Hi, I seem to have a virus that stopped my wireless connection from functioning. I tried to reactivate it but all my attempts have failed. I have found some malware on my PC, but am continuing to have problems trying to get the wireless connection to work. If it is relevant, my explorer home page was changed to hxxp://www.google.mini20.com when all this went pear-shaped.
Please find logs attached as requested. Your assistance to this is gratefully appreciated.
Regards,
Huttley
DDS (Ver_09-03-16.01) - NTFSx86
Run by Mick at 17:33:59.48 on Sat 09/05/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.61.1033.18.511.76 [GMT 10:00]
AV: BitDefender Antivirus *On-access scanning disabled* (Outdated)
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\AirPort\APAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\TomTom HOME\TomTomHOMERunner.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Panasonic\MotionSD STUDIO\SD_Browser\AutoLauncher.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Mick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mick\My Documents\Downloads\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://google.com.au/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Weather Tracker3] c:\program files\weatherzone tracker\weather_tracker.exe
uRun: [Google Update] "c:\documents and settings\mick\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [AntispywareBot] c:\program files\antispywarebot\AntispywareBot.exe -boot
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [TomTomHOME.exe] "c:\program files\tomtom home\TomTomHOMERunner.exe"
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
mRun: [AirPort Base Station Agent] "c:\program files\airport\APAgent.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2009\IEShow.exe"
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 6.0\apdproxy.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\motion~1.lnk - c:\program files\panasonic\motionsd studio\sd_browser\AutoLauncher.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
mPolicies-system: EnableLUA = 0 (0x0)
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - hxxp://www.pcpitstop.com/mhLbl.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://webaccess.joy.com/dana-cached/setup/JuniperSetupSP1.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
============= SERVICES / DRIVERS ===============
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-4-28 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-4-28 72944]
R1 sK9Ou0s;sK9Ou0s;c:\documents and settings\mick\application data\drivers\srosa2.sys [2009-5-9 7168]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-4-28 7408]
=============== Created Last 30 ================
2009-05-09 17:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-05-09 15:16 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-05-09 15:16 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-05-09 15:16 <DIR> --d----- c:\docume~1\mick\applic~1\SUPERAntiSpyware.com
2009-05-09 15:14 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-05-09 15:02 <DIR> --d----- c:\docume~1\mick\applic~1\AntispywareBot
2009-05-09 15:01 <DIR> --d----- c:\program files\AntispywareBot
2009-05-09 14:22 <DIR> --d-h--- c:\docume~1\mick\applic~1\m
2009-05-09 13:27 <DIR> --d----- c:\docume~1\mick\applic~1\Malwarebytes
2009-05-09 13:27 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-05-09 13:27 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-09 13:27 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-05-09 13:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-05-09 13:10 <DIR> --d----- c:\program files\Trend Micro
2009-05-09 12:04 <DIR> --d-h--- c:\docume~1\mick\applic~1\drivers
2009-05-06 18:42 <DIR> --d----- c:\program files\DiskInternals
2009-05-06 17:39 <DIR> --d----- c:\windows\system32\NtmsData
2009-04-29 18:01 <DIR> --d----- c:\program files\common files\PCSuite
2009-04-29 17:57 18,816 a------- c:\windows\system32\drivers\pccsmcfd.sys
2009-04-29 17:57 <DIR> --d----- c:\program files\PC Connectivity Solution
2009-04-21 19:36 <DIR> --d----- c:\program files\TomTom HOME
2009-04-18 22:55 <DIR> --d----- c:\program files\MSXML 4.0
2009-04-18 10:07 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll
2009-04-18 10:07 8,192 a------- c:\windows\system32\wshirda.dll
2009-04-18 10:07 151,552 ac------ c:\windows\system32\dllcache\irftp.exe
2009-04-18 10:07 28,160 ac------ c:\windows\system32\dllcache\irmon.dll
2009-04-18 10:07 151,552 a------- c:\windows\system32\irftp.exe
2009-04-18 10:07 28,160 a------- c:\windows\system32\irmon.dll
2009-04-18 09:45 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Nokia
2009-04-18 09:34 26,112 ac------ c:\windows\system32\dllcache\usbser.sys
2009-04-18 09:34 26,112 a------- c:\windows\system32\drivers\usbser.sys
2009-04-18 09:34 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-04-18 09:34 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-04-18 09:34 14,640 -------- c:\windows\system32\spmsgXP_2k3.dll
2009-04-18 09:31 <DIR> --d----- c:\program files\common files\Nokia
2009-04-18 09:29 91,136 a------- c:\windows\system32\nmwcdcls.dll
2009-04-18 09:29 <DIR> --d----- c:\program files\Nokia
2009-04-15 13:43 284,160 -c------ c:\windows\system32\dllcache\pdh.dll
2009-04-15 13:43 473,600 -c------ c:\windows\system32\dllcache\fastprox.dll
2009-04-15 13:43 453,120 -c------ c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 13:43 401,408 -c------ c:\windows\system32\dllcache\rpcss.dll
2009-04-15 13:43 227,840 -c------ c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 13:43 110,592 -c------ c:\windows\system32\dllcache\services.exe
2009-04-15 13:43 729,088 -c------ c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 13:43 714,752 -c------ c:\windows\system32\dllcache\ntdll.dll
2009-04-15 13:43 617,472 -c------ c:\windows\system32\dllcache\advapi32.dll
2009-04-15 13:40 2,560 -------- c:\windows\system32\xpsp4res.dll
2009-04-15 13:40 1,203,922 -c------ c:\windows\system32\dllcache\sysmain.sdb
2009-04-15 13:40 215,552 -c------ c:\windows\system32\dllcache\wordpad.exe
==================== Find3M ====================
2009-04-10 07:28 81,984 a------- c:\windows\system32\bdod.bin
2009-03-08 04:34 914,944 a------- c:\windows\system32\wininet.dll
2009-03-08 04:34 43,008 a------- c:\windows\system32\licmgr10.dll
2009-03-08 04:33 18,944 a------- c:\windows\system32\corpol.dll
2009-03-08 04:33 420,352 a------- c:\windows\system32\vbscript.dll
2009-03-08 04:32 72,704 a------- c:\windows\system32\admparse.dll
2009-03-08 04:32 71,680 a------- c:\windows\system32\iesetup.dll
2009-03-08 04:31 34,816 a------- c:\windows\system32\imgutil.dll
2009-03-08 04:31 48,128 a------- c:\windows\system32\mshtmler.dll
2009-03-08 04:31 45,568 a------- c:\windows\system32\mshta.exe
2009-03-08 04:22 156,160 a------- c:\windows\system32\msls31.dll
2009-03-07 00:22 284,160 a------- c:\windows\system32\pdh.dll
2009-02-09 22:10 729,088 a------- c:\windows\system32\lsasrv.dll
2009-02-09 22:10 714,752 a------- c:\windows\system32\ntdll.dll
2009-02-09 22:10 617,472 a------- c:\windows\system32\advapi32.dll
2009-02-09 22:10 401,408 a------- c:\windows\system32\rpcss.dll
2009-02-09 21:13 1,846,784 a------- c:\windows\system32\win32k.sys
============= FINISH: 17:36:20.70 ===============
Please find logs attached as requested. Your assistance to this is gratefully appreciated.
Regards,
Huttley
DDS (Ver_09-03-16.01) - NTFSx86
Run by Mick at 17:33:59.48 on Sat 09/05/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.61.1033.18.511.76 [GMT 10:00]
AV: BitDefender Antivirus *On-access scanning disabled* (Outdated)
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\AirPort\APAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\TomTom HOME\TomTomHOMERunner.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Panasonic\MotionSD STUDIO\SD_Browser\AutoLauncher.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Mick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mick\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mick\My Documents\Downloads\dds.scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://google.com.au/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Weather Tracker3] c:\program files\weatherzone tracker\weather_tracker.exe
uRun: [Google Update] "c:\documents and settings\mick\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [AntispywareBot] c:\program files\antispywarebot\AntispywareBot.exe -boot
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [TomTomHOME.exe] "c:\program files\tomtom home\TomTomHOMERunner.exe"
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
mRun: [AirPort Base Station Agent] "c:\program files\airport\APAgent.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2009\IEShow.exe"
mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 6.0\apdproxy.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\motion~1.lnk - c:\program files\panasonic\motionsd studio\sd_browser\AutoLauncher.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
mPolicies-system: EnableLUA = 0 (0x0)
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} - hxxp://www.linkedin.com/cab/LinkedInContactFinderControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - hxxp://www.pcpitstop.com/mhLbl.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://webaccess.joy.com/dana-cached/setup/JuniperSetupSP1.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize2/pcpitstop2.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
============= SERVICES / DRIVERS ===============
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-4-28 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-4-28 72944]
R1 sK9Ou0s;sK9Ou0s;c:\documents and settings\mick\application data\drivers\srosa2.sys [2009-5-9 7168]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-4-28 7408]
=============== Created Last 30 ================
2009-05-09 17:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-05-09 15:16 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-05-09 15:16 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-05-09 15:16 <DIR> --d----- c:\docume~1\mick\applic~1\SUPERAntiSpyware.com
2009-05-09 15:14 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-05-09 15:02 <DIR> --d----- c:\docume~1\mick\applic~1\AntispywareBot
2009-05-09 15:01 <DIR> --d----- c:\program files\AntispywareBot
2009-05-09 14:22 <DIR> --d-h--- c:\docume~1\mick\applic~1\m
2009-05-09 13:27 <DIR> --d----- c:\docume~1\mick\applic~1\Malwarebytes
2009-05-09 13:27 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-05-09 13:27 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-09 13:27 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-05-09 13:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-05-09 13:10 <DIR> --d----- c:\program files\Trend Micro
2009-05-09 12:04 <DIR> --d-h--- c:\docume~1\mick\applic~1\drivers
2009-05-06 18:42 <DIR> --d----- c:\program files\DiskInternals
2009-05-06 17:39 <DIR> --d----- c:\windows\system32\NtmsData
2009-04-29 18:01 <DIR> --d----- c:\program files\common files\PCSuite
2009-04-29 17:57 18,816 a------- c:\windows\system32\drivers\pccsmcfd.sys
2009-04-29 17:57 <DIR> --d----- c:\program files\PC Connectivity Solution
2009-04-21 19:36 <DIR> --d----- c:\program files\TomTom HOME
2009-04-18 22:55 <DIR> --d----- c:\program files\MSXML 4.0
2009-04-18 10:07 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll
2009-04-18 10:07 8,192 a------- c:\windows\system32\wshirda.dll
2009-04-18 10:07 151,552 ac------ c:\windows\system32\dllcache\irftp.exe
2009-04-18 10:07 28,160 ac------ c:\windows\system32\dllcache\irmon.dll
2009-04-18 10:07 151,552 a------- c:\windows\system32\irftp.exe
2009-04-18 10:07 28,160 a------- c:\windows\system32\irmon.dll
2009-04-18 09:45 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Nokia
2009-04-18 09:34 26,112 ac------ c:\windows\system32\dllcache\usbser.sys
2009-04-18 09:34 26,112 a------- c:\windows\system32\drivers\usbser.sys
2009-04-18 09:34 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-04-18 09:34 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-04-18 09:34 14,640 -------- c:\windows\system32\spmsgXP_2k3.dll
2009-04-18 09:31 <DIR> --d----- c:\program files\common files\Nokia
2009-04-18 09:29 91,136 a------- c:\windows\system32\nmwcdcls.dll
2009-04-18 09:29 <DIR> --d----- c:\program files\Nokia
2009-04-15 13:43 284,160 -c------ c:\windows\system32\dllcache\pdh.dll
2009-04-15 13:43 473,600 -c------ c:\windows\system32\dllcache\fastprox.dll
2009-04-15 13:43 453,120 -c------ c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 13:43 401,408 -c------ c:\windows\system32\dllcache\rpcss.dll
2009-04-15 13:43 227,840 -c------ c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 13:43 110,592 -c------ c:\windows\system32\dllcache\services.exe
2009-04-15 13:43 729,088 -c------ c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 13:43 714,752 -c------ c:\windows\system32\dllcache\ntdll.dll
2009-04-15 13:43 617,472 -c------ c:\windows\system32\dllcache\advapi32.dll
2009-04-15 13:40 2,560 -------- c:\windows\system32\xpsp4res.dll
2009-04-15 13:40 1,203,922 -c------ c:\windows\system32\dllcache\sysmain.sdb
2009-04-15 13:40 215,552 -c------ c:\windows\system32\dllcache\wordpad.exe
==================== Find3M ====================
2009-04-10 07:28 81,984 a------- c:\windows\system32\bdod.bin
2009-03-08 04:34 914,944 a------- c:\windows\system32\wininet.dll
2009-03-08 04:34 43,008 a------- c:\windows\system32\licmgr10.dll
2009-03-08 04:33 18,944 a------- c:\windows\system32\corpol.dll
2009-03-08 04:33 420,352 a------- c:\windows\system32\vbscript.dll
2009-03-08 04:32 72,704 a------- c:\windows\system32\admparse.dll
2009-03-08 04:32 71,680 a------- c:\windows\system32\iesetup.dll
2009-03-08 04:31 34,816 a------- c:\windows\system32\imgutil.dll
2009-03-08 04:31 48,128 a------- c:\windows\system32\mshtmler.dll
2009-03-08 04:31 45,568 a------- c:\windows\system32\mshta.exe
2009-03-08 04:22 156,160 a------- c:\windows\system32\msls31.dll
2009-03-07 00:22 284,160 a------- c:\windows\system32\pdh.dll
2009-02-09 22:10 729,088 a------- c:\windows\system32\lsasrv.dll
2009-02-09 22:10 714,752 a------- c:\windows\system32\ntdll.dll
2009-02-09 22:10 617,472 a------- c:\windows\system32\advapi32.dll
2009-02-09 22:10 401,408 a------- c:\windows\system32\rpcss.dll
2009-02-09 21:13 1,846,784 a------- c:\windows\system32\win32k.sys
============= FINISH: 17:36:20.70 ===============
