mrsaucytrousers
2011-04-27, 02:42
Here is my dds report. I appreciate any help i can get.
.
DDS (Ver_11-03-05.01) - NTFSx86 NETWORK
Run by Adam at 20:21:14.95 on Tue 04/26/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3326.2883 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Users\Adam\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe,
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - z:\programs\spybot~1\SDHelper.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [uTorrent] "z:\programs\uTorrent.exe"
uRun: [Audiogalaxy] "c:\users\adam\appdata\local\audiogalaxy\Audiogalaxy.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] z:\programs\spybot - search & destroy\TeaTimer.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [GHWAUC6NNZ] c:\windows\temp\Ltb.exe
dRunOnce: [jNg06504dDdDl06504] c:\programdata\jng06504ddddl06504\jNg06504dDdDl06504.exe
mExplorerRun: [XZWFNEJ] c:\windows\system32\rdpinitg.exe
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - z:\programs\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\adam\appdata\roaming\mozilla\firefox\profiles\xo9f55cn.default\
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
.
============= SERVICES / DRIVERS ===============
.
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
R3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;c:\windows\system32\drivers\WUSB54GCv3.sys [2011-4-6 627072]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-25 441176]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-4-25 307288]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-4-25 19544]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-4-25 53592]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-4-25 42184]
S2 SBSDWSCService;SBSD Security Center Service;z:\programs\spybot - search & destroy\SDWinSec.exe [2011-4-17 1153368]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-1-7 378984]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
.
=============== Created Last 30 ================
.
2011-04-26 21:44:44 139264 --sha-r- c:\windows\system32\rdpinitg.exe
2011-04-26 01:40:46 54016 ----a-w- c:\windows\system32\drivers\pheh.sys
2011-04-26 01:24:02 -------- d-----w- c:\users\adam\appdata\roaming\Malwarebytes
2011-04-26 01:23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-26 01:23:09 -------- d-----w- c:\progra~2\Malwarebytes
2011-04-26 01:23:05 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-26 01:23:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-25 22:19:02 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-25 22:19:01 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-04-25 22:18:26 40112 ----a-w- c:\windows\avastSS.scr
2011-04-25 22:18:21 -------- d-----w- c:\program files\AVAST Software
2011-04-25 22:18:21 -------- d-----w- c:\progra~2\AVAST Software
2011-04-25 12:44:21 -------- d-----w- c:\progra~2\jNg06504dDdDl06504
2011-04-24 22:04:50 -------- d-----w- c:\users\adam\appdata\roaming\NVIDIA
2011-04-24 15:28:34 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-04-23 02:31:16 0 ---ha-w- c:\users\adam\appdata\local\Bfijiporereweri.bin
2011-04-23 02:31:15 -------- d-----w- c:\users\adam\appdata\local\{95E9E6C7-6CAD-4F5D-AF11-3798384F3E6B}
2011-04-23 02:29:33 -------- d-----w- c:\users\adam\appdata\roaming\DCA273CE340706A64043A99138086228
2011-04-22 02:05:35 -------- d-----w- c:\users\adam\appdata\roaming\Nucleosys
2011-04-19 21:44:23 14744 ----a-w- c:\users\adam\appdata\roaming\microsoft\identitycrl\production\ppcrlconfig.dll
2011-04-19 21:39:28 -------- d-----w- c:\users\adam\appdata\local\Rockstar Games
2011-04-19 21:38:48 -------- d-----w- c:\windows\system32\xlive
2011-04-19 21:38:48 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2011-04-18 23:45:29 -------- d-----w- c:\program files\VideoLAN
2011-04-18 03:36:42 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2011-04-13 00:31:29 -------- d-----w- c:\users\adam\appdata\local\Audiogalaxy
2011-04-12 21:56:39 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2011-04-12 21:56:39 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2011-04-12 21:56:39 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2011-04-12 21:56:39 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2011-04-12 21:56:39 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2011-04-12 21:56:39 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2011-04-12 21:56:19 -------- d-----w- c:\program files\Microsoft XNA
2011-04-10 00:50:11 -------- d-----w- c:\program files\SystemRequirementsLab
2011-04-10 00:49:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-09 23:33:55 -------- d-----w- C:\NVIDIA
2011-04-09 23:30:39 -------- d-----w- c:\program files\CCleaner
2011-04-07 05:40:50 -------- d--h--w- c:\users\adam\appdata\local\ElevatedDiagnostics
2011-04-07 03:54:38 -------- d--h--w- c:\users\adam\appdata\local\uTorrent
2011-04-07 03:30:52 -------- d-----w- c:\program files\uTorrent
2011-04-07 03:29:45 -------- d-----w- c:\users\adam\appdata\roaming\uTorrent
2011-04-07 03:26:14 -------- d-----w- c:\windows\Panther
2011-04-07 03:24:41 6792528 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{6bf39f9a-8d19-41f2-97be-cfca4e13e37c}\mpengine.dll
2011-04-07 03:24:40 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-04-07 03:15:31 -------- d-----w- c:\program files\Steam
2011-04-07 03:15:31 -------- d-----w- c:\program files\common files\Steam
2011-04-07 02:49:52 -------- d-sh--w- c:\windows\Installer
2011-04-07 02:47:46 627072 ----a-w- c:\windows\system32\drivers\WUSB54GCv3.sys
2011-04-07 02:47:46 221184 ----a-w- c:\windows\system32\RaCoInst.dll
2011-04-07 02:45:34 -------- d-----w- c:\windows\system32\wbem\Performance
.
==================== Find3M ====================
.
.
============= FINISH: 20:21:55.01 ===============
.
DDS (Ver_11-03-05.01) - NTFSx86 NETWORK
Run by Adam at 20:21:14.95 on Tue 04/26/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3326.2883 [GMT -4:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Users\Adam\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe,
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - z:\programs\spybot~1\SDHelper.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [Steam] "c:\program files\steam\steam.exe" -silent
uRun: [uTorrent] "z:\programs\uTorrent.exe"
uRun: [Audiogalaxy] "c:\users\adam\appdata\local\audiogalaxy\Audiogalaxy.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] z:\programs\spybot - search & destroy\TeaTimer.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [GHWAUC6NNZ] c:\windows\temp\Ltb.exe
dRunOnce: [jNg06504dDdDl06504] c:\programdata\jng06504ddddl06504\jNg06504dDdDl06504.exe
mExplorerRun: [XZWFNEJ] c:\windows\system32\rdpinitg.exe
uPolicies-explorer: HideSCAHealth = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - z:\programs\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\adam\appdata\roaming\mozilla\firefox\profiles\xo9f55cn.default\
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
.
============= SERVICES / DRIVERS ===============
.
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
R3 WUSB54GCv3;Compact Wireless-G USB Network Adapter;c:\windows\system32\drivers\WUSB54GCv3.sys [2011-4-6 627072]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-25 441176]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-4-25 307288]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-4-25 19544]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-4-25 53592]
S2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-4-25 42184]
S2 SBSDWSCService;SBSD Security Center Service;z:\programs\spybot - search & destroy\SDWinSec.exe [2011-4-17 1153368]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-1-7 378984]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
.
=============== Created Last 30 ================
.
2011-04-26 21:44:44 139264 --sha-r- c:\windows\system32\rdpinitg.exe
2011-04-26 01:40:46 54016 ----a-w- c:\windows\system32\drivers\pheh.sys
2011-04-26 01:24:02 -------- d-----w- c:\users\adam\appdata\roaming\Malwarebytes
2011-04-26 01:23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-26 01:23:09 -------- d-----w- c:\progra~2\Malwarebytes
2011-04-26 01:23:05 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-26 01:23:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-25 22:19:02 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-25 22:19:01 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-04-25 22:18:26 40112 ----a-w- c:\windows\avastSS.scr
2011-04-25 22:18:21 -------- d-----w- c:\program files\AVAST Software
2011-04-25 22:18:21 -------- d-----w- c:\progra~2\AVAST Software
2011-04-25 12:44:21 -------- d-----w- c:\progra~2\jNg06504dDdDl06504
2011-04-24 22:04:50 -------- d-----w- c:\users\adam\appdata\roaming\NVIDIA
2011-04-24 15:28:34 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-04-23 02:31:16 0 ---ha-w- c:\users\adam\appdata\local\Bfijiporereweri.bin
2011-04-23 02:31:15 -------- d-----w- c:\users\adam\appdata\local\{95E9E6C7-6CAD-4F5D-AF11-3798384F3E6B}
2011-04-23 02:29:33 -------- d-----w- c:\users\adam\appdata\roaming\DCA273CE340706A64043A99138086228
2011-04-22 02:05:35 -------- d-----w- c:\users\adam\appdata\roaming\Nucleosys
2011-04-19 21:44:23 14744 ----a-w- c:\users\adam\appdata\roaming\microsoft\identitycrl\production\ppcrlconfig.dll
2011-04-19 21:39:28 -------- d-----w- c:\users\adam\appdata\local\Rockstar Games
2011-04-19 21:38:48 -------- d-----w- c:\windows\system32\xlive
2011-04-19 21:38:48 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2011-04-18 23:45:29 -------- d-----w- c:\program files\VideoLAN
2011-04-18 03:36:42 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2011-04-13 00:31:29 -------- d-----w- c:\users\adam\appdata\local\Audiogalaxy
2011-04-12 21:56:39 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2011-04-12 21:56:39 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2011-04-12 21:56:39 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2011-04-12 21:56:39 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2011-04-12 21:56:39 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2011-04-12 21:56:39 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2011-04-12 21:56:19 -------- d-----w- c:\program files\Microsoft XNA
2011-04-10 00:50:11 -------- d-----w- c:\program files\SystemRequirementsLab
2011-04-10 00:49:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-09 23:33:55 -------- d-----w- C:\NVIDIA
2011-04-09 23:30:39 -------- d-----w- c:\program files\CCleaner
2011-04-07 05:40:50 -------- d--h--w- c:\users\adam\appdata\local\ElevatedDiagnostics
2011-04-07 03:54:38 -------- d--h--w- c:\users\adam\appdata\local\uTorrent
2011-04-07 03:30:52 -------- d-----w- c:\program files\uTorrent
2011-04-07 03:29:45 -------- d-----w- c:\users\adam\appdata\roaming\uTorrent
2011-04-07 03:26:14 -------- d-----w- c:\windows\Panther
2011-04-07 03:24:41 6792528 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{6bf39f9a-8d19-41f2-97be-cfca4e13e37c}\mpengine.dll
2011-04-07 03:24:40 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-04-07 03:15:31 -------- d-----w- c:\program files\Steam
2011-04-07 03:15:31 -------- d-----w- c:\program files\common files\Steam
2011-04-07 02:49:52 -------- d-sh--w- c:\windows\Installer
2011-04-07 02:47:46 627072 ----a-w- c:\windows\system32\drivers\WUSB54GCv3.sys
2011-04-07 02:47:46 221184 ----a-w- c:\windows\system32\RaCoInst.dll
2011-04-07 02:45:34 -------- d-----w- c:\windows\system32\wbem\Performance
.
==================== Find3M ====================
.
.
============= FINISH: 20:21:55.01 ===============