DDS (Ver_09-06-26.01) - NTFSx86
Run by d13k at 10:40:25,50 on ned 28.06.2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.881 [GMT 2:00]
AV: avast! antivirus 4.8.1335 [VPS 090627-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sygate Personal Firewall *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\System32\svchost.exe -k eapsvcs
svchost.exe
C:\WINDOWS\System32\svchost.exe -k dot3svc
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
svchost.exe
C:\Program Files\I8kfanGUI\I8kfanGUI.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Secunia\PSI\psi.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Documents and Settings\d13k\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\Documents and Settings\d13k\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = about
:blank
uInternet Settings,ProxyOverride = local
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot - search & destroy\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\siteadvisor\mcieplg.dll
BHO: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 9.0 Helper: {e31ce47f-c268-41ba-897b-b415e613947d} - c:\program files\microsoft visual studio 9.0\common7\ide\privateassemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO90.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - c:\program files\hotspot shield\hssie\HssIE.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\siteadvisor\mcieplg.dll
TB: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
EB: Web Test Recorder 9.0: {3c7adade-d1e8-45d2-bdcd-7f8d8b99b2a2} - mscoree.dll
uRun: [i8kfangui] c:\program files\i8kfangui\I8kfanGUI.exe /startup
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe"
mRun: [AtiPTA] atiptaxx.exe
mRun: [SmcService] c:\progra~1\sygate\spf\smc.exe -startgui
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\d13k\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi.exe
StartupFolder: c:\documents and settings\d13k\start menu\programs\startup\Secunia PSI.lnk.disabled
IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm
IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\microsoft office\office11\EXCEL.EXE/3000
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot - search & destroy\SDHelper.dll
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F}
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: {D19B6B02-E641-41D5-B538-78807C785C5D} = 193.198.184.140 193.198.184.130
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\siteadvisor\McIEPlg.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\d13k\applic~1\mozilla\firefox\profiles\oejxwxxc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage -
www.google.com
FF - component: c:\documents and settings\d13k\application data\idm\idmmzcc2\components\idmmzcc.dll
FF - component: c:\documents and settings\d13k\application data\mozilla\firefox\profiles\oejxwxxc.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc.dll
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - plugin: c:\documents and settings\d13k\application data\mozilla\firefox\profiles\oejxwxxc.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp071303000006.dll
FF - plugin: c:\documents and settings\d13k\local settings\application data\google\update\1.2.145.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\opera\program\plugins\npdivx32.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
============= SERVICES / DRIVERS ===============
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-6-13 64160]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-6-13 114768]
R1 atitray;atitray;c:\program files\radeon omega drivers\v4.8.442\ati tray tools\atitray.sys [2008-7-1 17952]
R1 fanio;FanIO driver;c:\windows\system32\drivers\fanio.sys [2008-7-1 14464]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-4-23 82200]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-6-13 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-6-13 138680]
R2 HssSrv;Hotspot Shield Routing Service;c:\program files\hotspot shield\hsswpr\hsssrv.exe [2009-6-1 331312]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-3-9 1003344]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2009-6-17 210216]
R2 VMCService;Vodafone Mobile Connect Service;c:\program files\vodafone\vodafone mobile connect\bin\VMCService.exe [2008-3-13 24576]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-6-13 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-6-13 352920]
R3 HssDrv;Hotspot Shield Helper Miniport;c:\windows\system32\drivers\HssDrv.sys [2009-6-1 33840]
S3 HssTrayService;Hotspot Shield Tray Service;c:\program files\hotspot shield\bin\HssTrayService.exe [2009-6-1 34352]
S3 mbr;mbr;\??\c:\docume~1\d13k\locals~1\temp\mbr.sys --> c:\docume~1\d13k\locals~1\temp\mbr.sys [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-6-17 12648]
S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [2009-6-13 37440]
S3 VSPerfDrv90;Performance Tools Driver 9.0;c:\program files\microsoft visual studio 9.0\team tools\performance tools\VSPerfDrv90.sys [2007-9-4 55664]
S4 vsdatant;vsdatant; [x]
=============== Created Last 30 ================
2009-06-27 04:10 <DIR> --d----- c:\program files\Vstplugins
2009-06-27 04:10 <DIR> --d----- c:\program files\Sony
2009-06-27 04:07 <DIR> --d----- c:\program files\Sony Setup
2009-06-26 23:11 <DIR> --d----- c:\program files\Secunia
2009-06-26 23:00 <DIR> --d----- c:\program files\TightVNC
2009-06-26 22:52 <DIR> --d----- c:\program files\common files\DivX Shared
2009-06-26 22:42 14,568 a------- c:\windows\system32\drivers\wg6n.sys
2009-06-26 22:42 14,568 a------- c:\windows\system32\drivers\wg5n.sys
2009-06-26 22:42 14,568 a------- c:\windows\system32\drivers\wg4n.sys
2009-06-26 22:42 14,568 a------- c:\windows\system32\drivers\wg3n.sys
2009-06-26 22:42 60,496 a------- c:\windows\system32\drivers\Teefer.sys
2009-06-26 22:42 21,075 a------- c:\windows\system32\drivers\wpsdrvnt.sys
2009-06-26 22:42 83,096 a------- c:\windows\system32\SSSensor.dll
2009-06-26 22:42 <DIR> --d----- c:\program files\Sygate
2009-06-26 22:16 <DIR> -cd----- c:\windows\system32\dllcache\cache
2009-06-26 22:05 <DIR> a-dshr-- C:\cmdcons
2009-06-26 22:03 161,792 a------- c:\windows\SWREG.exe
2009-06-26 22:03 155,136 a------- c:\windows\PEV.exe
2009-06-26 22:03 98,816 a------- c:\windows\sed.exe
2009-06-26 08:28 <DIR> --d----- c:\program files\CrossLoop
2009-06-26 07:47 <DIR> --d----- c:\program files\Ventrilo
2009-06-26 07:47 262 a------- c:\windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
2009-06-26 07:47 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-06-24 23:56 593,920 -------- c:\windows\system32\ati2sgag.exe
2009-06-24 23:42 10 a------- c:\windows\WININIT.INI
2009-06-23 01:57 <DIR> --d----- c:\docume~1\d13k\applic~1\TypingMaster7
2009-06-23 01:57 <DIR> --d--r-- c:\program files\TypingMaster
2009-06-21 23:35 <DIR> --d----- c:\program files\ACW
2009-06-21 05:03 <DIR> --d----- c:\program files\NetLimiter 2 Pro
2009-06-21 04:53 <DIR> --d----- c:\docume~1\d13k\applic~1\Locktime
2009-06-21 04:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Locktime
2009-06-21 03:59 <DIR> --d----- C:\Hotspot Shield
2009-06-18 03:58 <DIR> --dsh--- c:\documents and settings\d13k\IECompatCache
2009-06-18 03:56 <DIR> --dsh--- c:\documents and settings\d13k\PrivacIE
2009-06-18 03:46 <DIR> --dsh--- c:\documents and settings\d13k\IETldCache
2009-06-18 02:08 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll
2009-06-18 02:08 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll
2009-06-18 02:08 <DIR> --d----- c:\windows\ie8updates
2009-06-18 02:08 102,912 -c------ c:\windows\system32\dllcache\iecompat.dll
2009-06-18 02:05 <DIR> -cd-h--- c:\windows\ie8
2009-06-18 02:01 221,184 a------- c:\windows\system32\wmpns.dll
2009-06-18 01:10 4,212 a---h--- c:\windows\system32\zllictbl.dat
2009-06-18 01:09 <DIR> --d----- c:\windows\Internet Logs
2009-06-18 00:45 <DIR> --d----- c:\docume~1\d13k\applic~1\Comodo
2009-06-17 15:57 36,352 -------- C:\WGASetup.exe
2009-06-17 15:37 410,984 a------- c:\windows\system32\deploytk.dll
2009-06-17 14:49 <DIR> --d----- c:\program files\common files\McAfee
2009-06-17 14:49 <DIR> --d----- c:\program files\McAfee
2009-06-17 14:20 12,648 a------- c:\windows\system32\drivers\psi_mf.sys
2009-06-17 06:29 <DIR> --d-h--- c:\windows\PIF
2009-06-17 06:17 2,145,280 -c------ c:\windows\system32\dllcache\ntkrnlmp.exe
2009-06-17 06:17 2,189,056 -c------ c:\windows\system32\dllcache\ntoskrnl.exe
2009-06-17 06:17 2,023,936 -c------ c:\windows\system32\dllcache\ntkrpamp.exe
2009-06-17 06:10 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys
2009-06-17 06:09 2,560 -------- c:\windows\system32\xpsp4res.dll
2009-06-17 05:58 361,600 a------- c:\windows\system32\drivers\tcpip.sys.old
2009-06-17 05:50 23,576 a------- c:\windows\system32\wuapi.dll.mui
2009-06-15 20:48 31,232 a------- c:\windows\system\vdremote.dll
2009-06-15 20:48 25,088 a------- c:\windows\system\vdsvrlnk.dll
2009-06-13 06:51 <DIR> --d----- c:\program files\File Shredder
2009-06-13 01:36 1,024 a------- C:\.rnd
2009-06-13 01:36 37,440 a------- c:\windows\system32\drivers\pssdk41.sys
2009-06-13 01:20 15,688 a------- c:\windows\system32\lsdelete.exe
2009-06-13 01:15 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-06-13 01:12 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-06-13 01:12 <DIR> --d----- c:\program files\Lavasoft
2009-06-13 01:08 <DIR> --d----- c:\program files\Trend Micro
2009-06-13 00:50 <DIR> --d----- c:\program files\Tenable
2009-06-13 00:50 <DIR> --d----- c:\docume~1\d13k\applic~1\MailWasherFree
2009-06-12 00:50 <DIR> --d----- c:\program files\mIRC
2009-06-12 00:50 <DIR> --d----- c:\docume~1\d13k\applic~1\mIRC
2009-06-11 03:33 <DIR> --d----- c:\docume~1\d13k\applic~1\X-Chat 2
2009-06-10 07:31 <DIR> --d----- c:\docume~1\d13k\applic~1\KeePass
2009-06-10 05:44 <DIR> --d----- c:\program files\KeePass Password Safe 2
2009-06-01 20:13 33,840 a------- c:\windows\system32\drivers\HssDrv.sys
==================== Find3M ====================
2009-05-13 07:15 915,456 a------- c:\windows\system32\wininet.dll
2009-05-07 17:32 345,600 a------- c:\windows\system32\localspl.dll
2009-05-01 23:02 90,112 a------- c:\windows\system32\dpl100.dll
2009-05-01 23:02 823,296 a------- c:\windows\system32\divx_xx0c.dll
2009-05-01 23:02 823,296 a------- c:\windows\system32\divx_xx07.dll
2009-05-01 23:02 815,104 a------- c:\windows\system32\divx_xx0a.dll
2009-05-01 23:02 811,008 a------- c:\windows\system32\divx_xx16.dll
2009-05-01 23:02 802,816 a------- c:\windows\system32\divx_xx11.dll
2009-05-01 23:02 685,056 a------- c:\windows\system32\DivX.dll
2009-04-29 06:55 78,336 -c------ c:\windows\system32\ieencode.dll
2009-04-17 14:26 1,847,168 a------- c:\windows\system32\win32k.sys
2009-04-15 16:51 585,216 a------- c:\windows\system32\rpcrt4.dll
============= FINISH: 10:40:53,68 ===============