DDS.txt
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 10.5.1
Run by Keith at 20:26:14 on 2012-08-05
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2938.1440 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\RtkAudioService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Users\Keith\AppData\Local\Citrix\ICA Client\concentr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\Taskmgr.exe
C:\Users\Keith\AppData\Local\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\notepad.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page =
hxxp://www.google.co.uk/uWindow Title =
uInternet Settings,ProxyServer = cslibproxy:80
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [Skytel] Skytel.exe
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [ConnectionCenter] "c:\users\keith\appdata\local\citrix\ica client\concentr.exe" /startup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {414FB93D-DEDD-4FEF-AD7F-167992EBDB52} -
hxxps://ldcvpn.lnrproperty.com/CSHELL/extender.cabDPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} -
hxxp://download.divx.com/player/DivXBrowserPlugin.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {B4CB50E4-0309-4906-86EA-10B6641C8392} -
hxxps://ldcvpn.lnrproperty.com/CSHELL/extender.cabDPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabTCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{78DA402D-66EE-4084-9D5E-8A010E0B8437} : DhcpNameServer = 192.168.1.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\users\keith\appdata\local\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\users\keith\appdata\local\citrix\ica client\IcaMimeFilter.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
Hosts: 127.0.0.1
www.spywareinfo.com.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\keith\appdata\roaming\mozilla\firefox\profiles\74eim75z.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.co.uk/FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npicaN.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\picasa2\npPicasa3.dll
FF - plugin: c:\users\keith\appdata\roaming\mozilla\plugins\npicaN.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_265.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2010-4-16 65584]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-7-4 5160568]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 cpextender;Check Point SSL Network Extender;c:\program files\checkpoint\ssl network extender\slimsvc.exe [2011-6-2 355504]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2010-2-17 90112]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032]
R2 RtkAudioService;Realtek Audio Service;c:\windows\RTKAUDIOSERVICE.EXE [2008-10-22 104992]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-12-2 1153368]
R2 uCamMonitor;CamMonitor;c:\program files\arcsoft\magic-i visual effects 2\uCamMonitor.exe [2008-11-27 104960]
R2 VAIO Power Management;VAIO Power Management;c:\program files\sony\vaio power management\SPMService.exe [2008-10-22 411488]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2008-11-27 17920]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-2-17 27632]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2008-10-22 9344]
R3 VNA;Check Point Virtual Network Adapter;c:\windows\system32\drivers\vna.sys [2010-2-16 129304]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-8-5 113120]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2008-10-21 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2008-10-21 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2008-10-21 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2008-10-21 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2008-10-21 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2008-10-21 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2008-10-21 109736]
S3 s3117bus;Sony Ericsson Device 3117 driver (WDM);c:\windows\system32\drivers\s3117bus.sys [2009-9-2 90408]
S3 s3117mdfl;Sony Ericsson Device 3117 USB WMC Modem Filter;c:\windows\system32\drivers\s3117mdfl.sys [2009-9-2 15016]
S3 s3117mdm;Sony Ericsson Device 3117 USB WMC Modem Driver;c:\windows\system32\drivers\s3117mdm.sys [2009-9-2 122024]
S3 s3117mgmt;Sony Ericsson Device 3117 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3117mgmt.sys [2009-9-2 115368]
S3 s3117nd5;Sony Ericsson Device 3117 USB Ethernet Emulation SEMC3117 (NDIS);c:\windows\system32\drivers\s3117nd5.sys [2009-9-2 25768]
S3 s3117obex;Sony Ericsson Device 3117 USB WMC OBEX Interface;c:\windows\system32\drivers\s3117obex.sys [2009-9-2 111784]
S3 s3117unic;Sony Ericsson Device 3117 USB Ethernet Emulation SEMC3117 (WDM);c:\windows\system32\drivers\s3117unic.sys [2009-9-2 117544]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\sony ericsson\sony ericsson pc companion\PCCService.exe [2011-4-7 155344]
.
=============== Created Last 30 ================
.
2012-08-05 19:24:58 -------- d-----w- c:\program files\DDS
2012-08-05 19:09:15 -------- d-----w- c:\users\keith\appdata\roaming\Ad-Aware Antivirus
2012-08-05 18:12:41 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-08-05 18:12:38 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
2012-08-05 18:12:38 68576 ----a-w- c:\program files\mozilla firefox\mozglue.dll
2012-08-05 18:12:38 573920 ----a-w- c:\program files\mozilla firefox\gkmedias.dll
2012-08-05 18:12:38 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
2012-08-05 18:12:38 157608 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2012-08-05 18:12:38 113120 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
2012-07-13 22:29:31 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-07-13 22:04:28 -------- d-----w- c:\users\keith\appdata\local\Macromedia
2012-07-13 22:04:18 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-13 21:45:38 -------- d-----w- c:\program files\Oracle
2012-07-13 21:44:59 772544 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-13 19:02:53 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-07-13 19:02:53 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-07-13 19:02:53 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-07-13 19:02:43 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2012-07-13 19:02:13 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-07-13 19:02:13 278528 ----a-w- c:\windows\system32\schannel.dll
2012-07-13 19:02:13 204288 ----a-w- c:\windows\system32\ncrypt.dll
2012-07-13 19:02:10 1401856 ----a-w- c:\windows\system32\msxml6.dll
2012-07-13 19:02:10 1248768 ----a-w- c:\windows\system32\msxml3.dll
.
==================== Find3M ====================
.
2012-07-13 22:04:18 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-05 21:06:20 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:12:13 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 14:19:42 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 14:12:20 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-05-15 22:04:50 834048 ----a-w- c:\windows\system32\wininet.dll
.
============= FINISH: 20:27:17.11 ===============