.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by user at 17:12:25 on 2011-12-27
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3326.1911 [GMT -6:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\program files\steam\steam.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.aol.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [InstaLAN] "c:\program files\belkin\router setup and monitor\BelkinSetup.exe" startup
mRunOnce: [removeSearchqudatamngr] cmd.exe /c RD /S /Q "c:\program files\Windows iLivid Toolbar"
mRunOnce: [removeSearchqutoolbar] cmd.exe /c RD /S /Q "c:\program files\windows ilivid toolbar\datamngr\ToolBar"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{48DBB045-936F-4856-B6E6-CDDF63B96F33} : DhcpNameServer = 10.1.10.1
TCP: Interfaces\{7B42E3F2-B641-4D4F-9FC3-9FFDA2C2B8F3} : DhcpNameServer = 192.168.2.1
AppInit_DLLs:
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\sak3al1i.default\
FF - prefs.js: browser.search.selectedEngine - Search Results
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com/?mtmhp=aolcustomfire ... ew00000006
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ff ... 06&sr=0&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\users\user\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\users\user\appdata\roaming\mozilla\firefox\profiles\sak3al1i.default\extensions\{000f1ea4-5e08-4564-a29b-29076f63a37a}\plugins\npsoe.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2010-10-19 21504]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-5-20 378472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-3-29 136176]
S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2008-4-1 19456]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-3-29 136176]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-12-27 07:45:49 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{201b846c-1369-419b-a16d-0fa9e57343d2}\offreg.dll
2011-12-27 07:45:47 6823496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{201b846c-1369-419b-a16d-0fa9e57343d2}\mpengine.dll
2011-12-26 06:10:26 388096 ----a-r- c:\users\user\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-12-26 06:10:26 -------- d-----w- c:\program files\Trend Micro
2011-12-26 05:51:59 869376 ----a-w- c:\windows\isRS-000.tmp
2011-12-25 17:45:02 -------- d-----w- c:\users\user\appdata\local\Ilivid Player
2011-12-25 17:44:11 -------- d-----w- c:\programdata\boost_interprocess
2011-12-25 17:44:11 -------- d-----w- c:\program files\Windows iLivid Toolbar
2011-12-25 17:44:03 -------- d-----w- c:\users\user\appdata\local\PackageAware
2011-12-24 11:26:15 677136 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\SpotlightResources.dll
2011-12-24 01:29:52 -------- d-----w- c:\programdata\Affinegy
2011-12-24 01:29:52 -------- d-----w- c:\program files\Belkin
2011-12-14 06:05:02 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-14 06:05:01 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-14 06:05:00 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-12-14 06:04:59 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-12-14 06:04:58 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-12-14 06:04:17 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-14 06:04:10 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-11 08:13:41 -------- d-----w- c:\program files\SystemRequirementsLab
.
==================== Find3M ====================
.
2011-12-26 05:10:09 141200 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-12-26 05:09:46 281656 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-12-26 05:09:46 281656 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-12-26 05:07:45 281200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-12-10 07:23:40 138056 ----a-w- c:\users\user\appdata\roaming\PnkBstrK.sys
2011-12-10 07:23:22 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 17:12:52.19 ===============