DDS (Ver_09-02-01.01) - NTFSx86
Run by Sir $wat at 16:22:15.73 on Sat 03/07/2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.416 [GMT -8:00]
AV: Internet Security Anti-Virus *On-access scanning disabled* (Updated)
FW: Internet Security Firewall *disabled*
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Browser Defender\BDTUpdateService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\RTHDCPL.EXE
C:\program files\relevantknowledge\rlvknlg.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox 3.1 Beta 2\firefox.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\International Cricket Captain 2008\Cricket.exe
C:\Documents and Settings\Sir $wat\Desktop\dds.scr
============== Pseudo HJT Report ===============
mWinlogon: Shell=Explorer.exe SSVICHOSST.exe
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Browser Defender Toolbar: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\browser defender\PCTBrowserDefender.dll
TB: Browser Defender Toolbar: {23b0d39a-e245-41b7-bf86-1238cf62625e} - c:\program files\browser defender\PCTBrowserDefender.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
TB: {2C688203-7EB3-4327-9995-1CB417BA23F9} - No File
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [RelevantKnowledge] c:\program files\relevantknowledge\rlvknlg.exe -boot
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {23B0D39A-E245-41B7-BF86-1238CF62625E}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cabTCP: {4A260BB3-EAE3-40C9-A254-7E0C4C77F8F1} = 190.80.16.3 190.80.16.4
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\sir$wa~1\applic~1\mozilla\firefox\profiles\kfi70utn.default\
FF - component: c:\documents and settings\sir $wat\application data\idm\idmmzcc2\components\idmmzcc.dll
FF - plugin: c:\documents and settings\sir $wat\local settings\application data\google\update\1.2.141.5\npGoogleOneClick7.dll
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
============= SERVICES / DRIVERS ===============
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-3-4 130424]
R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2009-3-4 51520]
R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2009-3-4 38208]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2008-12-11 13696]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2009-3-4 159600]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-9-10 611664]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\browser defender\BDTUpdateService.exe [2009-3-4 108416]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2008-12-11 8849]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2009-3-4 73840]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2008-12-15 603904]
S3 ICAM3NT5;Intel USB Video Camera III;c:\windows\system32\drivers\Icam3.sys [2009-2-13 141056]
S3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [2009-3-4 95656]
S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [2009-3-4 64424]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\pc tools internet security\pctsAuxs.exe [2009-3-4 348752]
S3 sdCoreService;PC Tools Security Service;c:\program files\pc tools internet security\pctsSvc.exe [2009-3-4 1095592]
S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2009-3-4 33088]
S3 ThreatFire;ThreatFire;c:\program files\pc tools internet security\tfengine\tfservice.exe service --> c:\program files\pc tools internet security\tfengine\TFService.exe service [?]
=============== Created Last 30 ================
2009-03-07 15:44 939,368 a------- c:\windows\system32\flash.ocx
2009-03-07 15:44 608,448 a------- c:\windows\system32\comctl32.ocx
2009-03-07 15:44 253,952 a------- c:\windows\system32\histogram.ocx
2009-03-07 15:44 647,872 a------- c:\windows\system32\MSCOMCT2.OCX
2009-03-07 15:44 389,120 a------- c:\windows\system32\actskn43.ocx
2009-03-07 15:44 344,064 a------- c:\windows\system32\Msvcr70.dll
2009-03-07 15:44 188,416 a------- c:\windows\system32\actsplash.ocx
2009-03-07 15:44 101,888 a------- c:\windows\system32\VB6STKIT.DLL
2009-03-07 15:44
--d----- c:\program files\SoftwareClub.ws
2009-03-07 15:44 --d----- c:\program files\RelevantKnowledge
2009-03-06 23:08 0 a--shr-- c:\windows\system32\setting.ini
2009-03-04 21:03 --d----- c:\docume~1\sir$wa~1\applic~1\PCToolsSpamMonitorPlus
2009-03-04 21:03 --d----- c:\docume~1\sir$wa~1\applic~1\PCToolsFirewallPlus
2009-03-04 21:00 1,591,168 a------- c:\windows\PCTBDCore.dll
2009-03-04 21:00 716,800 a------- c:\windows\BDTSupport.dll
2009-03-04 21:00 157,568 a------- c:\windows\PCTBDRes.dll
2009-03-04 21:00 143,360 a------- c:\windows\SGDetectionTool.dll
2009-03-04 21:00 315 a------- c:\windows\UDB.zip
2009-03-04 21:00 131 a------- c:\windows\IDB.zip
2009-03-04 21:00 --d----- c:\program files\Browser Defender
2009-03-04 21:00 130,424 a------- c:\windows\system32\drivers\PCTCore.sys
2009-03-04 21:00 73,840 a------- c:\windows\system32\drivers\PCTAppEvent.sys
2009-03-04 21:00 159,600 a------- c:\windows\system32\drivers\pctgntdi.sys
2009-03-04 20:59 51,520 a------- c:\windows\system32\drivers\TfFsMon.sys
2009-03-04 20:59 38,208 a------- c:\windows\system32\drivers\TfSysMon.sys
2009-03-04 20:59 33,088 a------- c:\windows\system32\drivers\TfNetMon.sys
2009-03-04 20:59 12,608 a------- c:\windows\system32\drivers\TfKbMon.sys
2009-03-04 20:59 97,408 a------- c:\windows\system32\drivers\pctfw.sys
2009-03-04 20:59 95,656 a------- c:\windows\system32\drivers\pctplfw.sys
2009-03-04 20:59 64,424 a------- c:\windows\system32\drivers\pctplsg.sys
2009-03-04 20:59 --d----- c:\program files\common files\PC Tools
2009-03-04 20:59 --d----- c:\program files\PC Tools Internet Security
2009-03-04 20:59 --d----- c:\docume~1\sir$wa~1\applic~1\PC Tools
2009-03-04 20:59 --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2009-02-28 15:59 --d----- c:\docume~1\sir$wa~1\applic~1\LimeWire
2009-02-28 15:59 --d----- c:\program files\LimeWire
2009-02-28 11:50 --d-h--- c:\windows\PIF
2009-02-25 23:43 26,112 ac------ c:\windows\system32\dllcache\usbser.sys
2009-02-25 23:43 26,112 a------- c:\windows\system32\drivers\usbser.sys
2009-02-13 22:11 26,624 ac------ c:\windows\system32\dllcache\icam3ext.dll
2009-02-13 22:11 26,624 a------- c:\windows\system32\Icam3EXT.dll
2009-02-13 22:11 141,056 ac------ c:\windows\system32\dllcache\icam3.sys
2009-02-13 22:11 141,056 a------- c:\windows\system32\drivers\Icam3.sys
==================== Find3M ====================
2009-01-22 14:47 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-01-22 06:49 206,256 a------- c:\windows\system32\idmmbc.dll
2009-01-17 14:45 4,096 a------- c:\windows\system32\drivers\nocashio.sys
2008-12-19 23:32 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-18 16:04 98,304 a------- c:\windows\system32\CmdLineExt.dll
2008-12-15 23:35 603,904 a------- c:\windows\system32\TUProgSt.exe
2008-12-15 23:35 362,240 a------- c:\windows\system32\TuneUpDefragService.exe
2008-12-14 11:39 65,536 a------- c:\windows\IFinst27.exe
2008-12-11 23:44 122,717 a------- c:\windows\HPHins11.dat
2008-12-11 20:58 315,392 a------- c:\windows\HideWin.exe
2008-12-11 19:07 21,640 a------- c:\windows\system32\emptyregdb.dat
============= FINISH: 16:23:10.81 ===============............................................................................................