DDS (Ver_09-02-01.01) - NTFSx86
Run by 26039 at 14:31:14.15 on 2009-03-09
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1508 [GMT -5:00]
AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated)
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated)
============== Running Processes ===============
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dll32.exe
C:\Documents and Settings\26039\Desktop\dds.pif
============== Pseudo HJT Report ===============
uStart Page = https://www.houstonwaterbills.houstontx.gov/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = http=localhost:7171
uInternet Settings,ProxyOverride = *.local;<local>
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptcl.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [LightScribe Control Panel] "c:\program files\common files\lightscribe\LightScribeControlPanel.exe" -hidden
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [dll] dll32
uRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [amd_dc_opt] "c:\program files\amd\dual-core optimizer\amd_dc_opt.exe"
mRun: [SetRefresh] "c:\program files\compaq\setrefresh\SetRefresh.exe"
mRun: [Recguard] "c:\windows\sminst\Recguard.exe"
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey
mRun: [DLA] "c:\windows\system32\dla\DLACTRLW.EXE"
mRun: [ISUSPM Startup] "c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [UserFaultCheck] "c:\windows\system32\dumprep.exe" 0 -u
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Discovery User Input] c:\discovery\user input\userin32.exe
mRun: [sysldtray] c:\windows\ld02.exe
dRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
dPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
dPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-85B0-34A760E0D5FE} - c:\program files\iepro\iepro.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: houstontx.gov\www.houstonwaterbills
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9713BCC8-6857-4B04-908D-D98F2D04DFAC} - hxxp://172.30.129.25:8080/cabs/vxreplay.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - No File
============= SERVICES / DRIVERS ===============
R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [2006-9-13 3840]
R1 mferkdk;VSCore mferkdk;c:\program files\mcafee\virusscan enterprise\mferkdk.sys [2008-10-6 31816]
R2 AS Media Proxy Service;AS Media Proxy Service;c:\program files\avaya\contact center express\desktop\media proxy service\ASMediaProxyService.exe [2007-9-24 20480]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2009-1-16 103744]
R2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\Mcshield.exe [2008-10-6 144704]
R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2008-10-6 54608]
R2 Nakido;Nakido;c:\program files\nakido\nakido.exe [2008-9-18 320000]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-6-25 24652]
R2 WDHLLKNL;WDHLLKNL;c:\windows\system32\drivers\Wdhllknl.sys [2002-11-26 4816]
R2 Wdworkstation;RUMBA AS/400 Shared Folders;c:\windows\system32\wdnpsvc.exe [2002-11-26 58672]
R3 CdProbe;CdProbe;c:\windows\system32\drivers\CDProbe.SYS [2009-3-6 12000]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2008-11-19 72904]
R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2008-11-19 34344]
R3 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2008-11-19 177672]
R3 MRXWDRDR;MRxWdNp;c:\windows\system32\drivers\mrxwdnp.sys [2002-11-26 267792]
S3 COAX;COAX;c:\windows\system32\drivers\coax.sys [2002-11-26 18424]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2009-2-3 28672]
S3 RMBS;RMBS;c:\windows\system32\drivers\rmbs.sys [2002-11-26 17828]
S3 TWXWD;TWXWD;c:\windows\system32\drivers\TwxWD.sys [2002-11-26 26964]
=============== Created Last 30 ================
2009-03-09 13:51 <DIR> --d----- C:\HJT
2009-03-09 12:03 664 a------- c:\windows\system32\d3d9caps.dat
2009-03-09 10:43 0 a------- c:\windows\system32\nfr.assembly
2009-03-09 10:43 1 ----h--- c:\windows\t55ft3518f44.dat
2009-03-09 10:43 13,824 a------- c:\windows\system32\dll32.exe
2009-03-09 10:42 12,288 ----h--- c:\windows\ld02.exe
2009-03-06 15:29 <DIR> --d----- c:\program files\Real Alternative
2009-03-06 13:54 <DIR> --d----- c:\program files\common files\Real
2009-03-06 08:46 12,000 a------- c:\windows\system32\drivers\CDProbe.SYS
2009-03-06 08:45 <DIR> --dsh--- C:\Discovery
2009-03-06 08:45 <DIR> --dsh--- C:\CENTENN.IAL
2009-02-24 17:17 59,396 a---h--- c:\windows\system32\mlfcache.dat
==================== Find3M ====================
2009-03-06 13:54 499,712 a------- c:\windows\system32\msvcp71.dll
2009-03-06 13:54 348,160 a------- c:\windows\system32\msvcr71.dll
2009-02-02 16:54 2,560 a------- c:\windows\_MSRSTRT.EXE
2009-01-26 12:00 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-26 11:57 607,640 a------- c:\program files\jxpiinstall-6u11-fcs-bin-b90-windows-i586-25_nov_2008.exe
2008-06-19 14:17 1,106 a------- c:\program files\launch.ica
============= FINISH: 14:31:36.15 ===============
Run by 26039 at 14:31:14.15 on 2009-03-09
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1508 [GMT -5:00]
AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated)
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated)
============== Running Processes ===============
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\McAfee\Common Framework\udaterui.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dll32.exe
C:\Documents and Settings\26039\Desktop\dds.pif
============== Pseudo HJT Report ===============
uStart Page = https://www.houstonwaterbills.houstontx.gov/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = http=localhost:7171
uInternet Settings,ProxyOverride = *.local;<local>
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptcl.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [LightScribe Control Panel] "c:\program files\common files\lightscribe\LightScribeControlPanel.exe" -hidden
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [dll] dll32
uRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [amd_dc_opt] "c:\program files\amd\dual-core optimizer\amd_dc_opt.exe"
mRun: [SetRefresh] "c:\program files\compaq\setrefresh\SetRefresh.exe"
mRun: [Recguard] "c:\windows\sminst\Recguard.exe"
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey
mRun: [DLA] "c:\windows\system32\dla\DLACTRLW.EXE"
mRun: [ISUSPM Startup] "c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [UserFaultCheck] "c:\windows\system32\dumprep.exe" 0 -u
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Discovery User Input] c:\discovery\user input\userin32.exe
mRun: [sysldtray] c:\windows\ld02.exe
dRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
dPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
dPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-85B0-34A760E0D5FE} - c:\program files\iepro\iepro.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: houstontx.gov\www.houstonwaterbills
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9713BCC8-6857-4B04-908D-D98F2D04DFAC} - hxxp://172.30.129.25:8080/cabs/vxreplay.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - No File
============= SERVICES / DRIVERS ===============
R0 atiide;atiide;c:\windows\system32\drivers\atiide.sys [2006-9-13 3840]
R1 mferkdk;VSCore mferkdk;c:\program files\mcafee\virusscan enterprise\mferkdk.sys [2008-10-6 31816]
R2 AS Media Proxy Service;AS Media Proxy Service;c:\program files\avaya\contact center express\desktop\media proxy service\ASMediaProxyService.exe [2007-9-24 20480]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2009-1-16 103744]
R2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\Mcshield.exe [2008-10-6 144704]
R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2008-10-6 54608]
R2 Nakido;Nakido;c:\program files\nakido\nakido.exe [2008-9-18 320000]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-6-25 24652]
R2 WDHLLKNL;WDHLLKNL;c:\windows\system32\drivers\Wdhllknl.sys [2002-11-26 4816]
R2 Wdworkstation;RUMBA AS/400 Shared Folders;c:\windows\system32\wdnpsvc.exe [2002-11-26 58672]
R3 CdProbe;CdProbe;c:\windows\system32\drivers\CDProbe.SYS [2009-3-6 12000]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2008-11-19 72904]
R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2008-11-19 34344]
R3 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2008-11-19 177672]
R3 MRXWDRDR;MRxWdNp;c:\windows\system32\drivers\mrxwdnp.sys [2002-11-26 267792]
S3 COAX;COAX;c:\windows\system32\drivers\coax.sys [2002-11-26 18424]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2009-2-3 28672]
S3 RMBS;RMBS;c:\windows\system32\drivers\rmbs.sys [2002-11-26 17828]
S3 TWXWD;TWXWD;c:\windows\system32\drivers\TwxWD.sys [2002-11-26 26964]
=============== Created Last 30 ================
2009-03-09 13:51 <DIR> --d----- C:\HJT
2009-03-09 12:03 664 a------- c:\windows\system32\d3d9caps.dat
2009-03-09 10:43 0 a------- c:\windows\system32\nfr.assembly
2009-03-09 10:43 1 ----h--- c:\windows\t55ft3518f44.dat
2009-03-09 10:43 13,824 a------- c:\windows\system32\dll32.exe
2009-03-09 10:42 12,288 ----h--- c:\windows\ld02.exe
2009-03-06 15:29 <DIR> --d----- c:\program files\Real Alternative
2009-03-06 13:54 <DIR> --d----- c:\program files\common files\Real
2009-03-06 08:46 12,000 a------- c:\windows\system32\drivers\CDProbe.SYS
2009-03-06 08:45 <DIR> --dsh--- C:\Discovery
2009-03-06 08:45 <DIR> --dsh--- C:\CENTENN.IAL
2009-02-24 17:17 59,396 a---h--- c:\windows\system32\mlfcache.dat
==================== Find3M ====================
2009-03-06 13:54 499,712 a------- c:\windows\system32\msvcp71.dll
2009-03-06 13:54 348,160 a------- c:\windows\system32\msvcr71.dll
2009-02-02 16:54 2,560 a------- c:\windows\_MSRSTRT.EXE
2009-01-26 12:00 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-26 11:57 607,640 a------- c:\program files\jxpiinstall-6u11-fcs-bin-b90-windows-i586-25_nov_2008.exe
2008-06-19 14:17 1,106 a------- c:\program files\launch.ica
============= FINISH: 14:31:36.15 ===============