DDS (Ver_09-03-16.01) - NTFSx86
Run by HP_Administrator at 17:43:32.71 on Mon 04/06/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_05
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.147 [GMT -7:00]
AV: AVG Anti-Virus *On-access scanning enabled* (Updated)
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Billeo\billeo.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Documents and Settings\HP_Administrator\Application Data\mjusbsp\magicJack.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
c:\program files\internet explorer\iexplore.exe
C:\PROGRA~1\Inbox\Toolbar\CToolbar.exe
C:\WINDOWS\system32\SNDVOL32.EXE
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
c:\progra~1\inbox\ssaver\CSSaver.exe
C:\Documents and Settings\HP_Administrator\Desktop\dds.pif
============== Pseudo HJT Report ===============
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\inbox\toolbar\ctbr.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar1.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Billeo: {465e08e7-f005-4389-980f-1d8764b3486c} - c:\program files\billeo\billeo.dll
BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: Billeo: {6adb0f93-1aa5-4bcf-9df4-cea689a3c111} - c:\program files\billeo\billeo.dll
TB: &Inbox.com Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\inbox\toolbar\ctbr.dll
TB: ZoneAlarm Spy Blocker Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar1.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
TB: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File
EB: Billeo: {6576ebaa-b570-4345-98e4-96153c77cf24} - c:\program files\billeo\billeo.dll
uRun: [EPSON Stylus CX3800 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /M "Stylus CX3800" /EF "HKCU"
uRun: [cdloader] "c:\documents and settings\hp_administrator\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
dRun: [Picasa Media Detector] c:\program files\picasa2\PicasaMediaDetector.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\shortc~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\billeo.lnk - c:\program files\billeo\billeo.exe
IE: Inbox Search - tbr:iemenu
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\program files\paltalk messenger\Paltalk.exe
IE: {CDAFD956-97BE-443D-8EF7-F4F094EB5766} - c:\progra~1\inbox\ssaver\CSSaver.exe
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://dl8-cdn-09.sun.com/s/ESD7/JSCDL/jdk/6u13-b03/jinstall-6u13-windows-i586-jc.cab?e=1238784487514&h=bb82124d3f2ddc8cd687fe79e8c3bd84/&filename=jinstall-6u13-windows-i586-jc.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\inbox\toolbar\ctbr.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
============= SERVICES / DRIVERS ===============
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-2-26 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-2-26 325640]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-2-26 27656]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-26 108552]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-3-23 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-3-23 72944]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2009-3-30 353672]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-2-26 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-2-26 298264]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
S2 mrtRate;mrtRate;
S2 ucyvusjw;ucyvusjw;\??\c:\windows\system32\drivers\ucyvusjw.sys --> c:\windows\system32\drivers\ucyvusjw.sys [?]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-3-23 7408]
S4 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2009-3-30 464264]
=============== Created Last 30 ================
2009-04-05 16:48 <DIR> --d----- c:\program files\Citrix
2009-04-05 15:56 <DIR> --d----- c:\program files\CCleaner
2009-04-03 09:32 <DIR> --d----- c:\program files\Belarc
2009-04-02 13:54 <DIR> --d----- c:\program files\Trend Micro
2009-04-02 13:06 <DIR> --d----- c:\docume~1\hp_adm~1\applic~1\Malwarebytes
2009-04-02 13:06 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-04-02 13:06 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-02 13:05 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-04-02 13:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-04-02 12:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-04-02 12:01 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-04-02 12:01 <DIR> --d----- c:\docume~1\hp_adm~1\applic~1\SUPERAntiSpyware.com
2009-04-02 11:57 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-03-30 18:43 1,221,512 a------- c:\windows\system32\zpeng25.dll
2009-03-30 18:43 <DIR> --d----- c:\windows\system32\ZoneLabs
2009-03-30 18:43 <DIR> --d----- c:\program files\Zone Labs
2009-03-30 18:43 350,192 a------- c:\windows\system32\vsconfig.xml
2009-03-30 18:36 0 a------- C:\XESD.tmp
2009-03-30 18:36 0 a------- C:\XESB.tmp
2009-03-30 10:21 <DIR> --d----- c:\program files\AskBarDis
2009-03-17 02:30 <DIR> --d----- c:\program files\Jetico
2009-03-16 18:42 524,288 a------- c:\windows\opuc.dll
2009-03-15 14:40 <DIR> --d----- c:\windows\system32\IOSUBSYS
==================== Find3M ====================
2009-03-30 18:44 4,212 a---h--- c:\windows\system32\zllictbl.dat
2009-03-24 09:39 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-03-13 08:05 325,640 a------- c:\windows\system32\drivers\avgldx86.sys
2009-03-13 08:05 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-03-09 05:19 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-03 00:03 208,896 -------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
2009-03-03 00:03 45,056 -c------ c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\uninstallui\eHelpSetup.exe
2009-03-03 00:03 341,048 -c------ c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\HPBasicDetection3.dll
2009-03-03 00:03 44,032 -c------ c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\scripts\devcon.exe
2009-03-03 00:03 163,840 -------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemcheck.dll
2009-03-03 00:03 61,440 -------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemutil.dll
2009-03-03 00:03 40,960 -------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\ScDmi.dll
2009-03-03 00:03 32,768 -------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\uploadHSC.dll
2009-03-03 00:03 32,768 -------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\Scom.dll
2009-02-26 09:16 12,552 -------- c:\windows\system32\drivers\avgrkx86.sys
2009-02-09 04:13 1,846,784 a------- c:\windows\system32\win32k.sys
2009-02-09 04:13 1,846,784 -------- c:\windows\system32\dllcache\win32k.sys
2009-01-16 22:35 3,594,752 -------- c:\windows\system32\dllcache\mshtml.dll
2007-01-31 21:24 22 -c-sh--- c:\windows\sminst\HPCD.sys
============= FINISH: 17:44:21.96 ===============