Hi
I posted yesterday about what appears to be an infection by a piece of malware called PC Optimizer Pro. It appeared out of nowhere in the form of a “pop up” in the bottom right of my screen. It stated that there were 3,000 or so factors slowing down my machine, but as it was an unsolicited pop-up I wondered whether it was malware, which one of your members, Amateur, confirmed. It has even installed a desktop logo, which needless to say I have not clicked!
Amateur suggested I undertook the “Pre-Posting” process,. Although I am not hugely computer-literate, I think I have managed to complete this – with one proviso; BitDefender. I was unable to disable this because the process said to “On the left panel click >> Virus Shield”, but there is no such option so I can only hope this hasn't been a problem when I went on to do the scan. I had SuperAntiSpyware and MalwareBytes, which I have now disabled, and u-torrent whioch I uninstalled from the Control Panel.
I should also point out (I don't know whether it's related) but I have had intermittent interruptions to my broadband connection, and whenever I scan with one of the above utilities, scores of “tracking” malware, which the software assures me are not serious, are always detected.
As requested, I have pasted the text of DDS.txt below and attached the other two logs. The checklist asks whether I have access to a Windows Install disk or Boot CD - the answer, I'm afraid, is "No".
Many thanks in advance for any assistance. I am desperate to become more “PC-savvy” and would also appreciate any suggestions to “beginner tutorials” which would assist me in understanding basic security issues to avoid these kinds of issues recurring.
All the best,
Peter.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Administrator at 22:37:54 on 2012-04-11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1136 [GMT 3:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
C:\Program Files\Optimizer Pro\OptProReminder.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.google.co.uk/
mStart Page = about:blank
uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll
mWinlogon: SfcDisable=-99 (0xffffff9d)
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Bitdefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2011\IEToolbar.dll
TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Optimizer Pro] c:\program files\optimizer pro\OptProLauncher.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2011\ieshow.exe"
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2011\bdagent.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Lexmark 3100 Series] "c:\program files\lexmark 3100 series\lxbrbmgr.exe"
mRun: [LXBRKsk] c:\progra~1\lexmar~1\LXBRKsk.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [ctfmon.exe] ctfmon.exe
dRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
uPolicies-explorer: NoResolveTrack = 1 (0x1)
uPolicies-explorer: NoInstrumentation = 1 (0x1)
uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
dPolicies-explorer: NoInstrumentation = 1 (0x1)
dPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
dPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{046D1E8B-33EF-45C7-B40D-439E58C7BA29} : DhcpNameServer = 194.168.4.100 194.168.8.100
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SecurityProviders: schannel.dll, credssp.dll, digest.dll
.
============= SERVICES / DRIVERS ===============
.
R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [2006-1-10 12960]
R1 Bdvedisk;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2010-1-19 85128]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-13 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2006-1-10 2253120]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2006-1-10 583640]
R2 Updatesrv;BitDefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2011\updatesrv.exe [2011-3-24 43936]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2010-4-22 153440]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf.sys [2010-8-20 111696]
S3 Update Server;BitDefender Update Server v2;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe [2010-11-30 307544]
S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2010-11-29 535824]
S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2010-11-29 1066232]
.
=============== Created Last 30 ================
.
2012-04-10 18:31:43 178176 ------w- c:\windows\system32\dllcache\wintrust.dll
2012-04-10 18:31:43 148480 ------w- c:\windows\system32\dllcache\imagehlp.dll
2012-04-10 18:23:06 -------- d-----w- c:\documents and settings\administrator\application data\Optimizer Pro
2012-04-10 18:16:09 -------- d-----w- c:\documents and settings\all users\application data\Premium
2012-04-10 18:16:01 -------- d-----w- c:\program files\Optimizer Pro
2012-04-10 18:15:20 -------- d-----w- c:\documents and settings\all users\application data\InstallMate
2012-04-02 01:27:21 -------- d-----w- c:\windows\system32\C2MP
2012-04-02 01:17:14 -------- d-----w- C:\DECCHECK
2012-04-01 17:55:17 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Identities
2012-03-31 12:11:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2012-03-31 12:09:28 286720 ----a-w- c:\windows\system32\lxbrf2k.dll
2012-03-31 12:09:28 155648 ----a-w- c:\windows\system32\flashshl.dll
2012-03-31 12:09:27 4608 ----a-w- c:\windows\DelShell.exe
2012-03-31 12:09:27 21504 ----a-w- c:\windows\LXBRSET.EXE
2012-03-31 12:09:27 208896 ----a-w- c:\windows\system32\smshell.dll
2012-03-31 12:09:27 -------- d-----w- c:\program files\Lexmark 3100 Series
2012-03-31 12:09:25 306688 ----a-w- c:\windows\IsUninst.exe
2012-03-31 12:06:34 299520 ----a-w- c:\windows\uninst.exe
2012-03-31 12:06:33 -------- d-----w- c:\documents and settings\administrator\WINDOWS
2012-03-31 12:06:21 -------- d-----w- C:\Lxk3100Series
2012-03-28 16:22:54 -------- d-----w- c:\program files\IrfanView
2012-03-18 11:12:47 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Adobe
.
==================== Find3M ====================
.
2012-04-05 12:11:55 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-05 12:11:54 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-08 12:21:48 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-01 10:58:17 919552 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:58:16 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 10:58:16 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:08:49 178176 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:08:49 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:30:16 385024 ----a-w- c:\windows\system32\html.iec
2012-02-03 09:26:17 1869184 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-15 20:47:20 3478016 ----a-w- c:\windows\system32\ffdshow.ax
2012-01-15 20:44:50 4354048 ----a-w- c:\windows\system32\ffmpeg.dll
2010-07-08 08:37:14 101544 ----a-w- c:\program files\common files\LinkInstaller.exe
.
============= FINISH: 22:39:26.76 ===============
I posted yesterday about what appears to be an infection by a piece of malware called PC Optimizer Pro. It appeared out of nowhere in the form of a “pop up” in the bottom right of my screen. It stated that there were 3,000 or so factors slowing down my machine, but as it was an unsolicited pop-up I wondered whether it was malware, which one of your members, Amateur, confirmed. It has even installed a desktop logo, which needless to say I have not clicked!
Amateur suggested I undertook the “Pre-Posting” process,. Although I am not hugely computer-literate, I think I have managed to complete this – with one proviso; BitDefender. I was unable to disable this because the process said to “On the left panel click >> Virus Shield”, but there is no such option so I can only hope this hasn't been a problem when I went on to do the scan. I had SuperAntiSpyware and MalwareBytes, which I have now disabled, and u-torrent whioch I uninstalled from the Control Panel.
I should also point out (I don't know whether it's related) but I have had intermittent interruptions to my broadband connection, and whenever I scan with one of the above utilities, scores of “tracking” malware, which the software assures me are not serious, are always detected.
As requested, I have pasted the text of DDS.txt below and attached the other two logs. The checklist asks whether I have access to a Windows Install disk or Boot CD - the answer, I'm afraid, is "No".
Many thanks in advance for any assistance. I am desperate to become more “PC-savvy” and would also appreciate any suggestions to “beginner tutorials” which would assist me in understanding basic security issues to avoid these kinds of issues recurring.
All the best,
Peter.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Administrator at 22:37:54 on 2012-04-11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1136 [GMT 3:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe
C:\Program Files\Optimizer Pro\OptProReminder.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = https://www.google.co.uk/
mStart Page = about:blank
uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll
mWinlogon: SfcDisable=-99 (0xffffff9d)
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Bitdefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2011\IEToolbar.dll
TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Optimizer Pro] c:\program files\optimizer pro\OptProLauncher.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2011\ieshow.exe"
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2011\bdagent.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Lexmark 3100 Series] "c:\program files\lexmark 3100 series\lxbrbmgr.exe"
mRun: [LXBRKsk] c:\progra~1\lexmar~1\LXBRKsk.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [ctfmon.exe] ctfmon.exe
dRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
uPolicies-explorer: NoResolveTrack = 1 (0x1)
uPolicies-explorer: NoInstrumentation = 1 (0x1)
uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
dPolicies-explorer: NoInstrumentation = 1 (0x1)
dPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
dPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{046D1E8B-33EF-45C7-B40D-439E58C7BA29} : DhcpNameServer = 194.168.4.100 194.168.8.100
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SecurityProviders: schannel.dll, credssp.dll, digest.dll
.
============= SERVICES / DRIVERS ===============
.
R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [2006-1-10 12960]
R1 Bdvedisk;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2010-1-19 85128]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-13 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2006-1-10 2253120]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2006-1-10 583640]
R2 Updatesrv;BitDefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2011\updatesrv.exe [2011-3-24 43936]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2010-4-22 153440]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf.sys [2010-8-20 111696]
S3 Update Server;BitDefender Update Server v2;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\arrakis3.exe [2010-11-30 307544]
S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2010-11-29 535824]
S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2010-11-29 1066232]
.
=============== Created Last 30 ================
.
2012-04-10 18:31:43 178176 ------w- c:\windows\system32\dllcache\wintrust.dll
2012-04-10 18:31:43 148480 ------w- c:\windows\system32\dllcache\imagehlp.dll
2012-04-10 18:23:06 -------- d-----w- c:\documents and settings\administrator\application data\Optimizer Pro
2012-04-10 18:16:09 -------- d-----w- c:\documents and settings\all users\application data\Premium
2012-04-10 18:16:01 -------- d-----w- c:\program files\Optimizer Pro
2012-04-10 18:15:20 -------- d-----w- c:\documents and settings\all users\application data\InstallMate
2012-04-02 01:27:21 -------- d-----w- c:\windows\system32\C2MP
2012-04-02 01:17:14 -------- d-----w- C:\DECCHECK
2012-04-01 17:55:17 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Identities
2012-03-31 12:11:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2012-03-31 12:09:28 286720 ----a-w- c:\windows\system32\lxbrf2k.dll
2012-03-31 12:09:28 155648 ----a-w- c:\windows\system32\flashshl.dll
2012-03-31 12:09:27 4608 ----a-w- c:\windows\DelShell.exe
2012-03-31 12:09:27 21504 ----a-w- c:\windows\LXBRSET.EXE
2012-03-31 12:09:27 208896 ----a-w- c:\windows\system32\smshell.dll
2012-03-31 12:09:27 -------- d-----w- c:\program files\Lexmark 3100 Series
2012-03-31 12:09:25 306688 ----a-w- c:\windows\IsUninst.exe
2012-03-31 12:06:34 299520 ----a-w- c:\windows\uninst.exe
2012-03-31 12:06:33 -------- d-----w- c:\documents and settings\administrator\WINDOWS
2012-03-31 12:06:21 -------- d-----w- C:\Lxk3100Series
2012-03-28 16:22:54 -------- d-----w- c:\program files\IrfanView
2012-03-18 11:12:47 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Adobe
.
==================== Find3M ====================
.
2012-04-05 12:11:55 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-05 12:11:54 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-08 12:21:48 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-03-01 10:58:17 919552 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:58:16 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 10:58:16 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:08:49 178176 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:08:49 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:30:16 385024 ----a-w- c:\windows\system32\html.iec
2012-02-03 09:26:17 1869184 ----a-w- c:\windows\system32\win32k.sys
2012-01-31 12:44:05 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-15 20:47:20 3478016 ----a-w- c:\windows\system32\ffdshow.ax
2012-01-15 20:44:50 4354048 ----a-w- c:\windows\system32\ffmpeg.dll
2010-07-08 08:37:14 101544 ----a-w- c:\program files\common files\LinkInstaller.exe
.
============= FINISH: 22:39:26.76 ===============