003294
2010-06-16, 00:23
I've got a right media prob. DDS & SPYBOT LOGS ATTACHED
DDS (Ver_10-03-17.01) - NTFSx86
Run by Admin at 22:22:09.40 on 15/06/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.44.1033.18.2047.1048 [GMT 1:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
svchost.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\AHEAD\NEROPH~2\DATA\XTRAS\MSSYSMGR.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Belkin\F5D7051\WLService.exe
C:\Program Files\Belkin\F5D7051\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Trigold\Update\TRUService.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Admin\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://bbc.co.uk/news
uURLSearchHooks: thechatterbox.cc Toolbar: {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - c:\program files\thechatterbox.cc\tbthe1.dll
uURLSearchHooks: W1zardm0ds.co.uk Toolbar: {813cf69b-bebf-423d-9936-eb451ffab26f} - c:\program files\w1zardm0ds.co.uk\tbW1z0.dll
BHO: thechatterbox.cc Toolbar: {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - c:\program files\thechatterbox.cc\tbthe1.dll
{02478d38-c3f9-4efb-9b51-7695eca05670}
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: W1zardm0ds.co.uk Toolbar: {813cf69b-bebf-423d-9936-eb451ffab26f} - c:\program files\w1zardm0ds.co.uk\tbW1z0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: thechatterbox.cc Toolbar: {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - c:\program files\thechatterbox.cc\tbthe1.dll
TB: W1zardm0ds.co.uk Toolbar: {813cf69b-bebf-423d-9936-eb451ffab26f} - c:\program files\w1zardm0ds.co.uk\tbW1z0.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [PhotoShow Deluxe Media Manager] c:\progra~1\ahead\neroph~2\data\xtras\MSSYSMGR.EXE
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [WinSys2] c:\windows\system32\winsys2.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: threesixtytraining.co.uk\www
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3EDBA9C8-BB88-4DB6-9EB4-CA2BDAEF10FC} - hxxp://downloads.privatepost.com/files/ppZDHelper/ppZDHelper.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} - hxxp://www.landlorddirect.com/js/ImageUploader6.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://btc.webex.com/client/T25LSP41EP13-LOCKDOWN/webex/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {B5475F04-47B0-4D4E-BFE7-E842F18F1492} = 4.2.2.2,4.2.2.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-5-23 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-5-23 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-5-23 242896]
R1 RapportKELL;RapportKELL;c:\program files\trusteer\rapport\bin\RapportKELL.sys [2010-6-7 59240]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2010-6-7 166632]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-5-23 308064]
R2 MSSQL$INERTIA3_SQL2005;SQL Server (INERTIA3_SQL2005);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2009-5-27 29262680]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-5-8 632792]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2010-6-7 840936]
R2 TRUService;TrigoldCrystal Update Service;c:\program files\trigold\update\TRUService.exe [2009-10-31 135816]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-10 136176]
S3 PLCND532;PLCND532 NDIS Protocol Driver;c:\windows\system32\drivers\plcnd532.sys --> c:\windows\system32\drivers\PLCND532.sys [?]
=============== Created Last 30 ================
2010-06-10 20:19:34 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-09 19:50:30 0 d-----w- c:\windows\system32\LogFiles
2010-06-09 19:50:03 0 d-sh--w- c:\documents and settings\admin\IECompatCache
2010-06-05 20:42:53 0 d-----w- c:\windows\system32\XPSViewer
2010-06-05 20:42:12 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-06-05 20:42:12 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-06-05 20:42:12 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-06-05 20:42:12 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-06-05 20:42:12 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-06-05 20:42:12 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-06-05 20:42:12 117760 ------w- c:\windows\system32\prntvpt.dll
2010-06-05 15:38:59 0 d-sh--w- c:\documents and settings\admin\PrivacIE
2010-06-05 14:12:10 0 d-sh--w- c:\documents and settings\admin\IETldCache
2010-06-05 14:00:08 41984 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-06-05 13:59:56 0 d-----w- c:\windows\ie8updates
2010-06-05 13:59:48 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-06-05 13:59:48 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-06-05 13:58:14 0 dc-h--w- c:\windows\ie8
2010-06-05 12:56:25 0 d-----w- c:\windows\SQLTools9_KB970892_ENU
2010-06-05 12:55:10 0 d-----w- c:\windows\SQL9_KB970892_ENU
2010-06-05 12:23:09 293376 ------w- c:\windows\system32\browserchoice.exe
2010-05-29 09:09:06 0 d-----w- c:\program files\NETGEAR XAV101 Configuration Utility
2010-05-28 12:13:13 0 d-s---w- C:\ComboFix
2010-05-24 21:51:37 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-24 21:51:35 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-23 23:14:25 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-05-23 23:14:25 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-23 22:44:02 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-05-23 22:43:59 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-05-23 22:43:53 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-05-23 22:43:47 0 d-----w- c:\windows\system32\drivers\Avg
2010-05-19 19:38:57 17801 ----a-w- c:\windows\system32\drivers\AegisP.sys
2010-05-19 19:38:49 40960 ----a-w- c:\windows\system32\F5D7051.dll
2010-05-19 19:38:49 29184 ----a-w- c:\windows\system32\drivers\RNDISMPK.sys
2010-05-19 19:38:49 13824 ----a-w- c:\windows\system32\drivers\usb8023k.sys
2010-05-19 19:38:47 94208 ----a-w- c:\windows\system32\GTW32N50.dll
2010-05-19 19:38:47 31930 ----a-w- c:\windows\system32\GTNDIS3.VXD
2010-05-19 19:38:47 15872 ----a-w- c:\windows\system32\GTNDIS5.sys
2010-05-19 19:38:46 1396831 ----a-w- c:\windows\system32\AegisE5.dll
2010-05-19 19:38:46 0 d-----w- c:\program files\Belkin
==================== Find3M ====================
2010-05-14 12:00:54 36096 ----a-w- c:\windows\system32\drivers\intelppm.sys
2010-05-06 17:43:30 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-05-06 10:41:53 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 05:56:34 1850880 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 10:05:36 4212 ---h--w- c:\windows\system32\zllictbl.dat
2010-04-20 05:51:20 285696 ----a-w- c:\windows\system32\atmfd.dll
============= FINISH: 22:22:51.01 ===============
SPYBOT
--- Report generated: 2010-06-06 15:33 ---
Right Media: Tracking cookie (Internet Explorer: Admin) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2008-07-07 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2010-04-22 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-02-17 Includes\Adware.sbi (*)
2010-05-25 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-05-25 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-05-25 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-05-25 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-05-25 Includes\Malware.sbi (*)
2010-05-25 Includes\MalwareC.sbi (*)
2010-05-18 Includes\PUPS.sbi (*)
2010-05-18 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-05-25 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-03-02 Includes\Spyware.sbi (*)
2010-05-25 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-05-26 Includes\Trojans.sbi (*)
2010-05-25 Includes\TrojansC-02.sbi (*)
2010-05-25 Includes\TrojansC-03.sbi (*)
2010-05-25 Includes\TrojansC-04.sbi (*)
2010-05-25 Includes\TrojansC-05.sbi (*)
2010-05-25 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
km2357 was helping me before but due to my inactivity it got archived. Apologies
http://forums.spybot.info/showthread.php?p=373087#post373087
DDS (Ver_10-03-17.01) - NTFSx86
Run by Admin at 22:22:09.40 on 15/06/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.44.1033.18.2047.1048 [GMT 1:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
svchost.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\AHEAD\NEROPH~2\DATA\XTRAS\MSSYSMGR.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Belkin\F5D7051\WLService.exe
C:\Program Files\Belkin\F5D7051\WLanCfgG.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\system32\svchost.exe -k HPService
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Trigold\Update\TRUService.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Admin\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://bbc.co.uk/news
uURLSearchHooks: thechatterbox.cc Toolbar: {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - c:\program files\thechatterbox.cc\tbthe1.dll
uURLSearchHooks: W1zardm0ds.co.uk Toolbar: {813cf69b-bebf-423d-9936-eb451ffab26f} - c:\program files\w1zardm0ds.co.uk\tbW1z0.dll
BHO: thechatterbox.cc Toolbar: {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - c:\program files\thechatterbox.cc\tbthe1.dll
{02478d38-c3f9-4efb-9b51-7695eca05670}
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: W1zardm0ds.co.uk Toolbar: {813cf69b-bebf-423d-9936-eb451ffab26f} - c:\program files\w1zardm0ds.co.uk\tbW1z0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: thechatterbox.cc Toolbar: {00b8e20c-5c71-4c2f-85a5-6ad541500df0} - c:\program files\thechatterbox.cc\tbthe1.dll
TB: W1zardm0ds.co.uk Toolbar: {813cf69b-bebf-423d-9936-eb451ffab26f} - c:\program files\w1zardm0ds.co.uk\tbW1z0.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [PhotoShow Deluxe Media Manager] c:\progra~1\ahead\neroph~2\data\xtras\MSSYSMGR.EXE
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [WinSys2] c:\windows\system32\winsys2.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: threesixtytraining.co.uk\www
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3EDBA9C8-BB88-4DB6-9EB4-CA2BDAEF10FC} - hxxp://downloads.privatepost.com/files/ppZDHelper/ppZDHelper.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} - hxxp://www.landlorddirect.com/js/ImageUploader6.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://btc.webex.com/client/T25LSP41EP13-LOCKDOWN/webex/ieatgpc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {B5475F04-47B0-4D4E-BFE7-E842F18F1492} = 4.2.2.2,4.2.2.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-5-23 216200]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-5-23 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-5-23 242896]
R1 RapportKELL;RapportKELL;c:\program files\trusteer\rapport\bin\RapportKELL.sys [2010-6-7 59240]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2010-6-7 166632]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-5-23 308064]
R2 MSSQL$INERTIA3_SQL2005;SQL Server (INERTIA3_SQL2005);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2009-5-27 29262680]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2010-5-8 632792]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2010-6-7 840936]
R2 TRUService;TrigoldCrystal Update Service;c:\program files\trigold\update\TRUService.exe [2009-10-31 135816]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-10 136176]
S3 PLCND532;PLCND532 NDIS Protocol Driver;c:\windows\system32\drivers\plcnd532.sys --> c:\windows\system32\drivers\PLCND532.sys [?]
=============== Created Last 30 ================
2010-06-10 20:19:34 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-09 19:50:30 0 d-----w- c:\windows\system32\LogFiles
2010-06-09 19:50:03 0 d-sh--w- c:\documents and settings\admin\IECompatCache
2010-06-05 20:42:53 0 d-----w- c:\windows\system32\XPSViewer
2010-06-05 20:42:12 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-06-05 20:42:12 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-06-05 20:42:12 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-06-05 20:42:12 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-06-05 20:42:12 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-06-05 20:42:12 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-06-05 20:42:12 117760 ------w- c:\windows\system32\prntvpt.dll
2010-06-05 15:38:59 0 d-sh--w- c:\documents and settings\admin\PrivacIE
2010-06-05 14:12:10 0 d-sh--w- c:\documents and settings\admin\IETldCache
2010-06-05 14:00:08 41984 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-06-05 13:59:56 0 d-----w- c:\windows\ie8updates
2010-06-05 13:59:48 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-06-05 13:59:48 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-06-05 13:58:14 0 dc-h--w- c:\windows\ie8
2010-06-05 12:56:25 0 d-----w- c:\windows\SQLTools9_KB970892_ENU
2010-06-05 12:55:10 0 d-----w- c:\windows\SQL9_KB970892_ENU
2010-06-05 12:23:09 293376 ------w- c:\windows\system32\browserchoice.exe
2010-05-29 09:09:06 0 d-----w- c:\program files\NETGEAR XAV101 Configuration Utility
2010-05-28 12:13:13 0 d-s---w- C:\ComboFix
2010-05-24 21:51:37 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-24 21:51:35 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-23 23:14:25 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-05-23 23:14:25 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-23 22:44:02 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-05-23 22:43:59 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-05-23 22:43:53 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-05-23 22:43:47 0 d-----w- c:\windows\system32\drivers\Avg
2010-05-19 19:38:57 17801 ----a-w- c:\windows\system32\drivers\AegisP.sys
2010-05-19 19:38:49 40960 ----a-w- c:\windows\system32\F5D7051.dll
2010-05-19 19:38:49 29184 ----a-w- c:\windows\system32\drivers\RNDISMPK.sys
2010-05-19 19:38:49 13824 ----a-w- c:\windows\system32\drivers\usb8023k.sys
2010-05-19 19:38:47 94208 ----a-w- c:\windows\system32\GTW32N50.dll
2010-05-19 19:38:47 31930 ----a-w- c:\windows\system32\GTNDIS3.VXD
2010-05-19 19:38:47 15872 ----a-w- c:\windows\system32\GTNDIS5.sys
2010-05-19 19:38:46 1396831 ----a-w- c:\windows\system32\AegisE5.dll
2010-05-19 19:38:46 0 d-----w- c:\program files\Belkin
==================== Find3M ====================
2010-05-14 12:00:54 36096 ----a-w- c:\windows\system32\drivers\intelppm.sys
2010-05-06 17:43:30 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-05-06 10:41:53 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 05:56:34 1850880 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 10:05:36 4212 ---h--w- c:\windows\system32\zllictbl.dat
2010-04-20 05:51:20 285696 ----a-w- c:\windows\system32\atmfd.dll
============= FINISH: 22:22:51.01 ===============
SPYBOT
--- Report generated: 2010-06-06 15:33 ---
Right Media: Tracking cookie (Internet Explorer: Admin) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2008-07-07 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2010-04-22 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-02-17 Includes\Adware.sbi (*)
2010-05-25 Includes\AdwareC.sbi (*)
2010-01-25 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2010-05-25 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-05-25 Includes\HijackersC.sbi (*)
2010-01-20 Includes\Keyloggers.sbi (*)
2010-05-25 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-05-25 Includes\Malware.sbi (*)
2010-05-25 Includes\MalwareC.sbi (*)
2010-05-18 Includes\PUPS.sbi (*)
2010-05-18 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-05-25 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-03-02 Includes\Spyware.sbi (*)
2010-05-25 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-05-26 Includes\Trojans.sbi (*)
2010-05-25 Includes\TrojansC-02.sbi (*)
2010-05-25 Includes\TrojansC-03.sbi (*)
2010-05-25 Includes\TrojansC-04.sbi (*)
2010-05-25 Includes\TrojansC-05.sbi (*)
2010-05-25 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
km2357 was helping me before but due to my inactivity it got archived. Apologies
http://forums.spybot.info/showthread.php?p=373087#post373087