My DDS log
DDS (Ver_2011-06-12.02) - NTFSx86
Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 1.6.0_26
Run by NRR at 19:27:35 on 2011-06-18
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.1033.18.1790.604 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\MediaMonkey\MediaMonkey.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Program Files\Vidalia Bundle\Polipo\polipo.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\Java\jre6\bin\javaws.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Users\NRR\Desktop\utorrent.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.startsearcher.com
uDefault_Page_URL = hxxp://www.wildblue.net
mStart Page = hxxp://www.startsearcher.com
uInternet Settings,ProxyOverride = <local>
BHO: {0418eb24-4c9c-4408-aae0-23dc2e62d32a} - c:\windows\system32\atiadlxx32.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: eccf549a: {f15f0505-5148-cf7e-43e2-86c57744a3e1} - c:\programdata\atiadlxx32.dll
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [uTorrent] "c:\users\nrr\desktop\utorrent.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-system: EnableLUA = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\nrr\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: Open Picture in &Microsoft PhotoDraw - c:\progra~1\micros~2\office\1033\phdintl.dll/phdContext.htm
IE: {c95fe080-8f5d-11d2-a20b-00aa003c157a}
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\windows\system32\wpclsp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 207.255.176.37 207.255.176.40
TCP: Interfaces\{000E002E-AE80-45E8-AEEB-B832C71318A5} : DhcpNameServer = 207.255.176.37 207.255.176.40
TCP: Interfaces\{4FFA6C33-9EEA-44B1-A546-B5494B354C6F} : DhcpNameServer = 207.255.176.37 207.255.176.40
TCP: Interfaces\{6B165B98-B02D-4DA5-8D8B-E48830A7A6C8} : DhcpNameServer = 207.255.176.37 207.255.176.40
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
AppInit_DLLs: c:\programdata\atiadlxx32.dll
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll
LSA: Authentication Packages = msv1_0 relog_ap
mASetup: {7070D8E0-650A-46b3-B03C-9497582E6A74} - %SystemRoot%\system32\soundschemes.exe /AddRegistration
mASetup: {B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24} - %SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\nrr\appdata\roaming\mozilla\firefox\profiles\praclgcg.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.startsearcher.com/?q=
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://google.com
FF - prefs.js: network.proxy.type - 0
FF - component: c:\users\nrr\appdata\roaming\mozilla\firefox\profiles\praclgcg.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\users\nrr\appdata\roaming\mozilla\firefox\profiles\praclgcg.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: XUL Cache: {b067eceb-aed6-4262-b10a-e4b4ab5ba386} - %profile%\extensions\{b067eceb-aed6-4262-b10a-e4b4ab5ba386}
FF - Ext: Torbutton: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca} - %profile%\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
FF - Ext: XUL Cache: {e75261c8-d951-42dc-96c8-aaff0c891eb6} - %profile%\extensions\{e75261c8-d951-42dc-96c8-aaff0c891eb6}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\programdata\mozilla\firefox extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 tclondrv;tclondrv;c:\windows\system32\drivers\tclondrv.sys [2009-4-3 20352]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-11 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-1-5 307928]
R1 xlkfs;xlkfs;c:\windows\system32\drivers\xlkfs.sys [2008-8-5 18048]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 176128]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-1-5 19544]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-1-5 53592]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-5 42184]
R2 SgtSch2Svc;Seagate Scheduler2 Service;c:\program files\common files\seagate\schedule2\schedul2.exe [2008-6-24 431384]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-10-27 6573568]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-10-27 229888]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-8-24 1056256]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 ehRecvr32;Windows Media Center Receiver Service ;c:\windows\system32\DDEML32.exe [2011-6-17 767488]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-10 135664]
S3 DrmRDriverV32;DrmRDriverV32;c:\windows\system32\drivers\DrmRDriverV32.sys [2009-4-3 23096]
S3 DrmRVideo32;DrmRVideo32;c:\windows\system32\drivers\DrmRVideo32.sys [2009-4-3 3768]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-3-10 135664]
S3 palmmdm;Palm Modem;c:\windows\system32\drivers\palmmdm.sys [2006-1-30 9728]
S3 TridDev;Trident Device;c:\windows\system32\drivers\Triddev.sys [2009-1-20 3584]
S3 TridVidx86;Trident TVMaster TM6000 Analog plus Digital Video Service x86;c:\windows\system32\drivers\TridVidx86.sys [2007-7-31 163456]
S3 U6000ALL;U6000 TV Box(ALL);c:\windows\system32\drivers\U6000ALL.sys [2009-1-20 219008]
S3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2006-11-2 987648]
S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2006-11-2 251904]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-06-18 20:52:57 -------- d-----w- c:\windows\pss
2011-06-18 01:56:42 -------- d-----w- c:\program files\CCleaner
2011-06-18 00:02:34 6962000 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{5307c1ef-15e8-4ea9-9e9d-c0bd566e0e1c}\mpengine.dll
2011-06-17 23:39:26 767488 ----a-w- c:\programdata\DDACLSys32.exe
2011-06-17 23:38:39 767488 ----a-w- c:\windows\system32\DDEML32.exe
2011-06-17 23:38:31 767488 ----a-w- c:\users\nrr\0.9630211392560374.exe
2011-06-17 00:12:51 -------- d-----w- c:\users\nrr\appdata\roaming\Bitcoin
2011-06-17 00:12:42 -------- d-----w- c:\program files\Bitcoin
2011-06-16 23:12:36 -------- d-----w- c:\users\nrr\appdata\roaming\Tor
2011-06-16 23:12:26 -------- d-----w- c:\program files\Vidalia Bundle
2011-06-16 18:45:20 738816 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-16 18:45:10 758784 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2011-06-16 18:45:07 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-16 18:45:05 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-16 18:45:05 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-12 15:57:10 0 ---ha-w- c:\windows\system32\ybzyiqslap.tmp
2011-06-12 15:56:59 177664 ----a-w- c:\programdata\atiadlxx32.dll
2011-06-12 15:56:55 368128 ----a-w- c:\windows\system32\atiadlxx32.dll
2011-06-11 21:59:34 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-06-11 20:24:05 0 ---ha-w- c:\users\nrr\appdata\local\BIT23D4.tmp
2011-05-28 17:00:44 -------- d-----w- C:\Advanced Wheel Mouse
2011-05-24 00:31:42 -------- d-----w- c:\program files\Object
.
==================== Find3M ====================
.
2011-06-18 18:12:25 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-28 06:08:58 916480 ----a-w- c:\windows\system32\wininet.dll
2011-05-28 06:04:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-28 06:04:17 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-28 06:04:03 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-05-28 06:04:03 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-05-28 05:10:26 385024 ----a-w- c:\windows\system32\html.iec
2011-05-28 04:33:03 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-28 04:31:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 11:59:44 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-04-29 12:49:57 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 12:49:55 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-21 13:16:42 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-14 14:24:14 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
.
============= FINISH: 19:30:51.24 ===============