I used the search here and found similar cases to mine...
I've been looking it up on Google and found out everything about this "Cult Trojan", but basically i keep seeing not to try to fix it without help from an expert.
...
I realize its the holidays and people may not be on to help. I just want to be able to use my computer without this Worm.
Should i just go ahead and use that "Combofix" i keep seeing?
I've already scanned the wuauclt file with AVG and Malwarebytes' Anti-Malware. Its showing as clean. Why do i still have this black box popping up every 10 seconds?:upset:
DDS (Version 1.1.0) - NTFSx86
Run by Kevgeez at 1:47:18.34 on Wed 12/24/2008
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_10
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.894.88 [GMT -5:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iWin Games\iWinGamesInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\TUProgSt.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\ImgBurn\ImgBurn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Windows\servicing\TrustedInstaller.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Kevgeez\Desktop\dds.com
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T5230
mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T5230
uInternet Settings,ProxyOverride = <local>;*.local
mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T5230
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg8\avgssie.dll
BHO: Yahoo! IE Services Button: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Yahoo! ¤u¨ã¦C: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: Veoh Browser Plug-in: {D0943516-5076-4020-A3B5-AEFAF26AB263} - c:\program files\veoh networks\veoh\plugins\reg\VeohToolbar.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - c:\program files\daemon tools toolbar\DTToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background
uRun: [Yahoo! Pager] "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [CanonSolutionMenu] "c:\program files\canon\solutionmenu\CNSLMAIN.exe" /logon
mRun: [CanonMyPrinter] "c:\program files\canon\myprinter\BJMyPrt.exe" /logon
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [BlackBerryAutoUpdate] c:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe /background
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\users\kevgeez\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\owner\appdata\roaming\microsoft\windows\start menu\programs\imvu\Run IMVU.lnk
IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\owner\appdata\roaming\microsoft\windows\start menu\programs\imvu\Run IMVU.lnk
IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe
LSP: c:\windows\system32\wpclsp.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
AppInit_DLLs: avgrsstx.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\kevgeez\appdata\roaming\mozilla\firefox\profiles\yrcjvcmi.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_ZangoSA.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npkanevapatch.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\program files\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\yahoo!\shared\npYState.dll
============= SERVICES / DRIVERS ===============
=============== Created Last 30 ================
2008-12-23 00:00 <DIR> --d----- c:\users\kevgeez\appdata\roaming\Malwarebytes
2008-12-23 00:00 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-23 00:00 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-23 00:00 <DIR> --d----- c:\programdata\Malwarebytes
2008-12-23 00:00 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2008-12-23 00:00 <DIR> --d----- c:\progra~2\Malwarebytes
2008-12-22 21:36 <DIR> --d----- C:\SDFix
2008-12-21 15:01 <DIR> --d----- c:\program files\EA GAMES
2008-12-21 14:02 442,368 a----r-- c:\windows\system32\vp6vfw.dll
2008-12-21 12:57 <DIR> --d----- c:\program files\DAEMON Tools Lite
2008-12-21 12:50 717,296 a------- c:\windows\system32\drivers\sptd.sys
2008-12-19 02:41 603,904 a------- c:\windows\system32\TUProgSt.exe
2008-12-19 02:41 27,904 a------- c:\windows\system32\uxtuneup.dll
2008-12-19 02:41 17,152 a------- c:\windows\system32\authuitu.dll
2008-12-19 02:41 360,192 a------- c:\windows\system32\TuneUpDefragService.exe
2008-12-19 02:40 <DIR> --d----- c:\users\kevgeez\appdata\roaming\TuneUp Software
2008-12-19 02:40 <DIR> --d----- c:\programdata\TuneUp Software
2008-12-19 02:40 <DIR> --d----- c:\program files\TuneUp Utilities 2009
2008-12-19 02:40 <DIR> --d----- c:\progra~2\TuneUp Software
2008-12-19 02:38 <DIR> --dsh--- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2008-12-19 02:38 <DIR> --dsh--- c:\progra~2\{55A29068-F2CE-456C-9148-C869879E2357}
2008-12-16 13:25 <DIR> --d-h--- C:\$AVG8.VAULT$
2008-12-16 12:37 10,520 a------- c:\windows\system32\avgrsstx.dll
2008-12-16 12:37 69,128 a------- c:\windows\system32\drivers\avgwfpx.sys
2008-12-16 12:37 97,928 a------- c:\windows\system32\drivers\avgldx86.sys
2008-12-16 12:36 <DIR> --d----- c:\windows\system32\drivers\Avg
2008-12-16 12:36 <DIR> --d----- c:\program files\AVG
2008-12-16 12:36 <DIR> --d----- c:\programdata\avg8
2008-12-16 12:36 <DIR> --d----- c:\progra~2\avg8
2008-12-15 19:10 <DIR> --d----- c:\users\kevgeez\appdata\roaming\Research In Motion
2008-12-15 18:37 <DIR> --d----- c:\programdata\Sonic
2008-12-15 18:33 <DIR> --d----- c:\programdata\Roxio
2008-12-15 18:33 <DIR> --d----- c:\program files\common files\Sonic Shared
2008-12-15 18:33 <DIR> --d----- c:\program files\Roxio
2008-12-15 18:27 26,496 a------- c:\windows\system32\drivers\RimSerial.sys
2008-12-15 18:25 <DIR> --d----- c:\program files\common files\Research In Motion
2008-12-15 18:25 <DIR> --d----- c:\program files\Research In Motion
2008-12-15 12:44 <DIR> --d----- c:\programdata\acccore
2008-12-15 12:44 <DIR> --d----- c:\progra~2\acccore
2008-12-15 12:41 <DIR> --d----- c:\programdata\AOL Downloads
2008-12-12 23:09 <DIR> --d----- c:\programdata\WindowsSearch
2008-12-12 16:31 <DIR> --d----- c:\programdata\Kaspersky Lab
2008-12-12 16:31 <DIR> --d----- c:\progra~2\Kaspersky Lab
2008-12-12 16:27 <DIR> --d----- c:\programdata\Kaspersky Lab Setup Files
2008-12-12 16:27 <DIR> --d----- c:\progra~2\Kaspersky Lab Setup Files
2008-11-30 00:31 1,524,736 a------- c:\windows\system32\wucltux.dll
2008-11-30 00:31 83,456 a------- c:\windows\system32\wudriver.dll
2008-11-30 00:30 162,064 a------- c:\windows\system32\wuwebv.dll
2008-11-30 00:30 31,232 a------- c:\windows\system32\wuapp.exe
2008-11-29 19:55 <DIR> --d----- c:\program files\WildGames
2008-11-27 11:13 <DIR> --d----- c:\program files\LBA2 Twinsen's Odyssey Demo
2008-11-26 12:43 410,976 a------- c:\windows\system32\deploytk.dll
2008-11-26 12:34 241,152 a------- c:\windows\system32\PortableDeviceApi.dll
2008-11-26 12:34 212,480 a------- c:\windows\system32\drivers\mrxsmb10.sys
2008-11-26 12:33 1,191,936 a------- c:\windows\system32\msxml3.dll
2008-11-26 12:33 712,704 a------- c:\windows\system32\WindowsCodecs.dll
2008-11-26 12:33 425,472 a------- c:\windows\system32\PhotoMetadataHandler.dll
2008-11-26 12:33 347,136 a------- c:\windows\system32\WindowsCodecsExt.dll
2008-11-26 12:33 1,645,568 a------- c:\windows\system32\connect.dll
2008-11-26 12:33 1,334,272 a------- c:\windows\system32\msxml6.dll
==================== Find3M ====================
2008-12-16 12:13 86,016 a------- c:\windows\inf\infstrng.dat
2008-12-16 12:13 86,016 a------- c:\windows\inf\infstor.dat
2008-12-16 12:13 51,200 a------- c:\windows\inf\infpub.dat
2008-12-12 13:24 123,952 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2008-12-12 13:24 10,671 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2008-12-12 13:24 805 a------- c:\windows\system32\drivers\SYMEVENT.INF
2008-10-28 07:58 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-10-26 11:19 174 a--sh--- c:\program files\desktop.ini
2008-10-26 10:50 665,600 a------- c:\windows\inf\drvindex.dat
2008-10-26 09:59 101,888 a------- c:\windows\system32\ifxcardm.dll
2008-10-26 09:59 82,432 a------- c:\windows\system32\axaltocm.dll
2008-10-14 02:27 356,352 a------- c:\windows\eSellerateEngine.dll
2008-10-01 22:49 827,392 a------- c:\windows\system32\wininet.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-05-23 10:03 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2008-05-23 10:03 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2008-05-23 10:03 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
2008-04-29 06:02 16,384 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2008-04-29 06:02 32,768 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2008-04-29 06:02 16,384 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
============= FINISH: 1:48:26.21 ===============
I've been looking it up on Google and found out everything about this "Cult Trojan", but basically i keep seeing not to try to fix it without help from an expert.
...
I realize its the holidays and people may not be on to help. I just want to be able to use my computer without this Worm.
Should i just go ahead and use that "Combofix" i keep seeing?
I've already scanned the wuauclt file with AVG and Malwarebytes' Anti-Malware. Its showing as clean. Why do i still have this black box popping up every 10 seconds?:upset:
DDS (Version 1.1.0) - NTFSx86
Run by Kevgeez at 1:47:18.34 on Wed 12/24/2008
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_10
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.894.88 [GMT -5:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iWin Games\iWinGamesInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\TUProgSt.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\ImgBurn\ImgBurn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Windows\servicing\TrustedInstaller.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Kevgeez\Desktop\dds.com
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T5230
mDefault_Page_URL = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T5230
uInternet Settings,ProxyOverride = <local>;*.local
mSearchAssistant = hxxp://www.gateway.com/g/sidepanel.html?Ch=Retail&Br=EM&Loc=ENG_US&Sys=DTP&M=T5230
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg8\avgssie.dll
BHO: Yahoo! IE Services Button: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Yahoo! ¤u¨ã¦C: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: Veoh Browser Plug-in: {D0943516-5076-4020-A3B5-AEFAF26AB263} - c:\program files\veoh networks\veoh\plugins\reg\VeohToolbar.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - c:\program files\daemon tools toolbar\DTToolbar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background
uRun: [Yahoo! Pager] "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet
uRun: [Aim6] "c:\program files\aim6\aim6.exe" /d locale=en-US ee://aol/imApp
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [CanonSolutionMenu] "c:\program files\canon\solutionmenu\CNSLMAIN.exe" /logon
mRun: [CanonMyPrinter] "c:\program files\canon\myprinter\BJMyPrt.exe" /logon
mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4\OpwareSE4.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [BlackBerryAutoUpdate] c:\program files\common files\research in motion\auto update\RIMAutoUpdate.exe /background
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\users\kevgeez\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\owner\appdata\roaming\microsoft\windows\start menu\programs\imvu\Run IMVU.lnk
IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\owner\appdata\roaming\microsoft\windows\start menu\programs\imvu\Run IMVU.lnk
IE: {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - c:\program files\bodog poker\BPGame.exe
LSP: c:\windows\system32\wpclsp.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
AppInit_DLLs: avgrsstx.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\kevgeez\appdata\roaming\mozilla\firefox\profiles\yrcjvcmi.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npclntax_ZangoSA.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npkanevapatch.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: c:\program files\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\yahoo!\shared\npYState.dll
============= SERVICES / DRIVERS ===============
=============== Created Last 30 ================
2008-12-23 00:00 <DIR> --d----- c:\users\kevgeez\appdata\roaming\Malwarebytes
2008-12-23 00:00 15,504 a------- c:\windows\system32\drivers\mbam.sys
2008-12-23 00:00 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-23 00:00 <DIR> --d----- c:\programdata\Malwarebytes
2008-12-23 00:00 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2008-12-23 00:00 <DIR> --d----- c:\progra~2\Malwarebytes
2008-12-22 21:36 <DIR> --d----- C:\SDFix
2008-12-21 15:01 <DIR> --d----- c:\program files\EA GAMES
2008-12-21 14:02 442,368 a----r-- c:\windows\system32\vp6vfw.dll
2008-12-21 12:57 <DIR> --d----- c:\program files\DAEMON Tools Lite
2008-12-21 12:50 717,296 a------- c:\windows\system32\drivers\sptd.sys
2008-12-19 02:41 603,904 a------- c:\windows\system32\TUProgSt.exe
2008-12-19 02:41 27,904 a------- c:\windows\system32\uxtuneup.dll
2008-12-19 02:41 17,152 a------- c:\windows\system32\authuitu.dll
2008-12-19 02:41 360,192 a------- c:\windows\system32\TuneUpDefragService.exe
2008-12-19 02:40 <DIR> --d----- c:\users\kevgeez\appdata\roaming\TuneUp Software
2008-12-19 02:40 <DIR> --d----- c:\programdata\TuneUp Software
2008-12-19 02:40 <DIR> --d----- c:\program files\TuneUp Utilities 2009
2008-12-19 02:40 <DIR> --d----- c:\progra~2\TuneUp Software
2008-12-19 02:38 <DIR> --dsh--- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}
2008-12-19 02:38 <DIR> --dsh--- c:\progra~2\{55A29068-F2CE-456C-9148-C869879E2357}
2008-12-16 13:25 <DIR> --d-h--- C:\$AVG8.VAULT$
2008-12-16 12:37 10,520 a------- c:\windows\system32\avgrsstx.dll
2008-12-16 12:37 69,128 a------- c:\windows\system32\drivers\avgwfpx.sys
2008-12-16 12:37 97,928 a------- c:\windows\system32\drivers\avgldx86.sys
2008-12-16 12:36 <DIR> --d----- c:\windows\system32\drivers\Avg
2008-12-16 12:36 <DIR> --d----- c:\program files\AVG
2008-12-16 12:36 <DIR> --d----- c:\programdata\avg8
2008-12-16 12:36 <DIR> --d----- c:\progra~2\avg8
2008-12-15 19:10 <DIR> --d----- c:\users\kevgeez\appdata\roaming\Research In Motion
2008-12-15 18:37 <DIR> --d----- c:\programdata\Sonic
2008-12-15 18:33 <DIR> --d----- c:\programdata\Roxio
2008-12-15 18:33 <DIR> --d----- c:\program files\common files\Sonic Shared
2008-12-15 18:33 <DIR> --d----- c:\program files\Roxio
2008-12-15 18:27 26,496 a------- c:\windows\system32\drivers\RimSerial.sys
2008-12-15 18:25 <DIR> --d----- c:\program files\common files\Research In Motion
2008-12-15 18:25 <DIR> --d----- c:\program files\Research In Motion
2008-12-15 12:44 <DIR> --d----- c:\programdata\acccore
2008-12-15 12:44 <DIR> --d----- c:\progra~2\acccore
2008-12-15 12:41 <DIR> --d----- c:\programdata\AOL Downloads
2008-12-12 23:09 <DIR> --d----- c:\programdata\WindowsSearch
2008-12-12 16:31 <DIR> --d----- c:\programdata\Kaspersky Lab
2008-12-12 16:31 <DIR> --d----- c:\progra~2\Kaspersky Lab
2008-12-12 16:27 <DIR> --d----- c:\programdata\Kaspersky Lab Setup Files
2008-12-12 16:27 <DIR> --d----- c:\progra~2\Kaspersky Lab Setup Files
2008-11-30 00:31 1,524,736 a------- c:\windows\system32\wucltux.dll
2008-11-30 00:31 83,456 a------- c:\windows\system32\wudriver.dll
2008-11-30 00:30 162,064 a------- c:\windows\system32\wuwebv.dll
2008-11-30 00:30 31,232 a------- c:\windows\system32\wuapp.exe
2008-11-29 19:55 <DIR> --d----- c:\program files\WildGames
2008-11-27 11:13 <DIR> --d----- c:\program files\LBA2 Twinsen's Odyssey Demo
2008-11-26 12:43 410,976 a------- c:\windows\system32\deploytk.dll
2008-11-26 12:34 241,152 a------- c:\windows\system32\PortableDeviceApi.dll
2008-11-26 12:34 212,480 a------- c:\windows\system32\drivers\mrxsmb10.sys
2008-11-26 12:33 1,191,936 a------- c:\windows\system32\msxml3.dll
2008-11-26 12:33 712,704 a------- c:\windows\system32\WindowsCodecs.dll
2008-11-26 12:33 425,472 a------- c:\windows\system32\PhotoMetadataHandler.dll
2008-11-26 12:33 347,136 a------- c:\windows\system32\WindowsCodecsExt.dll
2008-11-26 12:33 1,645,568 a------- c:\windows\system32\connect.dll
2008-11-26 12:33 1,334,272 a------- c:\windows\system32\msxml6.dll
==================== Find3M ====================
2008-12-16 12:13 86,016 a------- c:\windows\inf\infstrng.dat
2008-12-16 12:13 86,016 a------- c:\windows\inf\infstor.dat
2008-12-16 12:13 51,200 a------- c:\windows\inf\infpub.dat
2008-12-12 13:24 123,952 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2008-12-12 13:24 10,671 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2008-12-12 13:24 805 a------- c:\windows\system32\drivers\SYMEVENT.INF
2008-10-28 07:58 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-10-26 11:19 174 a--sh--- c:\program files\desktop.ini
2008-10-26 10:50 665,600 a------- c:\windows\inf\drvindex.dat
2008-10-26 09:59 101,888 a------- c:\windows\system32\ifxcardm.dll
2008-10-26 09:59 82,432 a------- c:\windows\system32\axaltocm.dll
2008-10-14 02:27 356,352 a------- c:\windows\eSellerateEngine.dll
2008-10-01 22:49 827,392 a------- c:\windows\system32\wininet.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 07:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 07:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 04:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 04:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-05-23 10:03 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2008-05-23 10:03 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2008-05-23 10:03 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
2008-04-29 06:02 16,384 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2008-04-29 06:02 32,768 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2008-04-29 06:02 16,384 a--sh--- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
============= FINISH: 1:48:26.21 ===============
