DDS
.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 8.0.6001.19088
Run by useR at 23:22:59 on 2011-07-19
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.2813.1676 [GMT -6:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\useR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\useR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\useR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\useR\AppData\Local\Temp\RtkBtMnt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe
C:\Windows\helppane.exe
C:\Windows\system32\rundll32.exe
C:\Users\useR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\useR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\useR\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\useR\Downloads\dds.scr
C:\Windows\system32\WSCRIPT.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... spire_5515
uSearch Bar = Preserve
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... spire_5515
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACA ... spire_5515
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
BHO: {089fd14d-132b-48fc-8861-0048ae113215} - c:\program files\siteadvisor\6172\SiteAdv.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {377c180e-6f0e-4d4c-980f-f45bd3d40cf4} - c:\progra~1\mcafee\msk\mcapbho.dll
BHO: LivingPlay Text: {4a0ba746-d4d6-41a6-81ef-413e52b5f8d6} - c:\program files\livingplay\lplaytl.dll
BHO: LivingPlay: {5be1ed16-e6dd-4c4e-a596-6cfd5ee7c1ee} - c:\program files\livingplay\livingplaylib32.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6172\SiteAdv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [cdloader] "c:\users\user\appdata\roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [Google Update] "c:\users\user\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LManager] c:\progra~1\launch~1\LManager.exe
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [SiteAdvisor] c:\program files\siteadvisor\6172\SiteAdv.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [BkupTray] "c:\program files\newtech infosystems\nti backup now 5\BkupTray.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Acer Assist Launcher] c:\program files\acer\acer assist\launcher.exe
mRun: [Acer Product Registration] "c:\program files\acer\acer registration\ACE1.exe" /startup
mRun: [eRecoveryService]
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Skytel] Skytel.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files\siteadvisor\6172\SiteAdv.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2008-12-4 201288]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2008-12-4 79304]
R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2008-12-4 35240]
R3 mfesmfk;McAfee Inc.;c:\windows\system32\drivers\mfesmfk.sys [2008-12-4 40488]
S3 mferkdk;McAfee Inc.;c:\windows\system32\drivers\mferkdk.sys [2008-12-4 33800]
.
=============== Created Last 30 ================
.
2011-07-19 06:37:33 7074640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{e4051cb8-42c6-42a2-8d79-6d166876901b}\mpengine.dll
2011-07-13 05:10:11 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-07-13 05:10:04 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-07-13 05:10:04 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-07-09 01:34:57 -------- d-----w- c:\programdata\ImTOO
2011-07-09 01:34:57 -------- d-----w- c:\program files\ImTOO
2011-07-09 01:23:12 -------- d-----w- c:\program files\WMV9_VCM
2011-07-09 00:52:50 -------- d-----w- c:\users\user\appdata\local\WMTools Downloaded Files
2011-07-09 00:52:11 -------- d-----w- c:\program files\Movie Maker 2.6
2011-07-09 00:48:11 7046 ----a-w- c:\users\user\ffdshow.reg
2011-07-09 00:45:59 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2011-07-09 00:45:57 -------- d-----w- c:\program files\InstaCodecs
2011-07-09 00:45:42 -------- d-----w- c:\program files\Free Offers from Freeze.com
2011-07-02 20:10:54 -------- d-----w- c:\program files\Vegas Casino Online
2011-07-02 19:56:43 -------- d-----w- c:\program files\Rushmore Casino
2011-06-30 01:48:33 -------- d-----w- c:\users\user\appdata\local\Microsoft Games
2011-06-28 21:53:54 276992 ----a-w- c:\windows\system32\schannel.dll
2011-06-28 12:07:27 -------- d-----w- c:\program files\Panda Security
2011-06-28 05:42:29 -------- d-----w- c:\program files\iPod
2011-06-28 05:42:13 -------- d-----w- c:\program files\iTunes
2011-06-28 05:10:14 -------- d-----w- c:\users\user\appdata\roaming\PeerNetworking
2011-06-27 21:20:17 -------- d-----w- c:\users\user\appdata\local\Mozilla
2011-06-26 13:52:54 -------- d-----w- c:\users\user\appdata\local\Unity
2011-06-26 13:52:08 -------- d-----w- c:\users\user\appdata\local\Deployment
2011-06-25 14:34:31 -------- d-----w- c:\programdata\3DVIAMP
2011-06-25 14:33:46 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2011-06-25 14:33:46 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2011-06-25 14:33:45 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2011-06-25 14:33:44 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2011-06-25 14:33:42 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
2011-06-25 14:33:40 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2011-06-25 14:33:14 -------- d-----w- c:\program files\3DVIA
2011-06-25 14:28:47 -------- d-----w- c:\users\user\appdata\local\3DVIA
2011-06-25 05:47:34 -------- d-----w- c:\program files\Silver Oak Casino
2011-06-24 23:06:53 -------- d-----w- c:\users\user\appdata\roaming\Mayflower
2011-06-24 23:06:53 -------- d-----w- c:\programdata\Mayflower
2011-06-24 23:06:27 -------- d-----w- c:\program files\Mayflower
2011-06-24 23:05:20 -------- d-----w- c:\programdata\PopCap Games
2011-06-24 23:05:20 -------- d-----w- c:\program files\PopCap Games
2011-06-24 15:04:10 -------- d-----w- c:\program files\Real Vegas Online
2011-06-24 04:44:27 -------- d-----w- c:\program files\99 Slot Machine
2011-06-24 04:24:44 -------- d-----w- c:\program files\DesertNightsCasino
2011-06-22 20:38:59 -------- d-----w- c:\users\user\appdata\local\Apps
2011-06-21 09:51:16 -------- d-----w- c:\users\user\.thumbnails
2011-06-21 08:24:56 -------- d-----w- c:\users\user\.gimp-2.6
2011-06-21 08:24:54 -------- d-----w- c:\users\user\.gegl-0.0
2011-06-21 08:17:05 -------- d-----w- c:\program files\Gimp-2.0
.
==================== Find3M ====================
.
2011-06-22 21:06:42 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-21 01:47:25 1611 ----a-w- c:\windows\system32\drivers\etc\mvps.bat
2011-05-28 06:08:58 916480 ----a-w- c:\windows\system32\wininet.dll
2011-05-28 06:04:30 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-05-28 06:04:17 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-05-28 06:04:03 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-05-28 06:04:03 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-05-28 05:10:26 385024 ----a-w- c:\windows\system32\html.iec
2011-05-28 04:33:03 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-05-28 04:31:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-05-25 01:14:10 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-10 14:06:08 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-05-10 14:06:08 42496 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-05-04 10:52:22 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-02 17:16:14 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 13:25:10 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 13:25:09 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-29 13:24:50 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-29 13:24:42 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-29 13:24:40 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-26 05:58:12 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-04-26 05:58:12 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-04-21 13:58:27 273408 ----a-w- c:\windows\system32\drivers\afd.sys
.
============= FINISH: 23:24:33.93 ===============
And I uploaded the attach.txt because I read something about not posting it.
Thanks!