DDS log****
DDS (Ver_09-12-01.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 3/19/2007 5:50:09 PM
System Uptime: 12/2/2009 8:21:24 PM (64 hours ago)
Motherboard: Dell Computer Corp. | | 0F5949
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | Microprocessor | 2791/533mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 37 GiB total, 2.92 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP909: 11/11/2009 10:40:11 PM - Removed Tropico 2: Pirate Cove
RP910: 11/11/2009 10:55:53 PM - Installed Fable - The Lost Chapters
RP911: 11/13/2009 12:35:54 AM - System Checkpoint
RP912: 11/14/2009 12:41:31 AM - System Checkpoint
RP913: 11/15/2009 1:07:42 AM - System Checkpoint
RP914: 11/16/2009 2:59:15 AM - System Checkpoint
RP915: 11/16/2009 5:54:03 PM - Software Distribution Service 3.0
RP916: 11/17/2009 5:57:38 PM - Software Distribution Service 3.0
RP917: 11/18/2009 5:57:15 PM - Software Distribution Service 3.0
RP918: 11/19/2009 7:02:48 PM - Software Distribution Service 3.0
RP919: 11/20/2009 7:02:38 PM - Software Distribution Service 3.0
RP920: 11/21/2009 7:02:40 PM - Software Distribution Service 3.0
RP921: 11/22/2009 1:34:21 AM - Software Distribution Service 3.0
RP922: 11/22/2009 7:03:31 PM - Software Distribution Service 3.0
RP923: 11/23/2009 2:46:54 PM - Installed Adobe Reader 9.2.
RP924: 11/23/2009 3:35:23 PM - Microsoft Antimalware Checkpoint
RP925: 11/24/2009 4:35:32 AM - Software Distribution Service 3.0
RP926: 11/24/2009 7:08:38 PM - Software Distribution Service 3.0
RP927: 11/25/2009 2:55:56 PM - Software Distribution Service 3.0
RP928: 11/25/2009 3:08:20 PM - Microsoft Antimalware Checkpoint
RP929: 11/26/2009 3:46:49 PM - System Checkpoint
RP930: 11/27/2009 5:20:59 PM - Software Distribution Service 3.0
RP931: 11/30/2009 12:07:11 PM - Software Distribution Service 3.0
RP932: 12/1/2009 4:30:14 PM - System Checkpoint
RP933: 12/2/2009 3:18:02 AM - Software Distribution Service 3.0
RP934: 12/3/2009 5:23:21 AM - System Checkpoint
RP935: 12/3/2009 8:28:38 PM - Software Distribution Service 3.0
RP936: 12/4/2009 8:28:12 PM - Software Distribution Service 3.0
==== Installed Programs ======================
7-Zip 4.65
AAC Decoder
AC3Filter (remove only)
Acrobat.com
Ad-Aware SE Personal
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Reader 9.2
Adobe Shockwave Player 11
Age of Chivalry
Age of Empires III
Age of Empires III - The Asian Dynasties
Age of Empires III - The WarChiefs
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 1.2.6
AutoHotkey 1.0.48.03
AutoUpdate
Battlefield 2(TM)
Bonjour
Broadcom 440x 10/100 Integrated Controller
Broadcom Management Programs
Build Your Own Net Dream (remove only)
Command & Conquer™ Red Alert™ 3
Conexant D850 56K V.9x DFVc Modem
Counter-Strike: Source
Critical Update for Windows Media Player 11 (KB959772)
DAEMON Tools Toolbar
Dealio Toolbar v4.0.1
Dell AIO Printer A920
Dell ResourceCD
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Version Checker
DivX Web Player
EverQuest Titanium
Fable - The Lost Chapters
Fallout 3
Fallout2
Free Mp3 Wma Converter V 1.8.0
GTA San Andreas
H.264 Decoder
HeavensLair
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Intel(R) Extreme Graphics Driver
iTunes
Java(TM) 6 Update 17
Malwarebytes' Anti-Malware
MechWarrior 4 Mercenaries
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Halo
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Security Essentials
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft XNA Framework Redistributable 3.0
mIRC
MKV Splitter
MobileMe Control Panel
Morrowind
Mozilla Firefox (3.5.5)
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NVIDIA Drivers
Paint.NET v3.36
PowerDVD 5.1
Project Reality 0860 Core
Project Reality 0860 Levels
Project Reality 0860 Patch
PunkBuster Services
Puzzle Pirates
Quake Live Mozilla Plugin
QuickTime
Recuva (remove only)
Safari
Search Settings 1.2.2
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
SimCity 3000
SimpleMU MUD Client
Soldat 1.5.0
SoundMAX
SpaceMonger 2.1.1
Starcraft
Steam
Stronghold Crusader Extreme
System Requirements Lab
Tasker version 3.13
TES Construction Set
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.762
Ventrilo Client
Vuze
WebFldrs XP
WhiteCap
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
World of Warcraft
Wow Web Stats Client v3.0
Xfire (remove only)
==== Event Viewer Messages From Past Week ========
12/5/2009 12:00:44 PM, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.
11/29/2009 12:40:46 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
11/29/2009 12:37:25 PM, error: Service Control Manager [7001] - The Print Spooler service depends on the LexBce Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
==== End Of File ===========================
GMER 1.0.15.15252 - http://www.gmer.net
Rootkit scan 2009-12-05 13:02:55
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Seth_2\LOCALS~1\Temp\ufqiafoc.sys---- System - GMER 1.0.15 ----
SSDT spka.sys ZwCreateKey [0xF74C40E0]
SSDT spka.sys ZwEnumerateKey [0xF74E2CA4]
SSDT spka.sys ZwEnumerateValueKey [0xF74E3032]
SSDT spka.sys ZwOpenKey [0xF74C40C0]
SSDT spka.sys ZwQueryKey [0xF74E310A]
SSDT spka.sys ZwQueryValueKey [0xF74E2F8A]
SSDT spka.sys ZwSetValueKey [0xF74E319C]
INT 0x62 ? 86F6EBF8
INT 0x63 ? 86FDABF8
INT 0x82 ? 86F6EBF8
INT 0x83 ? 86FDABF8
INT 0xA4 ? 86FDABF8
INT 0xB4 ? 86FDABF8
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 86FD91F8
Device \Driver\PCI_PNP9276 \Device\00000043 spka.sys
Device \Driver\PCI_PNP9276 \Device\00000043 spka.sys
Device \Driver\usbuhci \Device\USBPDO-0 86E24500
Device \Driver\usbuhci \Device\USBPDO-1 86E24500
Device \Driver\NetBT \Device\NetBT_Tcpip_{B53903B6-6A02-47CE-9F04-F3F9E36D8575} 86D411F8
Device \Driver\usbuhci \Device\USBPDO-2 86E24500
Device \Driver\usbehci \Device\USBPDO-3 86E19500
Device \Driver\Ftdisk \Device\HarddiskVolume1 86FDB1F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 86FDB1F8
Device \Driver\Cdrom \Device\CdRom0 86D9C1F8
Device \Driver\Cdrom \Device\CdRom1 86D9C1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F743EB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F743EB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F743EB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F743EB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\Cdrom \Device\CdRom2 86D9C1F8
Device \Driver\sptd \Device\1375571776 spka.sys
Device \Driver\NetBT \Device\NetBt_Wins_Export 86D411F8
Device \Driver\NetBT \Device\NetbiosSmb 86D411F8
Device \Driver\usbuhci \Device\USBFDO-0 86E24500
Device \Driver\usbuhci \Device\USBFDO-1 86E24500
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 86BFA500
Device \Driver\usbuhci \Device\USBFDO-2 86E24500
Device \FileSystem\MRxSmb \Device\LanmanRedirector 86BFA500
Device \Driver\usbehci \Device\USBFDO-3 86E19500
Device \Driver\Ftdisk \Device\FtControl 86FDB1F8
Device \Driver\a2ndwu4a \Device\Scsi\a2ndwu4a1Port2Path0Target1Lun0 86D8D500
Device \Driver\a2ndwu4a \Device\Scsi\a2ndwu4a1 86D8D500
Device \Driver\a2ndwu4a \Device\Scsi\a2ndwu4a1Port2Path0Target0Lun0 86D8D500
Device \FileSystem\Fastfat \Fat 8669A500
Device \FileSystem\Fastfat \Fat 8D429297
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs 86968500
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x07 0xD6 0x93 0x3E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x4A 0x71 0xB4 0xF0 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xF3 0x93 0x61 0x2F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x02 0xC6 0x57 0x0D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x07 0xD6 0x93 0x3E ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x4A 0x71 0xB4 0xF0 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xF3 0x93 0x61 0x2F ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x02 0xC6 0x57 0x0D ...
---- EOF - GMER 1.0.15 ----