Joined
·
2 Posts
Each time I click on links, Google-Redirect takes me to random websites that seem suspicious, also when I start up my computer I get errors saying a dll is missing, Random DLL names appear. Not much I can say, Since I don't know whats wrong.
DDS (Ver_09-03-16.01) - NTFSx86
Run by Veronica Gutierrez at 20:30:31.15 on Tue 04/28/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1534.980 [GMT -7:00]
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunes.exe
C:\WINDOWS\system32\wuauclt.exe
C:\program files\mozilla firefox\firefox.exe
C:\Documents and Settings\Veronica Gutierrez.NIGHTLORDXIV\Desktop\dds.scr
C:\Documents and Settings\Veronica Gutierrez.NIGHTLORDXIV\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3061022
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3061022
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uSearch Bar =
mSearch Page =
mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local
BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: {6BC45DB1-923B-477C-B7DD-6B1B3F1CD8E4} - No File
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: {fc51b9e2-8352-4d51-86c1-6f62a28b8bb3} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [autochk] rundll32.exe c:\windows\system32\autochk.dll,[email protected]
dRun: [<NO NAME>] c:\windows\temp\aebwfst52e.exe
dRun: [Windows Resurections] c:\windows\temp\aebwfst52e.exe
dRun: [Diagnostic Manager] c:\windows\temp\4229896592.exe
dRun: [A00F1266E0.exe] c:\windows\temp\_A00F1266E0.exe
StartupFolder: c:\documents and settings\veronica gutierrez.nightlordxiv\start menu\programs\startup\ChkDisk.dll
StartupFolder: c:\docume~1\veroni~1.nig\startm~1\programs\startup\chkdisk.lnk - c:\windows\system32\rundll32.exe
StartupFolder: c:\docume~1\veroni~1.nig\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdock\ObjectDock.exe
StartupFolder: c:\docume~1\veroni~1.nig\startm~1\programs\startup\xfire.lnk - c:\program files\xfire\Xfire.exe
dPolicies-explorer: NoFolderOptions = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: qxuari.dll c:\windows\system32\ c:\windows\system32\zipavagi.dll ,
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
LSA: Notification Packages =
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\veroni~1.nig\applic~1\mozilla\firefox\profiles\duta88to.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - Search the web
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US
fficial
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
============= SERVICES / DRIVERS ===============
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-4-16 130424]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [2008-8-17 33824]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-9-29 24652]
R3 vkeyfdo;Virtual Keybord Function Driver;c:\windows\system32\drivers\vkeyfdo.sys [2008-10-2 11336]
S2 IEPro;IEPro;"c:\program files\internet explorer\plugins\iepro.exe" --> c:\program files\internet explorer\plugins\IEpro.exe [?]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\program files\common files\nero\nero backitup 4\nbservice.exe --> c:\program files\common files\nero\nero backitup 4\NBService.exe [?]
S3 DAEDriver54;DAEDriver54;\??\c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\da + dspider0\dak32.sys --> c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\da + dspider0\dak32.sys [?]
S3 DBKDRVR54;DBKDRVR54;\??\c:\program files\cheat engine\dbk32.sys --> c:\program files\cheat engine\dbk32.sys [?]
S3 iCheat1;iCheat1;\??\c:\docume~1\veroni~1\locals~1\temp\rar$ex00.313\icheat_2_rev_1105\idriver.sys --> c:\docume~1\veroni~1\locals~1\temp\rar$ex00.313\icheat_2_rev_1105\iDriver.sys [?]
S3 IlvMoneyDRIVER53;IlvMoneyDRIVER53;\??\c:\docume~1\veroni~1.nig\locals~1\temp\ir_ext_temp_0\autoplay\docs\united engine\ilvmoney1236.sys --> c:\docume~1\veroni~1.nig\locals~1\temp\ir_ext_temp_0\autoplay\docs\united engine\IlvMoney1236.sys [?]
S3 maxD20081102;maxD20081102;\??\c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\binary\max20081102.sys --> c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\binary\max20081102.sys [?]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-9-7 18176]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-9-7 7680]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2008-9-7 42112]
S3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\drivers\Neo_0016.sys [2008-9-10 22264]
S3 ROCKSTAR;ROCKSTAR;\??\c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\nooblegend\ksysdrv.sys --> c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\nooblegend\ksysdrv.sys [?]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys --> c:\windows\system32\drivers\wg111v2.sys [?]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2008-11-22 23064]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-4-16 348752]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-4-16 1095560]
S3 sora121;sora121;\??\c:\documents and settings\veronica gutierrez\desktop\sora engine2.90\sora12.sys --> c:\documents and settings\veronica gutierrez\desktop\sora engine2.90\sora12.sys [?]
S3 zenx1;zenx1;\??\c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\new folder\zenx.sys --> c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\new folder\zenx.sys [?]
=============== Created Last 30 ================
2009-04-28 19:33 24,064 a--sh--- c:\windows\system32\autochk.dll
2009-04-28 05:06 24,064 a--sh--- c:\documents and settings\veronica gutierrez.nightlordxiv\protect.dll
2009-04-28 05:06 27,648 a------- c:\windows\system32\lmppcsetup.exe
2009-04-27 14:39 439 a------- c:\windows\system32\win32hlp.cnf
2009-04-27 14:27 104,960 a------- c:\windows\system32\dllcache\userinit.exe
2009-04-27 14:27 29,696 a------- c:\windows\system32\loader49.exe
2009-04-27 02:57 <DIR> --d----- C:\Combat Arms
2009-04-25 14:52 <DIR> --d----- c:\program files\Pixelan
2009-04-25 14:43 <DIR> --d----- c:\program files\NewBlue
2009-04-25 14:42 <DIR> --d----- c:\program files\Magic Bullet Editors 2.0 Vegas
2009-04-25 14:37 <DIR> --d----- c:\program files\Vstplugins
2009-04-25 14:36 <DIR> --d----- c:\program files\Sony
2009-04-25 14:35 <DIR> --d----- c:\program files\Sony Setup
2009-04-23 20:36 <DIR> --d----- C:\$WINDOWS.~BT
2009-04-23 20:36 622 a------- C:\xcrashdump.dat
2009-04-23 20:25 <DIR> --d----- c:\windows\Performance
2009-04-23 20:25 <DIR> --d----- c:\program files\Microsoft Windows Vista Upgrade Advisor
2009-04-23 20:09 155 a------- c:\windows\system32\SelfDel.bat
2009-04-23 19:20 39,936 a------- c:\windows\system32\winglsetup.exe
2009-04-23 18:43 1,905 a------- c:\windows\diagwrn.xml
2009-04-23 18:43 1,905 a------- c:\windows\diagerr.xml
2009-04-22 05:15 <DIR> --d----- c:\program files\iPod
2009-04-22 05:15 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-22 05:14 <DIR> --d----- c:\program files\Bonjour
2009-04-22 05:13 1,900,544 a------- c:\windows\system32\usbaaplrc.dll
2009-04-20 16:58 15,000 a------- c:\windows\system32\sf87wuijndoio43j.dll
2009-04-17 04:16 <DIR> --d----- c:\program files\Application Compatibility Toolkit
2009-04-17 04:16 <DIR> --d----- c:\program files\Support Tools
2009-04-17 03:41 573,411 a----r-- C:\txtsetup.sif
2009-04-17 03:41 259,776 a----r-- C:\$LDR$
2009-04-16 19:43 <DIR> --d----- c:\program files\Pando Networks
2009-04-16 18:42 1,846,632 a------- c:\windows\system32\D3DCompiler_41.dll
2009-04-16 18:42 453,456 a------- c:\windows\system32\d3dx10_41.dll
2009-04-16 18:42 4,178,264 a------- c:\windows\system32\D3DX9_41.dll
2009-04-16 18:42 517,448 a------- c:\windows\system32\XAudio2_4.dll
2009-04-16 18:42 235,352 a------- c:\windows\system32\xactengine3_4.dll
2009-04-16 18:42 69,448 a------- c:\windows\system32\XAPOFX1_3.dll
2009-04-16 18:42 22,360 a------- c:\windows\system32\X3DAudio1_6.dll
2009-04-16 13:02 1,089,593 -------- c:\windows\system32\dllcache\ntprint.cat
2009-04-16 08:12 21,504 a------- c:\windows\system32\ak1.exe
2009-04-16 03:20 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-04-16 03:20 130,424 a------- c:\windows\system32\drivers\PCTCore.sys
2009-04-16 03:20 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys
2009-04-16 03:19 64,392 a------- c:\windows\system32\drivers\pctplsg.sys
2009-04-16 03:19 <DIR> --d----- c:\program files\common files\PC Tools
2009-04-16 03:19 <DIR> --d----- c:\program files\Spyware Doctor
2009-04-16 03:19 <DIR> --d----- c:\docume~1\veroni~1.nig\applic~1\PC Tools
2009-04-16 03:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2009-04-16 03:19 1,386,496 a------- c:\windows\system32\msvbvm60.dll
2009-04-16 02:18 82,432 ----h--t c:\windows\system32\7bdb75.dll
2009-04-16 02:18 82,432 ----h--t c:\windows\system32\277b8208.dll
2009-04-16 01:11 <DIR> --d----- c:\docume~1\veroni~1.nig\applic~1\Uniblue
2009-04-16 01:10 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\~0
2009-04-16 00:39 <DIR> --d----- c:\program files\Trend Micro
2009-04-15 22:47 7,680 a--sh--- c:\windows\system32\Thumbs.db
2009-04-15 22:47 19,456 a--sh--- c:\windows\Thumbs.db
2009-04-15 22:41 453,152 a------- c:\windows\system32\nvudisp.exe
2009-04-15 22:41 215,383 a------- c:\windows\system32\nvapps.xml
2009-04-15 22:41 19,054 a------- c:\windows\system32\nvdisp.nvu
2009-04-15 22:41 <DIR> --d----- c:\windows\nview
2009-04-15 22:41 453,152 a------- c:\windows\system32\NVUNINST.EXE
2009-04-15 22:13 <DIR> --d----- c:\windows\system32\XPSViewer
2009-04-15 19:05 <DIR> --ds---- c:\windows\Downloaded Program Files
2009-04-15 18:12 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-04-15 18:12 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-15 18:12 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-04-15 17:53 578,560 a------- c:\windows\system32\dllcache\user32.dll
2009-04-15 14:33 82,432 ----h--t c:\windows\system32\1a3241db.dll
2009-04-15 14:33 82,432 ----h--t c:\windows\system32\15f10b98.dll
2009-04-15 12:05 284,160 -------- c:\windows\system32\dllcache\pdh.dll
2009-04-15 12:05 401,408 -------- c:\windows\system32\dllcache\rpcss.dll
2009-04-15 12:04 473,600 -------- c:\windows\system32\dllcache\fastprox.dll
2009-04-15 12:04 110,592 -------- c:\windows\system32\dllcache\services.exe
2009-04-15 12:04 453,120 -------- c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 12:04 227,840 -------- c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 12:04 729,088 -------- c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 12:04 714,752 -------- c:\windows\system32\dllcache\ntdll.dll
2009-04-15 12:04 617,472 -------- c:\windows\system32\dllcache\advapi32.dll
2009-04-15 12:03 1,203,922 -------- c:\windows\system32\dllcache\sysmain.sdb
2009-04-15 12:03 215,552 -------- c:\windows\system32\dllcache\wordpad.exe
2009-04-14 11:17 41,808 a------- c:\windows\system32\xfcodec.dll
==================== Find3M ====================
2009-04-27 20:51 1,984 a------- c:\windows\system32\d3d9caps.dat
2009-04-27 14:39 1,648 a------- c:\windows\system32\d3d8caps.dat
2009-04-27 14:27 104,960 a------- c:\windows\system32\userinit.exe
2009-04-17 00:05 77,859 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-03-26 15:23 36,864 a------- c:\windows\system32\drivers\usbaapl.sys
2009-03-21 07:06 989,696 -------- c:\windows\system32\dllcache\kernel32.dll
2009-03-19 16:32 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-06 07:22 284,160 a------- c:\windows\system32\pdh.dll
2009-03-02 17:18 826,368 a------- c:\windows\system32\wininet.dll
2009-03-02 17:18 826,368 a------- c:\windows\system32\dllcache\wininet.dll
2009-02-27 21:54 636,072 a------- c:\windows\system32\dllcache\iexplore.exe
2009-02-20 03:20 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-02-20 03:20 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-02-19 22:14 161,792 a------- c:\windows\system32\dllcache\ieakui.dll
2009-02-19 12:51 16,608 a------- c:\windows\gdrv.sys
2009-02-09 05:10 729,088 a------- c:\windows\system32\lsasrv.dll
2009-02-09 05:10 714,752 a------- c:\windows\system32\ntdll.dll
2009-02-09 05:10 617,472 a------- c:\windows\system32\advapi32.dll
2009-02-09 05:10 401,408 a------- c:\windows\system32\rpcss.dll
2009-02-09 04:13 1,846,784 a------- c:\windows\system32\win32k.sys
2009-02-09 04:13 1,846,784 -------- c:\windows\system32\dllcache\win32k.sys
2009-02-07 19:02 2,066,048 a------- c:\windows\system32\ntkrnlpa.exe
2009-02-07 19:02 2,066,048 a------- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-06 19:52 49,504 a------- c:\windows\system32\sirenacm.dll
2009-02-06 04:11 110,592 a------- c:\windows\system32\services.exe
2009-02-06 04:08 2,189,056 a------- c:\windows\system32\ntoskrnl.exe
2009-02-06 04:08 2,189,056 a------- c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-06 04:06 2,145,280 -------- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-06 03:39 35,328 a------- c:\windows\system32\sc.exe
2009-02-06 03:39 35,328 a------- c:\windows\system32\dllcache\sc.exe
2009-02-06 03:32 2,023,936 -------- c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-03 12:59 56,832 a------- c:\windows\system32\secur32.dll
2009-02-03 12:59 56,832 -------- c:\windows\system32\dllcache\secur32.dll
2009-01-24 12:25 22,328 a------- c:\docume~1\veroni~1.nig\applic~1\PnkBstrK.sys
2007-11-29 18:32 32 ac------ c:\docume~1\alluse~1\applic~1\ezsid.dat
2007-12-22 20:10 88 ---shr-- c:\windows\system32\7925C54BCA.sys
2007-12-22 20:10 3,350 ac-sh--- c:\windows\system32\KGyGaAvL.sys
2008-07-17 15:03 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008071720080718\index.dat
============= FINISH: 20:30:49.71 ===============
DDS (Ver_09-03-16.01) - NTFSx86
Run by Veronica Gutierrez at 20:30:31.15 on Tue 04/28/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1534.980 [GMT -7:00]
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunes.exe
C:\WINDOWS\system32\wuauclt.exe
C:\program files\mozilla firefox\firefox.exe
C:\Documents and Settings\Veronica Gutierrez.NIGHTLORDXIV\Desktop\dds.scr
C:\Documents and Settings\Veronica Gutierrez.NIGHTLORDXIV\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3061022
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=3061022
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uSearch Bar =
mSearch Page =
mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local
BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: {6BC45DB1-923B-477C-B7DD-6B1B3F1CD8E4} - No File
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: {fc51b9e2-8352-4d51-86c1-6f62a28b8bb3} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [autochk] rundll32.exe c:\windows\system32\autochk.dll,[email protected]
dRun: [<NO NAME>] c:\windows\temp\aebwfst52e.exe
dRun: [Windows Resurections] c:\windows\temp\aebwfst52e.exe
dRun: [Diagnostic Manager] c:\windows\temp\4229896592.exe
dRun: [A00F1266E0.exe] c:\windows\temp\_A00F1266E0.exe
StartupFolder: c:\documents and settings\veronica gutierrez.nightlordxiv\start menu\programs\startup\ChkDisk.dll
StartupFolder: c:\docume~1\veroni~1.nig\startm~1\programs\startup\chkdisk.lnk - c:\windows\system32\rundll32.exe
StartupFolder: c:\docume~1\veroni~1.nig\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdock\ObjectDock.exe
StartupFolder: c:\docume~1\veroni~1.nig\startm~1\programs\startup\xfire.lnk - c:\program files\xfire\Xfire.exe
dPolicies-explorer: NoFolderOptions = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: qxuari.dll c:\windows\system32\ c:\windows\system32\zipavagi.dll ,
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,
LSA: Notification Packages =
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\veroni~1.nig\applic~1\mozilla\firefox\profiles\duta88to.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
FF - prefs.js: browser.search.selectedEngine - Search the web
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US
fficialFF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
============= SERVICES / DRIVERS ===============
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-4-16 130424]
R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [2008-8-17 33824]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-9-29 24652]
R3 vkeyfdo;Virtual Keybord Function Driver;c:\windows\system32\drivers\vkeyfdo.sys [2008-10-2 11336]
S2 IEPro;IEPro;"c:\program files\internet explorer\plugins\iepro.exe" --> c:\program files\internet explorer\plugins\IEpro.exe [?]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\program files\common files\nero\nero backitup 4\nbservice.exe --> c:\program files\common files\nero\nero backitup 4\NBService.exe [?]
S3 DAEDriver54;DAEDriver54;\??\c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\da + dspider0\dak32.sys --> c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\da + dspider0\dak32.sys [?]
S3 DBKDRVR54;DBKDRVR54;\??\c:\program files\cheat engine\dbk32.sys --> c:\program files\cheat engine\dbk32.sys [?]
S3 iCheat1;iCheat1;\??\c:\docume~1\veroni~1\locals~1\temp\rar$ex00.313\icheat_2_rev_1105\idriver.sys --> c:\docume~1\veroni~1\locals~1\temp\rar$ex00.313\icheat_2_rev_1105\iDriver.sys [?]
S3 IlvMoneyDRIVER53;IlvMoneyDRIVER53;\??\c:\docume~1\veroni~1.nig\locals~1\temp\ir_ext_temp_0\autoplay\docs\united engine\ilvmoney1236.sys --> c:\docume~1\veroni~1.nig\locals~1\temp\ir_ext_temp_0\autoplay\docs\united engine\IlvMoney1236.sys [?]
S3 maxD20081102;maxD20081102;\??\c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\binary\max20081102.sys --> c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\binary\max20081102.sys [?]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2008-9-7 18176]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2008-9-7 7680]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2008-9-7 42112]
S3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\drivers\Neo_0016.sys [2008-9-10 22264]
S3 ROCKSTAR;ROCKSTAR;\??\c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\nooblegend\ksysdrv.sys --> c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\nooblegend\ksysdrv.sys [?]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys --> c:\windows\system32\drivers\wg111v2.sys [?]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2008-11-22 23064]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-4-16 348752]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2009-4-16 1095560]
S3 sora121;sora121;\??\c:\documents and settings\veronica gutierrez\desktop\sora engine2.90\sora12.sys --> c:\documents and settings\veronica gutierrez\desktop\sora engine2.90\sora12.sys [?]
S3 zenx1;zenx1;\??\c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\new folder\zenx.sys --> c:\documents and settings\veronica gutierrez.nightlordxiv\desktop\new folder\zenx.sys [?]
=============== Created Last 30 ================
2009-04-28 19:33 24,064 a--sh--- c:\windows\system32\autochk.dll
2009-04-28 05:06 24,064 a--sh--- c:\documents and settings\veronica gutierrez.nightlordxiv\protect.dll
2009-04-28 05:06 27,648 a------- c:\windows\system32\lmppcsetup.exe
2009-04-27 14:39 439 a------- c:\windows\system32\win32hlp.cnf
2009-04-27 14:27 104,960 a------- c:\windows\system32\dllcache\userinit.exe
2009-04-27 14:27 29,696 a------- c:\windows\system32\loader49.exe
2009-04-27 02:57 <DIR> --d----- C:\Combat Arms
2009-04-25 14:52 <DIR> --d----- c:\program files\Pixelan
2009-04-25 14:43 <DIR> --d----- c:\program files\NewBlue
2009-04-25 14:42 <DIR> --d----- c:\program files\Magic Bullet Editors 2.0 Vegas
2009-04-25 14:37 <DIR> --d----- c:\program files\Vstplugins
2009-04-25 14:36 <DIR> --d----- c:\program files\Sony
2009-04-25 14:35 <DIR> --d----- c:\program files\Sony Setup
2009-04-23 20:36 <DIR> --d----- C:\$WINDOWS.~BT
2009-04-23 20:36 622 a------- C:\xcrashdump.dat
2009-04-23 20:25 <DIR> --d----- c:\windows\Performance
2009-04-23 20:25 <DIR> --d----- c:\program files\Microsoft Windows Vista Upgrade Advisor
2009-04-23 20:09 155 a------- c:\windows\system32\SelfDel.bat
2009-04-23 19:20 39,936 a------- c:\windows\system32\winglsetup.exe
2009-04-23 18:43 1,905 a------- c:\windows\diagwrn.xml
2009-04-23 18:43 1,905 a------- c:\windows\diagerr.xml
2009-04-22 05:15 <DIR> --d----- c:\program files\iPod
2009-04-22 05:15 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-22 05:14 <DIR> --d----- c:\program files\Bonjour
2009-04-22 05:13 1,900,544 a------- c:\windows\system32\usbaaplrc.dll
2009-04-20 16:58 15,000 a------- c:\windows\system32\sf87wuijndoio43j.dll
2009-04-17 04:16 <DIR> --d----- c:\program files\Application Compatibility Toolkit
2009-04-17 04:16 <DIR> --d----- c:\program files\Support Tools
2009-04-17 03:41 573,411 a----r-- C:\txtsetup.sif
2009-04-17 03:41 259,776 a----r-- C:\$LDR$
2009-04-16 19:43 <DIR> --d----- c:\program files\Pando Networks
2009-04-16 18:42 1,846,632 a------- c:\windows\system32\D3DCompiler_41.dll
2009-04-16 18:42 453,456 a------- c:\windows\system32\d3dx10_41.dll
2009-04-16 18:42 4,178,264 a------- c:\windows\system32\D3DX9_41.dll
2009-04-16 18:42 517,448 a------- c:\windows\system32\XAudio2_4.dll
2009-04-16 18:42 235,352 a------- c:\windows\system32\xactengine3_4.dll
2009-04-16 18:42 69,448 a------- c:\windows\system32\XAPOFX1_3.dll
2009-04-16 18:42 22,360 a------- c:\windows\system32\X3DAudio1_6.dll
2009-04-16 13:02 1,089,593 -------- c:\windows\system32\dllcache\ntprint.cat
2009-04-16 08:12 21,504 a------- c:\windows\system32\ak1.exe
2009-04-16 03:20 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-04-16 03:20 130,424 a------- c:\windows\system32\drivers\PCTCore.sys
2009-04-16 03:20 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys
2009-04-16 03:19 64,392 a------- c:\windows\system32\drivers\pctplsg.sys
2009-04-16 03:19 <DIR> --d----- c:\program files\common files\PC Tools
2009-04-16 03:19 <DIR> --d----- c:\program files\Spyware Doctor
2009-04-16 03:19 <DIR> --d----- c:\docume~1\veroni~1.nig\applic~1\PC Tools
2009-04-16 03:19 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2009-04-16 03:19 1,386,496 a------- c:\windows\system32\msvbvm60.dll
2009-04-16 02:18 82,432 ----h--t c:\windows\system32\7bdb75.dll
2009-04-16 02:18 82,432 ----h--t c:\windows\system32\277b8208.dll
2009-04-16 01:11 <DIR> --d----- c:\docume~1\veroni~1.nig\applic~1\Uniblue
2009-04-16 01:10 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\~0
2009-04-16 00:39 <DIR> --d----- c:\program files\Trend Micro
2009-04-15 22:47 7,680 a--sh--- c:\windows\system32\Thumbs.db
2009-04-15 22:47 19,456 a--sh--- c:\windows\Thumbs.db
2009-04-15 22:41 453,152 a------- c:\windows\system32\nvudisp.exe
2009-04-15 22:41 215,383 a------- c:\windows\system32\nvapps.xml
2009-04-15 22:41 19,054 a------- c:\windows\system32\nvdisp.nvu
2009-04-15 22:41 <DIR> --d----- c:\windows\nview
2009-04-15 22:41 453,152 a------- c:\windows\system32\NVUNINST.EXE
2009-04-15 22:13 <DIR> --d----- c:\windows\system32\XPSViewer
2009-04-15 19:05 <DIR> --ds---- c:\windows\Downloaded Program Files
2009-04-15 18:12 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-04-15 18:12 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-15 18:12 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-04-15 17:53 578,560 a------- c:\windows\system32\dllcache\user32.dll
2009-04-15 14:33 82,432 ----h--t c:\windows\system32\1a3241db.dll
2009-04-15 14:33 82,432 ----h--t c:\windows\system32\15f10b98.dll
2009-04-15 12:05 284,160 -------- c:\windows\system32\dllcache\pdh.dll
2009-04-15 12:05 401,408 -------- c:\windows\system32\dllcache\rpcss.dll
2009-04-15 12:04 473,600 -------- c:\windows\system32\dllcache\fastprox.dll
2009-04-15 12:04 110,592 -------- c:\windows\system32\dllcache\services.exe
2009-04-15 12:04 453,120 -------- c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 12:04 227,840 -------- c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 12:04 729,088 -------- c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 12:04 714,752 -------- c:\windows\system32\dllcache\ntdll.dll
2009-04-15 12:04 617,472 -------- c:\windows\system32\dllcache\advapi32.dll
2009-04-15 12:03 1,203,922 -------- c:\windows\system32\dllcache\sysmain.sdb
2009-04-15 12:03 215,552 -------- c:\windows\system32\dllcache\wordpad.exe
2009-04-14 11:17 41,808 a------- c:\windows\system32\xfcodec.dll
==================== Find3M ====================
2009-04-27 20:51 1,984 a------- c:\windows\system32\d3d9caps.dat
2009-04-27 14:39 1,648 a------- c:\windows\system32\d3d8caps.dat
2009-04-27 14:27 104,960 a------- c:\windows\system32\userinit.exe
2009-04-17 00:05 77,859 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-03-26 15:23 36,864 a------- c:\windows\system32\drivers\usbaapl.sys
2009-03-21 07:06 989,696 -------- c:\windows\system32\dllcache\kernel32.dll
2009-03-19 16:32 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-06 07:22 284,160 a------- c:\windows\system32\pdh.dll
2009-03-02 17:18 826,368 a------- c:\windows\system32\wininet.dll
2009-03-02 17:18 826,368 a------- c:\windows\system32\dllcache\wininet.dll
2009-02-27 21:54 636,072 a------- c:\windows\system32\dllcache\iexplore.exe
2009-02-20 03:20 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-02-20 03:20 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-02-19 22:14 161,792 a------- c:\windows\system32\dllcache\ieakui.dll
2009-02-19 12:51 16,608 a------- c:\windows\gdrv.sys
2009-02-09 05:10 729,088 a------- c:\windows\system32\lsasrv.dll
2009-02-09 05:10 714,752 a------- c:\windows\system32\ntdll.dll
2009-02-09 05:10 617,472 a------- c:\windows\system32\advapi32.dll
2009-02-09 05:10 401,408 a------- c:\windows\system32\rpcss.dll
2009-02-09 04:13 1,846,784 a------- c:\windows\system32\win32k.sys
2009-02-09 04:13 1,846,784 -------- c:\windows\system32\dllcache\win32k.sys
2009-02-07 19:02 2,066,048 a------- c:\windows\system32\ntkrnlpa.exe
2009-02-07 19:02 2,066,048 a------- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-06 19:52 49,504 a------- c:\windows\system32\sirenacm.dll
2009-02-06 04:11 110,592 a------- c:\windows\system32\services.exe
2009-02-06 04:08 2,189,056 a------- c:\windows\system32\ntoskrnl.exe
2009-02-06 04:08 2,189,056 a------- c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-06 04:06 2,145,280 -------- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-06 03:39 35,328 a------- c:\windows\system32\sc.exe
2009-02-06 03:39 35,328 a------- c:\windows\system32\dllcache\sc.exe
2009-02-06 03:32 2,023,936 -------- c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-03 12:59 56,832 a------- c:\windows\system32\secur32.dll
2009-02-03 12:59 56,832 -------- c:\windows\system32\dllcache\secur32.dll
2009-01-24 12:25 22,328 a------- c:\docume~1\veroni~1.nig\applic~1\PnkBstrK.sys
2007-11-29 18:32 32 ac------ c:\docume~1\alluse~1\applic~1\ezsid.dat
2007-12-22 20:10 88 ---shr-- c:\windows\system32\7925C54BCA.sys
2007-12-22 20:10 3,350 ac-sh--- c:\windows\system32\KGyGaAvL.sys
2008-07-17 15:03 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008071720080718\index.dat
============= FINISH: 20:30:49.71 ===============
