.
DDS (Ver_11-03-05.01) - NTFSx86  
Run by biren at  1:53:39.23 on 26/04/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1015.442 [GMT 5.5:30]
.
AV: Internet Security 11.00 *Enabled/Updated* {05C1329D-F0E0-4B19-9D15-54F9BC3ADE87}
FW: Quick Heal Firewall Pro *Enabled* 
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\UBCD4WIN\PLUGIN\ANTISPYWARE\A2FREE\FILES\a2service.exe
C:\PROGRA~1\QUICKH~1\QUICKH~3\SAPISSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\QUICKH~1\QUICKH~3\opssvc.exe
C:\PROGRA~1\QUICKH~1\QUICKH~3\quhlpsvc.exe
C:\Program Files\Quick Heal\Quick Heal Internet Security\scanwscs.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\QUICKH~1\QUICKH~3\onlinent.exe
C:\PROGRA~1\QUICKH~1\QUICKH~3\UPSCHD.EXE
C:\PROGRA~1\QUICKH~1\QUICKH~3\SCANMSG.EXE
C:\Program Files\Quick Heal\Quick Heal Internet Security\EMLPROXY.EXE
C:\Program Files\Quick Heal\Quick Heal Firewall Pro\op_mon.exe
C:\PROGRA~1\QUICKH~1\QUICKH~2\acs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\biren\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
BHO: QHIEPro Class: {02d6b6b3-5d97-4ede-aac1-4d0be8fe9cd3} - c:\progra~1\quickh~1\quickh~3\qhiepro.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: APop Class: {efca9d4b-f2e8-487d-8505-e4d0e459abfe} - c:\progra~1\quickh~1\quickh~3\apop.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Quick Heal Monitor] c:\progra~1\quickh~1\quickh~2\op_mon.exe /tray /noservice
mRun: [Quick Heal Core UI] c:\progra~1\quickh~1\quickh~3\strtupap.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRunOnce: [Startup Scan] c:\progra~1\quickh~1\quickh~3\Sensor.EXE /CHECK
StartupFolder: c:\docume~1\biren\startm~1\programs\startup\153b35.lnk - c:\windows\system32\4d59b1\153B35.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: facebook.com\www
Trusted Zone: secunia.com
Trusted Zone: seventymm.com\www
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Bejeweled%203/Images/stg_drm.ocx
DPF: {38481807-CA0E-42D2-BF39-B33AF135CC4D} - hxxp://codecs.microsoft.com/isapi/ocget.dll
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Bejeweled%203/Images/armhelper.ocx
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\quickh~1\quickh~2\wl_hook.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1	www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 ggc;ggc;c:\windows\system32\drivers\ggc.sys [2010-2-5 46472]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [2010-1-29 673920]
R1 SASDIFSV;SASDIFSV;c:\ubcd4win\plugin\antispyware\superantispyware\files\sasdifsv.sys [2010-2-17 8944]
R1 SASKUTIL;SASKUTIL;c:\ubcd4win\plugin\antispyware\superantispyware\files\SASKUTIL.SYS [2010-2-17 55024]
R2 a2free;a-squared Free Service;c:\ubcd4win\plugin\antispyware\a2free\files\a2service.exe [2010-2-17 425080]
R2 acssrv;Quick Heal Client Security Service;c:\progra~1\quickh~1\quickh~2\acs.exe [2010-1-29 1224704]
R2 catflt;catflt;c:\windows\system32\drivers\catflt.sys [2010-2-5 109192]
R2 Core Mail Protection;Core Mail Protection;c:\program files\quick heal\quick heal internet security\EMLPROXY.EXE [2010-2-5 30184]
R2 Core Scanning Server;Core Scanning Server;c:\progra~1\quickh~1\quickh~3\SAPISSVC.EXE [2010-2-5 58760]
R2 EMLSS;EMLSS;c:\windows\system32\drivers\EMLTDI.SYS [2010-2-5 29320]
R2 Online Protection System;Online Protection System;c:\progra~1\quickh~1\quickh~3\opssvc.exe [2010-2-5 19336]
R2 Quick Update Service;Quick Update Service;c:\progra~1\quickh~1\quickh~3\quhlpsvc.exe [2010-2-5 58760]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-1-10 399416]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [2010-1-29 30864]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2010-1-29 234640]
R3 slnt;Realtek Rtl-8139d PCI Fast Ethernet Adapter;c:\windows\system32\drivers\slnt.sys [2010-1-28 18004]
S0 mscank;mscank;c:\windows\system32\drivers\mscank.sys [2010-2-5 31808]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S3 SASENUM;SASENUM;c:\ubcd4win\plugin\antispyware\superantispyware\files\SASENUM.SYS [2010-2-17 7408]
S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-1-10 993848]
S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\pcpitstop\PCPitstopScheduleService.exe [2010-3-23 85504]
.
=============== Created Last 30 ================
.
2011-04-15 11:25:36	361600	-c----w-	c:\windows\system32\dllcache\tcpip.sys
2011-04-15 11:24:48	726528	-c----w-	c:\windows\system32\dllcache\jscript.dll
2011-04-15 11:24:48	420864	-c----w-	c:\windows\system32\dllcache\vbscript.dll
2011-04-15 11:18:23	455936	-c----w-	c:\windows\system32\dllcache\mrxsmb.sys
2011-03-31 06:13:43	36480	----a-w-	c:\windows\system32\drivers\P2k.sys
.
==================== Find3M  ====================
.
2011-03-07 05:33:50	692736	----a-w-	c:\windows\system32\inetcomm.dll
2011-03-04 06:37:06	420864	----a-w-	c:\windows\system32\vbscript.dll
2011-03-03 13:21:11	1857920	----a-w-	c:\windows\system32\win32k.sys
2011-02-22 23:06:29	916480	----a-w-	c:\windows\system32\wininet.dll
2011-02-22 23:06:29	43520	----a-w-	c:\windows\system32\licmgr10.dll
2011-02-22 23:06:29	1469440	----a-w-	c:\windows\system32\inetcpl.cpl
2011-02-22 11:41:59	385024	----a-w-	c:\windows\system32\html.iec
2011-02-17 12:32:12	5120	----a-w-	c:\windows\system32\xpsp4res.dll
2011-02-15 12:56:39	290432	----a-w-	c:\windows\system32\atmfd.dll
2011-02-09 13:53:52	270848	----a-w-	c:\windows\system32\sbe.dll
2011-02-09 13:53:52	186880	----a-w-	c:\windows\system32\encdec.dll
2011-02-08 13:33:55	978944	----a-w-	c:\windows\system32\mfc42.dll
2011-02-08 13:33:55	974848	----a-w-	c:\windows\system32\mfc42u.dll
2011-02-02 07:58:35	2067456	----a-w-	c:\windows\system32\mstscax.dll
2011-01-27 11:57:06	677888	----a-w-	c:\windows\system32\mstsc.exe
2008-12-08 20:54:21	757760	----a-w-	c:\program files\VCD_PLAY.EXE
.
============= FINISH:  1:55:32.85 ===============