As requested from DDS:
DDS (Ver_09-06-26.01) - NTFSx86
Run by Dad at 15:19:42.03 on Sat 06/27/2009
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_14
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1007.602 [GMT -7:00]
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Motherboard Monitor 5\MBM5.EXE
C:\Program Files\QuickTime\QTTask.exe
E:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
E:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\iPod\bin\iPodService.exe
E:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Dad\Desktop\dds.pif
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.gbcph.org/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.omnitechcorp.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common
files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\tbFre1.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program
files\real\realplayer\rpbrowserrecordplugin.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program
files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program
files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Freecorder Toolbar: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - c:\program files\freecorder\tbFre1.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [Sony Ericsson PC Suite] "e:\program files\sony ericsson\sony ericsson pc suite\SEPCSuite.exe" /systray /nologon
mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray
mRun: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
mRun: [AdaptecDirectCD] c:\program files\adaptec\easy cd creator 5\directcd\DirectCD.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [AAWTray] c:\program files\lavasoft\ad-aware 2007\AAWTray.exe
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [MBM 5] "c:\program files\motherboard monitor 5\MBM5.EXE"
mRun: [Adobe Reader Speed Launcher] "e:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "e:\program files\itunes\iTunesHelper.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - hxxp://a.download.toontown.com/sv1.0.28.9/ttinst.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CC32D4D8-2A0B-4CEB-B105-C9B968379105} - hxxps://disney.go.com/games/downloads/gamemanager/DIGGameManager.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\dad\applic~1\mozilla\firefox\profiles\b9k9d87q.default\
FF - prefs.js: browser.startup.homepage -
www.gbcph.orgFF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - plugin: e:\program files\adobe\reader 8.0\reader\browser\nppdf32.dll
FF - plugin: e:\program files\itunes\mozilla plugins\npitunes.dll
FF - plugin: e:\program files\mozilla firefox\plugins\npmusicn.dll
FF - plugin: e:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: e:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: e:\program files\netscape6\nppl3260.dll
FF - plugin: e:\program files\netscape6\nprjplug.dll
FF - plugin: e:\program files\netscape6\nprpjplug.dll
FF - HiddenExtension: Java Console: No Registry Reference - e:\program files\mozilla
firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - e:\program files\mozilla
firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - e:\program files\mozilla
firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - e:\program files\mozilla
firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - e:\program files\mozilla
firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
============= SERVICES / DRIVERS ===============
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-6-26 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-6-23 9968]
R2 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2007-8-27 566616]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-6-26 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-6-26 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-6-26 55640]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2009-4-10
24652]
S1 Multicam;MultiCam for Picolo;c:\windows\system32\drivers\multicam.sys --> c:\windows\system32\drivers\multicam.sys [?]
S1 SASKUTIL;SASKUTIL;\??\e:\program files\superantispyware\saskutil.sys --> e:\program files\superantispyware\SASKUTIL.sys
[?]
S3 AtomSync;AtomSync;e:\program files\atomsync\service.exe [2008-9-23 159744]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2008-5-20 13224]
S3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\pavsrk.sys --> c:\windows\system32\PavSRK.sys [?]
S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\pavtpk.sys --> c:\windows\system32\PavTPK.sys [?]
S3 SASENUM;SASENUM;\??\e:\program files\superantispyware\sasenum.sys --> e:\program files\superantispyware\SASENUM.SYS [?]
=============== Created Last 30 ================
2009-06-27 14:03 <DIR> --d-h--- c:\windows\PIF
2009-06-26 23:55 <DIR> --d----- c:\docume~1\dad\applic~1\Malwarebytes
2009-06-26 23:50 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-06-26 23:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-06-26 23:20 <DIR> --d----- c:\docume~1\dad\applic~1\SUPERAntiSpyware.com
2009-06-26 22:46 <DIR> --d----- c:\program files\Trend Micro
2009-06-26 22:40 410,984 a------- c:\windows\system32\deploytk.dll
2009-06-26 00:45 55,640 a------- c:\windows\system32\drivers\avgntflt.sys
2009-06-26 00:44 <DIR> --d----- c:\program files\Avira
2009-06-26 00:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avira
2009-06-26 00:36 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-26 00:36 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-06-26 00:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-06-25 22:57 47 a----r-- c:\windows\amunres.lsl
2009-06-21 20:24 0 a------- c:\windows\system32\commonpriv.log.lock
2009-06-21 20:22 <DIR> --d----- c:\program files\AVG
2009-06-21 20:22 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-06-21 17:48 <DIR> --d----- c:\program files\iPod
2009-06-21 17:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-21 17:46 <DIR> --d----- c:\program files\Bonjour
==================== Find3M ====================
2008-01-15 11:50 1,004 a--sh--- c:\windows\system32\KGyGaAvL.sys
============= FINISH: 15:20:30.64 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-06-26.01)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/21/2003 6:30:08 AM
System Uptime: 6/27/2009 12:30:37 PM (3 hours ago)
Motherboard: Intel Corporation | | D865GLC
Processor: Intel(R) Celeron(R) CPU 2.00GHz | J2E1 | 1994/100mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 112 GiB total, 100.291 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 112 GiB total, 110.138 GiB free.
Y: is NetworkDisk (NTFS) - 372 GiB total, 220.977 GiB free.
Z: is NetworkDisk (NTFS) - 372 GiB total, 220.977 GiB free.
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP771: 3/29/2009 5:45:41 PM - System Checkpoint
RP772: 4/4/2009 6:02:04 PM - System Checkpoint
RP773: 4/6/2009 10:51:30 AM - System Checkpoint
RP774: 4/8/2009 5:20:42 PM - System Checkpoint
RP775: 4/11/2009 5:40:09 PM - System Checkpoint
RP776: 4/13/2009 10:46:03 AM - System Checkpoint
RP777: 4/18/2009 2:45:05 PM - System Checkpoint
RP778: 4/21/2009 5:03:36 PM - System Checkpoint
RP779: 5/8/2009 12:27:10 PM - System Checkpoint
RP780: 5/8/2009 10:18:06 PM - Installed DirectX
RP781: 5/18/2009 6:23:01 PM - System Checkpoint
RP782: 5/21/2009 2:02:35 PM - System Checkpoint
RP783: 6/8/2009 5:47:54 PM - System Checkpoint
RP784: 6/21/2009 3:36:29 PM - System Checkpoint
RP785: 6/21/2009 5:47:36 PM - Installed iTunes
RP786: 6/21/2009 8:24:20 PM - Installed AVG Free 8.5
RP787: 6/25/2009 10:16:57 PM - Removed Panda Internet Security 2007
RP788: 6/25/2009 11:02:16 PM - Removed OpenOffice.org 2.2
RP789: 6/25/2009 11:25:49 PM - Installed AVG Free 8.5
==== Installed Programs ======================
3D Virtual Reality Architect
Ad-Aware 2007
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Reader 8.1.4
Adobe Shockwave Player 11
AiO_Scan
Apple Mobile Device Support
Apple Software Update
AtomSync
Avira AntiVir Personal - Free Antivirus
Belkin 54g USB Network Adapter
Big Fish Games Client
Bonjour
CCleaner (remove only)
CutePDF Writer 2.7
Disc2Phone
Easy CD Creator 5 Basic
Freecorder Toolbar
Freecorder Toolbar 3.0 Application
Freecorder Toolbar 3.02 Application
GameShark SP
Google Talk (remove only)
Google Talk Plugin
Google Updater
HijackThis 2.0.2
HP Image Zone 4.7
HP PSC & OfficeJet 4.7
iMesh
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
iTunes
Java(TM) 6 Update 14
Juniper Networks Cache Cleaner 6.0.0
Juniper Networks Host Checker
Last.fm 1.5.4.24567
Logitech Gaming Software
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Data Access Components KB870669
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Motherboard Monitor 5
Mozilla Firefox (3.0.11)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
Pando Media Booster
QFolder
QuickTime
RealPlayer
Rhapsody Player Engine
Rosetta Stone 2.1.3.0A
Sansa Media Converter
Scan
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB923789)
Sibelius Scorch Plugin 5.2.5.30
SigmaTel MSCN Audio Player
Sony Ericsson PC Suite 4.010.00
SoundMAX
Spelling Dictionaries Support For Adobe Reader 8
SUPERAntiSpyware Free Edition
teenSMART®
TimeLeft
Unity Web Player
Update Service
URGE
Viewpoint Media Player
WebFldrs XP
Where in the World is Carmen Sandiego?
Windows Communication Foundation
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Workflow Foundation
Windows XP Service Pack 2
WordPerfect Office 12
XML Paper Specification Shared Components Pack 1.0
XplDbClientPatch
==== Event Viewer Messages From Past Week ========
6/27/2009 12:32:20 AM, error: Service Control Manager [7026] - The following boot-start or
system-start driver(s) failed to load: SASKUTIL
6/27/2009 12:31:25 PM, error: sr [1] - The System Restore filter encountered the unexpected
error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has
stopped monitoring the volume.
6/27/2009 11:05:26 AM, error: Service Control Manager [7000] - The SASENUM service failed
to start due to the following error: The system cannot find the path specified.
6/27/2009 11:05:22 AM, error: Service Control Manager [7000] - The SASKUTIL service failed
to start due to the following error: The system cannot find the path specified.
6/26/2009 12:38:58 AM, error: SideBySide [59] - Resolve Partial Assembly failed for
Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on
your system. .
6/26/2009 12:38:58 AM, error: SideBySide [59] - Generate Activation Context failed for
C:\DOCUME~1\Dad\LOCALS~1\Temp\RarSFX0\basic\setup.exe. Reference error message: The
operation completed successfully. .
6/26/2009 12:38:58 AM, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could
not be found and Last Error was The referenced assembly is not installed on your system.
6/26/2009 12:38:58 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the
service MSIServer with arguments "" in order to run the server:
{000C101C-0000-0000-C000-000000000046}
6/26/2009 12:35:35 AM, error: Service Control Manager [7026] - The following boot-start or
system-start driver(s) failed to load: cdudf_xp Fips intelppm mbmiodrvr sf
6/26/2009 12:34:59 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the
service StiSvc with arguments "" in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
6/26/2009 12:34:37 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the
service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
6/26/2009 11:54:26 PM, error: Service Control Manager [7026] - The following boot-start or
system-start driver(s) failed to load: avgio avipbb cdudf_xp Fips intelppm mbmiodrvr
SASKUTIL sf ssmdrv
6/26/2009 11:40:54 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the
service wuauserv with arguments "" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
6/26/2009 11:27:47 PM, error: Service Control Manager [7026] - The following boot-start or
system-start driver(s) failed to load: avgio avipbb cdudf_xp Fips intelppm mbmiodrvr sf
ssmdrv
6/21/2009 7:51:43 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds)
waiting for the Application Layer Gateway Service service to connect.
6/21/2009 7:51:43 PM, error: Service Control Manager [7000] - The Application Layer Gateway
Service service failed to start due to the following error: The service did not respond to
the start or control request in a timely fashion.
6/21/2009 7:51:12 PM, error: Service Control Manager [7022] - The Panda anti-virus service
service hung on starting.
6/21/2009 7:48:39 PM, error: sr [1] - The System Restore filter encountered the unexpected
error '0xC0000243' while processing the file 'NetPcap.cfg' on the volume 'HarddiskVolume1'.
It has stopped monitoring the volume.
==== End Of File ===========================