DDS (Ver_10-03-17.01) - NTFSx86 MINIMAL Run by www at 17:50:29,84 on 2010-09-30 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Home Edition 5.1.2600.3.1250.48.1045.18.1535.1229 [GMT 2:00] AV: Doctor Web Anti-Virus *On-access scanning enabled* (Updated) {3454C8F1-ECBC-4180-A6F4-04632FBA762B} AV: Online Armor ++ *On-access scanning enabled* (Updated) {8A358D6D-9E8B-4685-9491-3F4817DF49A8} FW: Online Armor Firewall *enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\Explorer.EXE C:\DOCUMENTS AND SETTINGS\WWW\PULPIT\PROCESSEXPLORER\PROCEXP.EXE C:\WINDOWS\notepad.exe M:\AKCJA\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.dvdcopyrip.com BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 52\axcmd.exe" /automount uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe" mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [DefenseWall] "c:\program files\defensewall\DefenseWall.exe" regrun mRun: [nwiz] nwiz.exe /install mRun: [@OnlineArmor GUI] "c:\program files\tall emu\online armor\oaui.exe" mRun: [PuranADT] c:\program files\puran defrag\PuranADT.exe mRun: [cFosSpeed] c:\program files\cfosspeed\cFosSpeed.exe mRun: [MULTIMEDIA KEYBOARD] c:\program files\netropa\multimedia keyboard\MMKeybd.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\www\menust~1\programy\autost~1\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE StartupFolder: c:\docume~1\www\menust~1\programy\autost~1\speedfan.lnk - c:\program files\speedfan\speedfan.exe uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1) mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} - hxxp://static.s2g.gate5.de/ovi_maps/OviMaps_2.2.30.1.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242928736375 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\tallem~1\online~1\oaevent.dll IFEO: taskmgr.exe - "c:\documents and settings\www\pulpit\processexplorer\PROCEXP.EXE" ============= SERVICES / DRIVERS =============== R1 msikbd2k;Multimedia Keyboard Filter Driver;c:\windows\system32\drivers\Msikbd2k.sys [2010-9-23 6656] S1 dwall;DefenseWall driver;c:\windows\system32\drivers\dwall.sys [2009-6-2 891904] S1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2010-1-29 201168] S1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2010-9-22 38856] S1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2010-1-29 25000] S1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [2010-1-29 29272] S2 defensewall_serv;DefenseWall internal service;c:\windows\system32\defensewall_serv.exe [2009-6-2 163840] S2 NAUpdate;@c:\program files\nero\update\nasvc.exe,-200;c:\program files\nero\update\NASvc.exe [2010-3-25 490280] S2 nhksrv;Netropa NHK Server;c:\program files\netropa\multimedia keyboard\nhksrv.exe [2010-9-23 28672] S2 OAcat;Online Armor Helper Service;c:\program files\tall emu\online armor\oacat.exe [2010-1-29 380272] S2 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe [2010-2-28 229376] S2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 52\starwind\StarWindServiceAE.exe [2007-5-28 275968] S2 SvcOnlineArmor;Online Armor;c:\program files\tall emu\online armor\oasrv.exe [2010-1-29 3638240] S3 RGService;RGService;c:\program files\radioget\RGService.exe [2009-10-1 335872] S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] =============== Created Last 30 ================ 2010-09-30 14:21:42 0 d-----w- c:\windows\system32\wbem\Repository 2010-09-30 14:08:03 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-09-29 16:16:49 0 d-----w- c:\docume~1\www\daneap~1\Zeon 2010-09-29 16:00:29 50 ----a-w- c:\windows\system32\bridf08b.dat 2010-09-29 16:00:09 0 d-----w- c:\program files\Brother 2010-09-29 15:56:15 0 d-----w- c:\program files\ScanSoft(2) 2010-09-29 15:54:53 0 d-----w- c:\docume~1\alluse~1\daneap~1\Brother 2010-09-23 13:38:15 245 ----a-w- c:\windows\Msiosd.ini 2010-09-23 13:38:15 0 d-----w- c:\program files\Netropa 2010-09-23 13:38:14 98304 ----a-w- c:\windows\system32\Msikbd.dll 2010-09-23 13:38:14 6656 ----a-w- c:\windows\system32\drivers\Msikbd2k.sys 2010-09-23 13:38:14 28672 ----a-w- c:\windows\system32\msiosd32.dll 2010-09-23 10:58:09 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll 2010-09-23 10:58:09 21504 ----a-w- c:\windows\system32\hidserv.dll 2010-09-23 10:58:04 14720 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2010-09-23 10:58:04 14720 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2010-09-22 14:18:35 38856 ----a-w- c:\windows\system32\drivers\oahlp32.sys 2010-09-07 17:21:36 0 d-sh--w- c:\windows\ftpcache 2010-09-04 12:06:55 185860096 ----a-w- C:\LogFile.Etl 2010-09-04 12:03:05 0 d-----w- c:\program files\Greatis 2010-09-01 15:04:08 0 d-----w- C:\ProQms2002 2010-09-01 15:02:23 331776 ------w- c:\windows\Setup1.exe 2010-09-01 15:02:21 151622 ------w- c:\windows\modcas.dll 2010-09-01 15:02:21 1384479 ------w- c:\windows\msvbvm60.dll 2010-09-01 15:02:21 101888 ------w- c:\windows\odestkit.dll 2010-09-01 15:02:20 73216 ----a-w- c:\windows\ODEUNST.EXE ==================== Find3M ==================== 2010-09-22 14:18:32 29272 ----a-w- c:\windows\system32\drivers\OAnet.sys 2010-09-22 14:18:29 25000 ----a-w- c:\windows\system32\drivers\OAmon.sys 2010-09-22 14:18:26 201168 ----a-w- c:\windows\system32\drivers\OADriver.sys 2010-09-13 14:08:36 1141464 ----a-w- c:\windows\system32\drivers\cfosspeed.sys 2010-09-13 14:08:32 334040 ----a-w- c:\windows\system32\cfosspeed.dll 2010-08-17 15:48:48 2828 --sha-w- c:\docume~1\alluse~1\daneap~1\KGyGaAvL.sys 2010-07-26 12:24:51 8293812 ----a-w- c:\windows\Sample.scr 2009-12-21 21:09:02 1889 ----a-w- c:\program files\The Business Upper Intermediate.lnk ============= FINISH: 17:50:47,23 ===============