DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6000.17117
Run by jason seymer at 14:28:38 on 2013-03-07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1504 [GMT -8:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.msn.com
uProxyOverride = localhost;*.local
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mRun: [EPSON Stylus Photo R320 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9FA.EXE /P30 "EPSON Stylus Photo R320 Series" /O6 "USB001" /M "Stylus Photo R320"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [ROC_ROC_NT] "c:\program files\avg secure search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AntiLogger] "c:\program files\antilogger\AntiLogger.exe" /minimized
mRun: [NVRaidService] c:\windows\system32\nvraidservice.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoThumbnailCache = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Download all by RedTube Grabber - c:\program files\redtubegrabber\downall.htm
IE: Download by RedTube Grabber - <no file>
IE: Download by YouTube Robot - c:\program files\redtubegrabber\downlink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: mswsock.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: vzTCPConfig - hxxp://my.verizon.com/micro/speedoptimi ... Config.CAB
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDow ... ab_nvd.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab
DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} - hxxp://www.nvidia.com/content/DriverDow ... eqlab2.cab
DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/ ... anager.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/sh ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.co ... .5.1.0.cab
TCP: NameServer = 192.168.1.1 184.16.33.54
TCP: Interfaces\{6169ED15-02B6-402A-8C9E-92A9925076EC} : DHCPNameServer = 192.168.1.1 184.16.33.54
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.97\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
--multi-install --chrome
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2012-3-17 12184]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2010-5-5 171096]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2010-5-5 1324120]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2010-5-5 72792]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\drivers\ladfDHP2i386.sys [2012-8-29 53976]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\drivers\ladfSBVMi386.sys [2012-8-29 335064]
S0 tclondrv;tclondrv;c:\windows\system32\drivers\tclondrv.sys --> c:\windows\system32\drivers\tclondrv.sys [?]
S1 AntiLog32;AntiLog32;\??\c:\windows\system32\drivers\antilog32.sys --> c:\windows\system32\drivers\AntiLog32.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SSHNAS;SSHNAS;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S3 Alpham;Ideazon Fang Composite Keyboard Driver;c:\windows\system32\drivers\Alpham.sys [2005-12-4 34944]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2010-5-5 171096]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2010-5-5 1324120]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2010-5-5 72792]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-1-12 83168]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2011-8-22 20032]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;\??\c:\program files\msi\live update 5\msibios32_100507.sys --> c:\program files\msi\live update 5\msibios32_100507.sys [?]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2012-4-2 50704]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;\??\c:\program files\msi\live update 5\ntiolib.sys --> c:\program files\msi\live update 5\NTIOLib.sys [?]
S3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [2011-1-22 23096]
S3 SndTVideo;SndTVideo;c:\windows\system32\drivers\SndTVideo.sys [2011-1-22 5688]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-1-12 181344]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2011-1-22 25704]
S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [2011-1-22 25704]
S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [2011-1-22 25704]
S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [2011-1-22 25704]
S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [2011-1-22 25704]
S4 avg7core;BASFND;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S4 avgarcln;Msi_wlan_service;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2012-9-3 79360]
S4 GV600_4;Z800bus;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S4 LMIRfsDriver;Se59mgmt;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S4 mcusrmgr;Dmprimer;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S4 pavatscheduler;Usbvideo;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336]
S4 SATARaid5 Config Service;SATARaid5 Configuration Service;c:\program files\silicon image\3114-w-i32-r sataraid5\SATARaid5ConfigService.exe [2005-10-5 131072]
S4 STSService;STSService;"c:\program files\soundtaxi media suite\stsservice.exe" --> c:\program files\soundtaxi media suite\STSService.exe [?]
.
=============== Created Last 30 ================
.
2013-02-25 02:33:36 405504 ----a-w- c:\windows\system32\CapabilityTable.exe
2013-02-25 02:33:04 176128 ----a-w- c:\windows\system32\nvunrm.exe
2013-02-25 02:33:00 176128 ----a-w- c:\windows\system32\nvusmb.exe
2013-02-21 05:06:37 -------- d-----w- c:\program files\AVAST Software
2013-02-21 05:06:37 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software
2013-02-21 01:36:19 -------- d-----w- c:\documents and settings\jason seymer\local settings\application data\Avg2013
2013-02-19 20:06:45 -------- d-----w- c:\documents and settings\jason seymer\local settings\application data\Zemana
2013-02-19 20:06:42 -------- d-----w- c:\program files\AntiLogger
2013-02-19 05:42:38 -------- d-----w- c:\documents and settings\jason seymer\application data\IsolatedStorage
2013-02-19 05:42:38 -------- d-----w- c:\documents and settings\all users\application data\IsolatedStorage
2013-02-19 05:42:26 -------- d-----w- c:\documents and settings\jason seymer\local settings\application data\_
2013-02-19 02:54:11 -------- d-----w- c:\program files\NirSoft
2013-02-17 06:41:51 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2013-02-17 06:41:39 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-02-15 22:31:23 186432 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2013-03-04 06:57:29 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2013-02-08 00:40:10 74096 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-08 00:40:10 697712 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-05 00:33:24 720896 ----a-w- c:\windows\iun6002ev.exe
2013-01-28 04:53:32 293704 -c--a-w- c:\windows\system32\nvdrsdb0.bin
2013-01-28 04:53:32 1 -c--a-w- c:\windows\system32\nvdrssel.bin
2013-01-28 02:23:48 293704 -c--a-w- c:\windows\system32\nvdrsdb1.bin
2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:19:45 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37:01 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:43:21 832512 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:43:21 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-12-26 20:43:20 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-12-26 20:43:20 17408 ----a-w- c:\windows\system32\corpol.dll
2012-12-17 02:47:49 139152 -c--a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-12-17 02:47:37 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-12-17 02:20:48 111928 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
.
============= FINISH: 14:29:28.22 ===============