sorry for late response, my sas scan usually takes 35 min, this time it took over 2 hours. During the scan xp 2011 antivirus popped up, after scan i rebooted and it started with computer, it disabled me from using firefox/ie. I ran cc cleaner and here i am.
gee whiz, the SAS folder is now blank. i don't have any desktop icons, and SAS folder is blank in startup/ programs, I can't get to programs from my computer/c
so i can't even post SAS log.
MODIFIED....OK i started in safe mode, clicked show all files in programs and was able to start SAS to get log, all though the xp anti spyware 2011 keeps popping up.
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 05/30/2011 at 11:00 PM
Application Version : 4.52.1000
Core Rules Database Version : 6998
Trace Rules Database Version: 4810
Scan type : Complete Scan
Total Scan Time : 03:25:12
Memory items scanned : 530
Memory threats detected : 0
Registry items scanned : 6505
Registry threats detected : 1
File items scanned : 331047
File threats detected : 9
System.BrokenFileAssociation
HKCR\.exe
Adware.Tracking Cookie
C:\Documents and Settings\cs\Cookies\
[email protected][1].txt
C:\Documents and Settings\cs\Cookies\cs@doubleclick[1].txt
C:\Documents and Settings\cs\Cookies\
[email protected][1].txt
C:\Documents and Settings\cs\Cookies\cs@yieldmanager[1].txt
C:\Documents and Settings\cs\Cookies\cs@advertising[1].txt
C:\Documents and Settings\cs\Cookies\
[email protected][1].txt
C:\Documents and Settings\cs\Cookies\
[email protected][2].txt
media.kyte.tv [ C:\Documents and Settings\cs\Application Data\Macromedia\Flash Player\#SharedObjects\GVP00001 ]
Trojan.Agent/Gen
C:\SYSTEM VOLUME INFORMATION\_RESTORE{653D82B1-7A8A-4A75-A8AF-5BF15F34719A}\RP3\A0001560.EXE
here's dds
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-05-19.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 1/1/2004 7:19:14 AM
System Uptime: 5/31/2011 4:45:40 AM (0 hours ago)
.
Motherboard: Intel Corporation | | D945GCF
Processor: Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz | LGA 775 | 1999/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 47.55 GiB free.
D: is FIXED (NTFS) - 466 GiB total, 3.647 GiB free.
E: is FIXED (NTFS) - 1397 GiB total, 357.115 GiB free.
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Video Controller (VGA Compatible)
Device ID: PCI\VEN_8086&DEV_2772&SUBSYS_604E107B&REV_02\3&61AAA01&0&10
Manufacturer:
Name: Video Controller (VGA Compatible)
PNP Device ID: PCI\VEN_8086&DEV_2772&SUBSYS_604E107B&REV_02\3&61AAA01&0&10
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Device
Device ID: PCI\VEN_8086&DEV_27D8&SUBSYS_604E107B&REV_01\3&61AAA01&0&D8
Manufacturer:
Name: PCI Device
PNP Device ID: PCI\VEN_8086&DEV_27D8&SUBSYS_604E107B&REV_01\3&61AAA01&0&D8
Service:
.
Class GUID: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
Description: Texas Instruments OHCI Compliant IEEE 1394 Host Controller
Device ID: PCI\VEN_104C&DEV_8020&SUBSYS_00000000&REV_00\4&1E46F438&0&28F0
Manufacturer: Texas Instruments
Name: Texas Instruments OHCI Compliant IEEE 1394 Host Controller
PNP Device ID: PCI\VEN_104C&DEV_8020&SUBSYS_00000000&REV_00\4&1E46F438&0&28F0
Service: ohci1394
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_8086&DEV_27DC&SUBSYS_00000000&REV_01\4&1E46F438&0&40F0
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_8086&DEV_27DC&SUBSYS_00000000&REV_01\4&1E46F438&0&40F0
Service:
.
Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_27DA&SUBSYS_604E107B&REV_01\3&61AAA01&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_27DA&SUBSYS_604E107B&REV_01\3&61AAA01&0&FB
Service:
.
==== System Restore Points ===================
.
RP1: 5/25/2011 5:27:25 AM - System Checkpoint
RP2: 5/28/2011 4:06:05 AM - System Checkpoint
RP3: 5/29/2011 4:47:23 AM - System Checkpoint
RP4: 5/30/2011 5:21:55 AM - System Checkpoint
.
==== Installed Programs ======================
.
ADM 1.0
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3
AIM 7
aiofw
aioocr
aioscnnr
Analog Factory SE 1.2
Antares Auto-Tune Evo VST
Antares Autotune VST v5.09
Antares AVOX Vocal Kit Bundle VST v1.02
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
Ares 2.1.5
ASIO4ALL
BeatKangz Virtual Beat Thang Pro VSTi v2.0.1
Best Service Chris Hein Horns
Bonjour
CCleaner (remove only)
CCScore
center
CodeMeter Runtime Kit v4.01
ConvertXtoDVD 4.0.12.327
CS-80V2 2.0
Download Updater (AOL LLC)
DreamStation DXi2
EASEUS Data Recovery Wizard Professional 5.0.1
East West Vapor
ElastikVst
eLicenser Control
Emagic Logic Audio Platinum 5.5
EMCO Network Malware Cleaner
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSTOOLS
essvatgt
FL Studio 10
GForce - Minimonsta
Gizmo5
GoldWave v5.51
Google Chrome
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
Google Video Uploader
Help_CTR
HijackThis 2.0.2
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB981793)
HxD Hex Editor version 1.7.7.0
IL Download Manager
ImageShack Uploader 2.2.0
Interlok driver setup x32
Internet Download Manager
IrfanView (remove only)
IsoBuster 2.5
iZotope Ozone 4
Java Auto Updater
Java(TM) 6 Update 20
Jupiter-8V 1.0
kgcbaby
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kodak EasyShare software
KORG Legacy Collection - ANALOG EDITION 2007
KORG Legacy Collection - DIGITAL EDITION
ksdip
LG United Mobile Driver
LinPlug CronoX VSTi v2.04
Live 8.1.4
LogMeIn
LUXONIX Purity
M-Audio FastTrackPro Driver 6.0.2 (x86)
M-Audio Series II MIDI
Magic DVD Ripper V5.5.0
Malwarebytes' Anti-Malware
Mega Manager
Microsoft .NET Framework 2.0
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WinUsb 1.0
MIKSOFT Mobile Media Converter
Mozilla Firefox (4.0b2)
Mozilla Firefox 4.0.1 (x86 en-US)
MySpaceIM
Native Instruments Absynth 5
Native Instruments Bandstand
Native Instruments FM8
Native Instruments Guitar Rig 4
Native Instruments Hardware Controller Support
Native Instruments Komplete 6
Native Instruments Kontakt 4
Native Instruments Maschine Driver
Native Instruments Massive
Native Instruments Pro-53
Native Instruments Reaktor 5
Native Instruments Reaktor Session One
Native Instruments Service Center
Nero 7 Premium
neroxml
netbrdg
OfotoXMI
OrangeVocoder v2.0-OxYGeN
PlayItAll media player 1.0.5
Reason 5.0
ReCycle 2.1.2
reFX Nexus VSTi RTAS v2.2.0
Rob Papen RG 1.5 64 Bits
SDFormatter
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981349)
SFR
SHASTA
skin0001
SKINXSDK
SONAR X1 Producer
Sonique
SONiVOX Sampla
staticcr
Steinberg Cubase SX v3.0.2.623
Steinberg Cubase v4.1.3
String Machine
SUPERAntiSpyware
SyncroSoft Emu (Remove only)
Tracktion 3.0.4.8
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Veoh Web Player
Vista Codec Package
Vista Ultimate Edition final v1.0
VPRINTOL
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Media Format Runtime
Windows Vista Sounds Pack
winLAME 2010 beta 2
winLAME prerelease4
WinRAR archiver
WIRELESS
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Your Uninstaller! 2010
.
==== Event Viewer Messages From Past Week ========
.
5/29/2011 12:32:38 PM, error: Service Control Manager [7034] - The IMAPI CD-Burning COM Service service terminated unexpectedly. It has done this 1 time(s).
5/29/2011 12:23:38 PM, error: System Error [1003] - Error code 1000007e, parameter1 c0000005, parameter2 b683db29, parameter3 ba4fb810, parameter4 ba4fb50c.
5/28/2011 3:21:22 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
5/27/2011 7:45:59 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
5/26/2011 7:28:00 PM, error: Service Control Manager [7034] - The Kodak AiO Device Service service terminated unexpectedly. It has done this 1 time(s).
5/25/2011 5:58:56 PM, error: DCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {DCBCA92E-7DBE-4EDA-8B7B-3AAEA4DD412B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18). This security permission can be modified using the Component Services administrative tool.
5/25/2011 5:58:52 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ohci1394
5/25/2011 5:58:52 PM, error: Service Control Manager [7022] - The Bonjour Service service hung on starting.
5/25/2011 5:57:27 PM, error: Service Control Manager [7000] - The M-Audio Series II MIDI Installer service failed to start due to the following error: The system cannot find the file specified.
5/25/2011 5:19:48 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/25/2011 2:09:08 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
5/25/2011 2:08:50 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
5/25/2011 2:01:29 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
5/25/2011 1:33:05 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip WS2IFSL
5/25/2011 1:33:05 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
5/25/2011 1:33:05 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/25/2011 1:33:05 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
5/25/2011 1:33:05 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
5/25/2011 1:33:05 AM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
.
==== End Of File ===========================
.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 6.0.2900.3264 BrowserJavaVersion: 1.6.0_20
Run by cs at 4:47:40 on 2011-05-31
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3062.2502 [GMT -4:00]
.
AV: Kaspersky Anti-Virus *Disabled/Outdated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
============== Running Processes ===============
.
C:\WINDOWS.2\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS.2\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS.2\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kodak\printer\center\KodakSvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\WINDOWS.2\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS.2\Explorer.EXE
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\WINDOWS.2\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\internet download manager\IDMan.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS.2\system32\M-AudioTaskBarIcon.exe
C:\Documents and Settings\cs\Local Settings\Application Data\vcu.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\cs\My Documents\Downloads\dds.scr
C:\WINDOWS.2\system32\WSCRIPT.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.yahoo.com
mDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=127.0.0.1:61495
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll
BHO: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - c:\program files\megaupload\mega manager\MegaIEMn.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [VeohPlugin] "c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe"
uRun: [ares] "c:\program files\ares\Ares.exe" -h
uRun: [Aim] "c:\program files\aim\aim.exe" /d locale=en-US
uRun: [Google Update] "c:\documents and settings\cs\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [M-Audio Taskbar Icon] c:\windows.2\system32\M-AudioTaskBarIcon.exe
mRun: [googletalk] c:\program files\google\google talk\googletalk.exe /autostart
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [EKIJ5000StatusMonitor] c:\windows.2\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
mRun: [H2O] c:\program files\syncrosoft\pos\h2o\cledx.exe
dRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
uPolicies-explorer: NoDesktop = 1 (0x1)
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download Link Using Mega Manager... - c:\program files\megaupload\mega manager\mm_file.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - c:\program files\bonjour\ExplorerPlugin.dll
LSP: c:\windows.2\system32\idmmbc.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: LMIinit - LMIinit.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, credssp.dll, msnsspc.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\cs\application data\mozilla\firefox\profiles\pwlppcx1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://searchservice.myspace.com/index.cfm?fuseaction=sitesearch.results&type=Web&orig=TB-WFFDS&qry=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 61495
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\cs\application data\idm\idmmzcc3\components\idmmzcc.dll
FF - component: c:\documents and settings\cs\application data\mozilla\firefox\profiles\pwlppcx1.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}\platform\winnt_x86-msvc\components\WeaveCrypto.dll
FF - component: c:\documents and settings\cs\application data\mozilla\firefox\profiles\pwlppcx1.default\extensions\{394dcba4-1f92-4f8e-8ec9-8d2cb90cb69b}\components\ScreenshotXPCOM.dll
FF - plugin: c:\documents and settings\cs\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\vistacodecpack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\vistacodecpack\rm\browser\plugins\nprpjplug.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false
============= SERVICES / DRIVERS ===============
.
R0 aaatimeo;aaatimeo;c:\windows.2\system32\drivers\aaatimeo.sys [2006-2-26 4928]
R0 afamgt;afamgt;c:\windows.2\system32\drivers\afamgt.sys [2006-3-28 91707]
R0 siwinacc;siwinacc;c:\windows.2\system32\drivers\siwinacc.sys [2004-11-1 10368]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 CodeMeter.exe;CodeMeter Runtime Server;c:\program files\codemeter\runtime\bin\CodeMeter.exe [2009-4-3 1680704]
R2 KodakSvc;Kodak AiO Device Service;c:\program files\kodak\printer\center\KodakSvc.exe [2007-1-31 9216]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2010-1-27 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows.2\system32\drivers\LMIRfsDriver.sys [2010-8-25 47640]
R2 NIHardwareService;NIHardwareService;c:\program files\common files\native instruments\hardware\NIHardwareService.exe [2008-11-21 3706880]
R3 CLEDX;Team H2O CLEDX service;c:\windows.2\system32\drivers\cledx.sys [2010-11-13 33792]
R3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows.2\system32\drivers\MAudioFastTrackPro.sys [2009-11-9 158600]
S?2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-6 135664]
S3 Andbus;LGE Android Platform Composite USB Device;c:\windows.2\system32\drivers\lgandbus.sys [2011-4-26 14336]
S3 AndDiag;LGE Android Platform USB Serial Port;c:\windows.2\system32\drivers\lganddiag.sys [2011-4-26 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows.2\system32\drivers\lgandgps.sys [2011-4-26 20096]
S3 ANDModem;LGE Android Platform USB Modem;c:\windows.2\system32\drivers\lgandmodem.sys [2011-4-26 25088]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-7-6 135664]
S3 RDID1009;EDIROL UM-1;c:\windows.2\system32\drivers\Rdwm1009.sys [2010-7-22 79393]
S4 LMIRfsClientNP;LMIRfsClientNP;
.
=============== Created Last 30 ================
.
2011-05-31 01:05:24 364544 --sha-w- c:\documents and settings\cs\local settings\application data\vcu.exe
2011-05-29 16:24:40 341504 ---ha-w- c:\documents and settings\all users\application data\14475044.exe
2011-05-29 16:17:00 431104 ---ha-w- c:\documents and settings\all users\application data\UtYUtxpPbB.exe
2011-05-28 07:41:16 -------- d--h--w- c:\documents and settings\cs\application data\SUPERAntiSpyware.com
2011-05-28 07:41:12 -------- d--h--w- c:\program files\SUPERAntiSpyware
2011-05-27 23:44:16 327680 --sha-w- c:\documents and settings\cs\local settings\application data\vgl.exe
2011-05-25 06:02:23 -------- d--h--w- c:\program files\EMCO Network Malware Cleaner
2011-05-25 06:02:06 11254 ---ha-w- c:\windows.2\system32\locate.com
2011-05-25 06:01:43 -------- d--h--w- C:\MGTools
2011-05-25 06:01:11 -------- d--h--w- c:\program files\common files\Wise Installation Wizard
2011-05-25 06:01:05 -------- d--h--w- c:\program files\CCleaner
2011-05-25 05:48:51 -------- d--h--w- c:\program files\Trend Micro
2011-05-25 00:08:43 335872 --sha-w- c:\documents and settings\cs\local settings\application data\hch.exe
2011-05-14 22:10:34 -------- d--h--w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
.
==================== Find3M ====================
.
2011-04-17 20:43:57 1409 ---ha-w- c:\windows.2\QTFont.for
2011-04-05 03:57:12 118784 ---ha-w- c:\windows.2\dsdxirmv.exe
2009-08-14 14:35:34 84350616 ---ha-w- c:\program files\Komplete 6 Setup PC.exe
.
============= FINISH: 4:48:24.54 ===============