DDS (Ver_09-02-01.01) - NTFSx86
Run by Compaq_Administrator at 13:45:32.54 on Sun 03/08/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2494.1865 [GMT -7:00]
AV: Symantec AntiVirus Corporate Edition *On-access scanning enabled* (Updated)
FW: Norton Internet Worm Protection *disabled*
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdMgr.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Compaq_Administrator\Local Settings\Temporary Internet Files\Content.IE5\SAR2J1JQ\dds[1].scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PRESARIO&pf=desktop
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn5\yt.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn5\yt.dll
BHO: NoExplorer - No File
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn5\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn5\yt.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [CurseClient] c:\program files\curse\CurseClient.exe -silent
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [DISCover] c:\program files\disc\DISCover.exe
mRun: [DiscUpdateManager] c:\program files\disc\DiscUpdMgr.exe
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: []
mRun: [PCDrProfiler]
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [Reminder] "c:\windows\creator\Remind_XP.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPwuSchd2.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
StartupFolder: c:\docume~1\compaq~1\startm~1\programs\startup\limewi~1.lnk - c:\program files\limewire acceleration patch\LimeWire Acceleration Patch.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\compaq~1.lnk - c:\program files\compaq connections\5577497\program\Compaq Connections.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_05\bin\npjpi150_05.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
Trusted Zone: trymedia.com
DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - hxxps://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: NavLogon - c:\windows\system32\NavLogon.dll
Notify: __c00C56EA - c:\windows\system32\__c00C56EA.dat
============= SERVICES / DRIVERS ===============
R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2005-12-19 337592]
R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2005-12-19 54968]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2006-3-24 192160]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2006-3-24 169632]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec antivirus\Rtvscan.exe [2006-6-15 1805552]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-2-27 101936]
R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20090306.004\naveng.sys [2009-3-6 89104]
R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20090306.004\navex15.sys [2009-3-6 876144]
S3 SavRoam;SAVRoam;c:\program files\symantec antivirus\SavRoam.exe [2006-6-15 115952]
=============== Created Last 30 ================
2009-03-08 13:01 -cd----- C:\_OTMoveIt
2009-03-08 11:30 --d----- c:\program files\Trend Micro
2009-03-08 11:02 -cd----- C:\7ea8da4cb7bda386b229d560da1016
2009-03-03 00:11 --d----- c:\program files\Hasbro Interactive
2009-03-02 13:54 --d----- c:\docume~1\compaq~1\applic~1\Atari
2009-03-02 13:53 197,120 a------- c:\windows\patchw32.dll
2009-03-02 13:53 --d----- c:\program files\common files\PocketSoft
2009-02-27 17:51 24,576 a------- c:\windows\system32\__c00C56EA.dat
2009-02-27 01:55 --d----- c:\docume~1\compaq~1\applic~1\ViquaSoft
2009-02-27 01:54 --d----- c:\program files\Shop-n-Spree
2009-02-27 01:53 --d----- c:\program files\Mystery Case Files - Return to Ravenhearst
2009-02-27 01:50 --d----- c:\program files\bfgclient
2009-02-27 01:49 --d----- c:\docume~1\alluse~1\applic~1\BigFishGamesCache
2009-02-22 18:09 107,696 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2009-02-22 18:09 87,808 a------- c:\windows\system32\S32EVNT1.DLL
2009-02-22 18:09 --d----- c:\program files\Symantec
2009-02-22 17:01 --d----- c:\windows\E80F62FF5D3C4A1984099721F2928206.TMP
2009-02-22 16:28 --d----- c:\windows\system32\appmgmt
2009-02-20 16:32 25 a------- c:\windows\cdplayer.ini
2009-02-19 12:18 --d----- c:\windows\system32\scripting
2009-02-19 12:18 --d----- c:\windows\l2schemas
2009-02-19 12:18 --d----- c:\windows\system32\en
2009-02-19 12:18 --d----- c:\windows\system32\bits
2009-02-19 12:16 --d----- c:\windows\ServicePackFiles
2009-02-19 11:58 6,066,688 -------- c:\windows\system32\dllcache\ieframe.dll
2009-02-19 11:58 2,455,488 -------- c:\windows\system32\dllcache\ieapfltr.dat
2009-02-19 11:58 991,232 -------- c:\windows\system32\dllcache\ieframe.dll.mui
2009-02-19 11:58 459,264 -------- c:\windows\system32\dllcache\msfeeds.dll
2009-02-19 11:58 383,488 -------- c:\windows\system32\dllcache\ieapfltr.dll
2009-02-19 11:58 267,776 -------- c:\windows\system32\dllcache\iertutil.dll
2009-02-19 11:58 63,488 -------- c:\windows\system32\dllcache\icardie.dll
2009-02-19 11:58 52,224 -------- c:\windows\system32\dllcache\msfeedsbs.dll
2009-02-19 11:58 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-02-19 03:39 397,056 -------- c:\windows\system32\s3gnb.dll
2009-02-19 03:38 6,144 -------- c:\windows\system32\kbdbhc.dll
2009-02-18 03:06 272,128 -------- c:\windows\system32\drivers\bthport.sys
2009-02-18 03:05 455,296 -------- c:\windows\system32\dllcache\mrxsmb.sys
2009-02-18 03:05 333,952 -------- c:\windows\system32\dllcache\srv.sys
2009-02-18 03:04 337,408 -------- c:\windows\system32\dllcache\netapi32.dll
2009-02-17 00:30 --d----- c:\windows\system32\PreInstall
2009-02-16 15:48 -cdshr-- C:\cmdcons
2009-02-16 15:48 --d----- c:\windows\setupupd
2009-02-16 15:45 1,838 a--shr-- c:\windows\system32\drivers\103C_HP_CPC_EX316AA-ABA SR1917CL NA670_YC_0Pres_QCNH627_E63NAemREA1_48_INAGAMI2_SASUSTek Computer INC._V2.00_B3.11_T060919_WXP2_L409_M2495_J200_7AMD_8Athlon 64_92.2_#070218_N_Z14F12F20_G10DE0241.MRK
2009-02-16 15:45 28,672 -------- c:\windows\system32\verclsid.exe
2009-02-16 15:41 --d----- c:\docume~1\compaq~1\applic~1\Intuit
2009-02-16 15:41 --d----- c:\documents and settings\compaq_administrator\WINDOWS
2009-02-16 15:41 --d----- c:\documents and settings\Compaq_Administrator
2009-02-16 15:37 --d----- c:\windows\system32\SoftwareDistribution
2009-02-16 15:32 60,032 a------- c:\windows\system32\drivers\usbaudio.sys
2009-02-16 15:32 32,128 a------- c:\windows\system32\drivers\usbccgp.sys
2009-02-16 14:56 --dshr-- c:\windows\system32\dllcache
2009-02-11 17:51 --d----- c:\program files\Ascentive
2009-02-11 02:36 --d----- c:\program files\A360
2009-02-07 08:32 --d----- c:\program files\Curse
==================== Find3M ====================
2009-03-05 13:31 682 ac------ C:\xcrashdump.dat
2009-03-03 19:42 678 a------- c:\docume~1\compaq~1\applic~1\wklnhst.dat
2009-02-19 12:21 92,947 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-02-19 12:21 45,056 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\uninstallui\eHelpSetup.exe
2009-02-19 12:21 341,048 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\HPBasicDetection3.dll
2009-02-19 12:21 217,088 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
2009-02-19 12:21 163,840 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemcheck.dll
2009-02-19 12:21 61,440 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\modemutil.dll
2009-02-19 12:21 44,032 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\scripts\devcon.exe
2009-02-19 12:21 40,960 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\ScDmi.dll
2009-02-19 12:21 32,768 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\uploadHSC.dll
2009-02-19 12:21 32,768 a------- c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\Scom.dll
2009-01-16 21:35 3,594,752 -------- c:\windows\system32\dllcache\mshtml.dll
2008-12-19 02:10 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2008-12-18 22:25 634,024 -------- c:\windows\system32\dllcache\iexplore.exe
2008-12-18 22:23 161,792 -------- c:\windows\system32\dllcache\ieakui.dll
2007-07-24 04:34 110 a------- c:\docume~1\alluse~1\applic~1\MostFunGameId.bin
2007-07-10 20:08 774,144 a------- c:\program files\RngInterstitial.dll
============= FINISH: 13:45:58.79 ===============