. DDS (Ver_11-03-05.01) - NTFSx86 Run by UserXP at 20:47:25.85 on Wed 05/11/2011 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_25 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1012.385 [GMT 2:00] . . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\MyConnection Server\msserver.exe C:\WINDOWS\system32\java.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Internet Download Manager\IDMan.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\UserXP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\UserXP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\UserXP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\UserXP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\UserXP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\UserXP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\UserXP\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\UserXP\Desktop\dds.scr . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll mURLSearchHooks: H - No File BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: SnapFlash Class: {a44cbb0b-c77d-4bf5-87cc-b4ee79ad1b7e} - c:\program files\common files\justdo\Jd2002.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" uRun: [Sony Ericsson PC Companion] "c:\program files\sony ericsson\sony ericsson pc companion\PCCompanion.exe" /Background uRun: [BitTorrent] "c:\program files\bittorrent\BitTorrent.exe" uRun: [Adobe Update] c:\documents and settings\userxp\application data\adobe \Adobe Update mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe mRun: [nwiz] nwiz.exe /install mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming mRun: [SkyTel] SkyTel.EXE mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\docume~1\userxp\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\userxp\application data\dropbox\bin\Dropbox.exe StartupFolder: c:\docume~1\userxp\startm~1\programs\startup\logite~1.lnk - c:\program files\common files\logishrd\ereg\setpoint\eReg.exe StartupFolder: c:\docume~1\userxp\startm~1\programs\startup\produc~1.lnk - c:\program files\common files\logishrd\ereg\setpoint\eReg.exe uPolicies-system: DisableTaskMgr = 1 (0x1) uPolicies-system: DisableRegistryTools = 1 (0x1) mPolicies-system: EnableLUA = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm IE: Download with IDM - c:\program files\internet download manager\IEExt.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: Save Flash with Flash Catcher - c:\program files\common files\justdo\IECatcher.DLL/FlashCatcher.htm IE: {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - res://c:\program files\common files\justdo\IECatcher.DLL/FlashCatcher.htm IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\pokerstars.net\PokerStarsUpdate.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL Notify: igfxcui - igfxdev.dll Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\docume~1\userxp\applic~1\mozilla\firefox\profiles\5fjnsx00.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=ffds1&p= . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.ytff.general.dontshowhpoffer - true . ============= SERVICES / DRIVERS =============== . R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656] R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2011-2-5 10448] R2 MyConnectionServer-30dbe206;Visualware MyConnection Server (#30dbe206);c:\program files\myconnection server\msserver.exe [2010-12-24 575804] R3 asc3360pr;asc3360pr;\??\c:\windows\system32\drivers\kuompm.sys --> c:\windows\system32\drivers\kuompm.sys [?] S0 kfdfuamd;kfdfuamd; [x] S2 keoeiv5cyseeyeai;Backbone Service;c:\windows\system32\doozi.exe --> c:\windows\system32\doozi.exe [?] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2011-2-5 1684736] S3 PciCon;PciCon;f:\driver cd\nvidia gfx\PciCon.sys [2010-3-9 3968] S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\sony ericsson\sony ericsson pc companion\PCCService.exe [2011-1-31 155344] . =============== Created Last 30 ================ . 2011-05-11 09:05:20 -------- d-----w- C:\MGtools 2011-05-11 08:40:44 -------- d-sha-r- C:\cmdcons 2011-05-11 08:37:57 98816 ----a-w- c:\windows\sed.exe 2011-05-11 08:37:57 89088 ----a-w- c:\windows\MBR.exe 2011-05-11 08:37:57 256512 ----a-w- c:\windows\PEV.exe 2011-05-11 08:37:57 161792 ----a-w- c:\windows\SWREG.exe 2011-05-11 08:37:50 -------- d-----w- C:\ComboFix 2011-05-11 08:15:34 -------- d-----w- c:\docume~1\userxp\applic~1\Malwarebytes 2011-05-11 08:15:29 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-05-11 08:15:29 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2011-05-11 08:15:26 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-05-11 08:15:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-05-11 06:30:32 -------- d-----w- c:\docume~1\userxp\applic~1\SUPERAntiSpyware.com 2011-05-11 06:30:32 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com 2011-05-11 06:30:22 -------- d-----w- c:\program files\SUPERAntiSpyware 2011-05-11 06:26:17 2487794 ----a-w- C:\MGtools.exe 2011-05-11 06:19:12 -------- d-----w- c:\program files\CCleaner 2011-05-11 06:09:54 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-05-11 04:48:08 -------- d-----w- c:\program files\SpywareBlaster 2011-05-11 04:06:54 -------- d--h--w- c:\windows\system32\GroupPolicy 2011-05-09 20:18:07 -------- d-----w- c:\docume~1\userxp\applic~1\GetRightToGo 2011-05-06 00:15:27 -------- d-----w- c:\program files\iPod 2011-05-06 00:15:23 -------- d-----w- c:\program files\iTunes 2011-05-06 00:12:46 -------- d-----w- c:\program files\Bonjour 2011-05-02 06:39:47 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2011-05-02 06:39:16 -------- d-----w- c:\program files\Cambridge TOEFL(R) Prep 2011-05-01 15:18:03 -------- d-----w- c:\program files\ESL Pro Systems 2011-05-01 06:52:46 -------- d-----w- c:\program files\Cheat Engine 6 2011-04-28 07:53:05 -------- d-----w- c:\program files\Kap.TOEFL 2011-04-25 01:44:04 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys 2011-04-25 01:44:04 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys 2011-04-25 01:44:04 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys 2011-04-25 01:44:04 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys 2011-04-25 01:43:17 -------- d-----w- c:\program files\Reliance Netconnect 2011-04-25 01:33:16 100736 ----a-w- c:\windows\system32\drivers\ewusbdev.sys 2011-04-24 00:10:34 -------- d-----w- c:\program files\Reliance Netconnect - Broadband+ 2011-04-22 05:40:35 -------- d-----w- c:\program files\Plants Vs Zombies 2011-04-22 04:25:32 -------- d-----w- c:\docume~1\alluse~1\applic~1\PopCap Games 2011-04-22 04:25:19 -------- d-----w- c:\program files\PopCap Games 2011-04-13 11:41:20 -------- d-----w- c:\docume~1\userxp\applic~1\Softland 2011-04-13 11:41:13 23376 ----a-w- c:\windows\system32\dopdfmn7.dll 2011-04-13 11:41:13 20304 ----a-w- c:\windows\system32\dopdfmi7.dll 2011-04-13 11:41:13 1700352 ----a-w- c:\windows\system32\GdiPlus.dll 2011-04-13 11:41:12 -------- d-----w- c:\program files\Softland . ==================== Find3M ==================== . 2011-05-11 06:09:24 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-04-06 14:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll 2011-04-06 14:20:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll 2011-04-06 14:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll 2011-04-06 14:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe 2011-02-18 15:36:58 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll 2011-02-10 21:28:30 315392 ----a-w- c:\windows\HideWin.exe . ============= FINISH: 20:47:52.45 ===============