zl00xcz.com

[Wood500]

Greetings all,

I just joined the site as my PC has also been infected as in

I'm having similar problems to http://forums.malwarebytes.org/index.php?s...rt=#entry283326. It looks like there is hope, could someone give me a hand as well.

Thanks a lot,

Woody

[Wood500]

FYI, I have run both MAlwarebytes and SuperAntiSpyware as well as ESET and my machine would appear to be clean although it looks like Windows update might be broken.

Thanks

Woody

[Wood500]

Here is my DDS.txt log

DDS (Ver_10-03-17.01) - NTFSx86

Run by jwood at 22:27:40.35 on Sat 07/17/2010

Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_20

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2132 [GMT -4:00]

AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Cadence\LicenseManager\lmgrd.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

C:\WINDOWS\system32\nipalsm.exe

C:\WINDOWS\system32\nipalsm.exe

C:\Program Files\Sony\SmartWi Connection Utility\SmartWiService.exe

C:\Cadence\LicenseManager\lmgrd.exe

c:\windows\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe

C:\Program Files\Sony\SmartWi Connection Utility\WCULauncher.exe

C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe

C:\WINDOWS\V0350Mon.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Program Files\Sony\ISB Utility\ISBMgr.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\Protector Suite QL\menusw.exe

C:\Program Files\Sony\SmartWi Connection Utility\SmartWiTogglet.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\Program Files\Apoint2K\Apntex.exe

c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\WINDOWS\system32\wscntfy.exe

C:\Documents and Settings\jwood\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uStart Page = hxxp://www.google.com/

mDefault_Page_URL = hxxp://companyweb

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyServer = http=127.0.0.1:5577

uInternet Settings,ProxyOverride = <local>

uURLSearchHooks: H - No File

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll

BHO: {d187a56b-a33f-4cbe-9d77-459fc0bae012} - Burn4Free Toolbar Helper

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

uRun: [startCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe

uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

uRun: [skype] "c:\program files\skype\\phone\Skype.exe" /nosplash /minimized

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot

mRun: [WCULauncher] "c:\program files\sony\smartwi connection utility\WCULauncher.exe"

mRun: [VAIOSecurity] c:\program files\sony\vaio security center\VSC.exe 1

mRun: [VAIO Update 4] "c:\program files\sony\vaio update 4\VAIOUpdt.exe" /Stationary

mRun: [VAIO Recovery] c:\windows\sonysys\vaio recovery\PartSeal.exe

mRun: [V0350Mon.exe] c:\windows\V0350Mon.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [sonyPowerCfg] "c:\program files\sony\vaio power management\SPMgr.exe"

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [iSBMgr.exe] c:\program files\sony\isb utility\ISBMgr.exe

mRun: [intelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"

mRun: [intelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [egui] c:\program files\eset\eset nod32 antivirus\egui.exe /hide /waitservice

mRun: [biomenu] "c:\program files\protector suite ql\menusw.exe"

mRun: [Apoint] "c:\program files\apoint2k\Apoint.exe"

mRun: [Alcmtr] ALCMTR.EXE

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

StartupFolder: c:\docume~1\jwood\startm~1\programs\startup\ccc.lnk - c:\program files\ati technologies\ati.ace\core-static\CCC.exe

StartupFolder: c:\docume~1\jwood\startm~1\programs\startup\launch~1.lnk - c:\program files\microsoft office\office11\OUTLOOK.EXE

StartupFolder: c:\docume~1\jwood\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk - c:\program files\adobe\acrobat 6.0\distillr\acrotray.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe

mPolicies-system: RunStartupScriptSync = 1 (0x1)

IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 4.0\resources\en-us\local\search.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

TCP: {E1E2F565-A9C7-4621-BA89-42D89ED91A31} = 192.168.50.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL

Notify: AtiExtEvent - Ati2evxx.dll

Notify: igfxcui - igfxdev.dll

Notify: psfus - fusstub.dll

Notify: VESWinlogon - VESWinlogon.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

LSA: Notification Packages = fusstub scecli

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\jwood\applic~1\mozilla\firefox\profiles\dpkqq1tc.default\

FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll

FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\opera\program\plugins\npdivx32.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr

ef", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\drivers\shpf.sys [2007-4-17 14720]

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-9-11 108792]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-9-11 96408]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]

R2 Cadence License Manager;Cadence License Manager;c:\cadence\licensemanager\lmgrd.exe [2009-2-20 1370752]

R2 dlportio;54x_DSK_Parallel_Port_Driver;c:\windows\system32\dlportio.sys [2004-10-22 3584]

R2 drpkiont;drpkiont;c:\windows\system32\drpkiont.sys [2004-10-22 3968]

R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2009-9-11 735960]

R2 FdRedir;FdRedir;c:\program files\common files\protector suite ql\drivers\FdRedir.sys [2006-2-22 13440]

R2 FileDisk2;FileDisk Protector Kernel Driver;c:\program files\common files\protector suite ql\drivers\filedisk.sys [2006-2-22 33024]

R2 niarbk;niarbk;c:\windows\system32\drivers\niarbk.dll [2003-7-25 37376]

R2 nibffrk;nibffrk;c:\windows\system32\drivers\nibffrk.dll [2003-7-25 21504]

R2 Nidaq32k;Nidaq32k;c:\windows\system32\drivers\nidaq32k.sys [2003-7-25 672768]

R2 nidevldu;nidevldu;system32\nipalsm.exe --> system32\nipalsm.exe [?]

R2 nidimk;nidimk;c:\windows\system32\drivers\nidimk.dll [2003-4-23 107102]

R2 nidmmk;NI DMM and Data Logger Kernel Driver;c:\windows\system32\drivers\nidmmk.dll [2003-7-25 50688]

R2 nimdsk;nimdsk;c:\windows\system32\drivers\nimdsk.dll [2003-7-25 30208]

R2 nimxpk;nimxpk;c:\windows\system32\drivers\nimxpk.dll [2003-4-22 18542]

R2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmk.dll [2003-4-18 36463]

R2 nistck;nistck;c:\windows\system32\drivers\niSTCk.dll [2003-7-25 111616]

R2 niswdk;niswdk;c:\windows\system32\drivers\niswdk.dll [2003-4-26 277609]

R2 sdiont;sdiont;c:\windows\system32\drivers\Sdiont.sys [1999-5-24 4576]

R2 xdsfast1;XDSFast1_ISA_Bus_Driver;c:\windows\system32\xdsfast1.sys [2004-10-22 6112]

R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-4-17 36352]

R3 nicdrk;nicdrk;c:\windows\system32\drivers\nicdrk.dll [2003-4-22 105075]

R3 nimru2k;nimru2k;c:\windows\system32\drivers\nimru2k.dll [2003-6-25 83568]

R3 nimslk;nimslk;c:\windows\system32\drivers\nimslk.dll [2003-6-25 23652]

R3 nimsrlk;nimsrlk;c:\windows\system32\drivers\nimsrlk.dll [2003-6-25 184935]

R3 nimstsk;nimstsk;c:\windows\system32\drivers\nimstsk.dll [2003-6-25 43121]

R3 niscdk;niscdk;c:\windows\system32\drivers\niscdk.dll [2003-4-26 342630]

R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-4-17 808448]

S1 SABKUTIL;SABKUTIL;\??\c:\program files\superantispyware\sabkutil.sys --> c:\program files\superantispyware\SABKUTIL.sys [?]

S1 vcdrom;Virtual CD-ROM Device Driver;\??\c:\temp\vcdrom.sys --> c:\temp\VCdRom.sys [?]

S2 DriverX;DriverX;c:\windows\system32\drivers\driverx.sys --> c:\windows\system32\drivers\DriverX.sys [?]

S2 SSIPDDP;SSIPDDP;c:\windows\system32\drivers\SSIPDDP.SYS [2007-10-4 54272]

S3 FTD2XX;FTD2XX.SYS FT8U2XX device driver;c:\windows\system32\drivers\FTD2XX.sys [2008-9-27 34639]

S3 NDMSHLP;Device Monitor Helper Driver;c:\program files\common files\hhd software\device monitor\NDMSHLP.sys [2005-5-25 7632]

S3 niefrk;niefrk;c:\windows\system32\drivers\niefrk.dll [2003-4-22 74348]

S3 niesrk;niesrk;c:\windows\system32\drivers\niesrk.dll [2003-4-25 362599]

S3 nimsdrk;nimsdrk;c:\windows\system32\drivers\nimsdrk.dll [2003-6-25 70782]

S3 nispdk;nispdk;c:\windows\system32\drivers\nispdk.dll [2003-4-26 39014]

S3 nistc2k;nistc2k;c:\windows\system32\drivers\nistc2k.dll [2003-4-22 125552]

S3 nistcrk;nistcrk;c:\windows\system32\drivers\nistcrk.dll [2003-4-23 73845]

S3 NiViPxiK;NiViPxiK;c:\windows\system32\drivers\NiViPxiK.sys [2003-4-22 17920]

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2008-12-23 50704]

S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2006-11-7 92160]

S3 sdusb2em;SD USB Emulator (sdusb2em.sys);c:\windows\system32\drivers\sdusb2em.sys [2008-8-15 22912]

S3 SerMon;Serial Monitor Filter Driver;c:\program files\hhd software\free serial port monitor\sermon.sys [2005-5-25 18432]

S3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [2007-4-17 31104]

S3 VF0350Afx;VF0350 Audio FX;c:\windows\system32\drivers\V0350Afx.sys [2007-10-16 142656]

S3 VF0350Vfx;VF0350 Video FX;c:\windows\system32\drivers\V0350Vfx.sys [2007-10-16 7424]

S3 VF0350Vid;Live! Cam Video IM (VF0350);c:\windows\system32\drivers\V0350Vid.sys [2007-10-16 170368]

S3 XDS560;Texas Instruments XDS560 Device Driver;c:\windows\system32\drivers\xds560.sys [2004-10-22 28296]

S3 XilinxFirmwareEmbeddedLoader;XilinxFirmwareEmbeddedLoader;c:\windows\system32\drivers\xusb_xup.sys [2008-4-18 17408]

S3 XilinxFirmwareEmbeddedLpLoader;XilinxFirmwareEmbeddedLpLoader;c:\windows\system32\drivers\xusb_emb.sys [2008-4-18 17408]

S3 XilinxFirmwareLoader;XilinxFirmwareLoader;c:\windows\system32\drivers\xusbdfwu.sys [2008-4-18 17280]

S3 XilinxFirmwareLpLoader;XilinxFirmwareLpLoader;c:\windows\system32\drivers\xusb_xlp.sys [2007-10-4 17280]

S3 XilinxFirmwarePusb2Loader;XilinxFirmwarePusb2Loader;c:\windows\system32\drivers\xusb_xp2.sys [2008-4-18 17920]

S3 XilinxFirmwarePusb2SeLoader;XilinxFirmwarePusb2SeLoader;c:\windows\system32\drivers\xusb_xse.sys [2008-4-18 17920]

=============== Created Last 30 ================

2010-07-18 02:07:08 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-07-18 02:07:06 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-07-18 01:16:56 16384 ----atw- c:\temp\Perflib_Perfdata_190.dat

2010-07-17 05:03:46 16384 ----atw- c:\temp\Perflib_Perfdata_1a0.dat

2010-07-17 01:31:42 16384 ----atw- c:\temp\Perflib_Perfdata_ac.dat

2010-07-17 01:21:06 0 d-----w- c:\windows\pss

2010-07-16 20:01:40 16384 ----atw- c:\temp\Perflib_Perfdata_af8.dat

2010-07-16 19:19:59 0 d-----w- c:\temp\hsperfdata_SYSTEM

2010-07-16 18:07:52 0 d-----w- c:\docume~1\jwood\applic~1\WinPatrol

2010-07-16 18:07:43 0 d-----w- c:\program files\BillP Studios

2010-07-16 17:59:38 0 d-----w- c:\docume~1\jwood\applic~1\SUPERAntiSpyware.com

2010-07-16 17:59:16 0 d-----w- c:\program files\SUPERAntiSpyware

2010-07-16 17:58:42 0 d-----w- c:\temp\SUPERSetup

2010-07-16 17:26:08 0 d-----w- c:\temp\WPDNSE

2010-07-16 16:32:17 0 d-----w- C:\Tools

2010-07-16 13:58:46 16384 ----atw- c:\temp\Perflib_Perfdata_2c4.dat

2010-07-15 17:30:17 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com

2010-07-12 19:18:43 0 d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-07-12 16:55:46 819 ----a-w- c:\windows\wininit.ini

2010-07-11 00:06:24 0 d-----w- c:\docume~1\jwood\applic~1\Malwarebytes

2010-07-10 23:53:30 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2010-07-02 18:52:03 0 d-----w- c:\program files\TortoiseSVN

2010-07-02 18:52:03 0 d-----w- c:\program files\common files\TortoiseOverlays

==================== Find3M ====================

2010-06-23 21:26:51 120726 ----a-w- c:\windows\fonts\AdobeFnt07.lst

2010-05-04 17:20:39 832512 ----a-w- c:\windows\system32\wininet.dll

2010-05-04 17:20:34 78336 ----a-w- c:\windows\system32\ieencode.dll

2010-05-04 17:20:32 17408 ----a-w- c:\windows\system32\corpol.dll

2010-05-02 05:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys

2010-04-20 05:30:08 285696 ----a-w- c:\windows\system32\atmfd.dll

2003-06-19 15:05:04 431888 --s-a-w- c:\program files\common files\riched20.dll

2003-04-23 22:25:24 88761 ----a-w- c:\windows\inf\pxiclean.exe

2007-10-03 16:07:16 88 --sh--r- c:\windows\system32\55E4018CBF.sys

2007-10-03 16:07:40 4182 --sha-w- c:\windows\system32\KGyGaAvL.sys

2007-04-18 17:44:34 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\application data\microsoft\feeds cache\index.dat

2009-02-20 18:00:06 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009022020090221\index.dat

============= FINISH: 22:29:19.70 ===============

And malwarebytes

alwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4322

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.11

7/17/2010 10:25:45 PM

mbam-log-2010-07-17 (22-25-45).txt

Scan type: Quick scan

Objects scanned: 171755

Time elapsed: 9 minute(s), 11 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

I will attach attach.txt if requested.

Thanks,

Woody

[screen317]

Hello and welcome to Malwarebytes.

My apologies for the extended delay; do you still need help?

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!