DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.1.0
Run by Chris at 17:56:26 on 2011-10-21
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3060.1606 [GMT 1:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Norton Internet Security\Engine\19.1.1.3\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\RacAgent.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page =
hxxp://www.visagecomputers.co.uk/uStart Page =
hxxp://www.visagecomputers.co.uk/uWindow Title = Visage Computers
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\19.1.1.3\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\19.1.1.3\ips\IPSBHO.DLL
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\19.1.1.3\coIEPlg.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [GoTrusted] c:\program files\gotrusted.com\gotrusted secure tunnel v2.3.1.5\GoTrusted Secure Tunnel.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} -
hxxp://download.macromedia.com/pub/shoc ... tor/sw.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cabDPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} -
hxxp://fpdownload.macromedia.com/get/fl ... rashim.cabDPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.7.0/jinsta ... s-i586.cabTCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{24808C3F-DF8E-4DBB-B40F-D7DB39A51B71} : DhcpNameServer = 192.168.0.203
TCP: Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F} : DhcpNameServer = 192.168.0.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\chris\appdata\roaming\mozilla\firefox\profiles\1i32whaz.default\
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1301010.003\symds.sys [2011-10-21 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1301010.003\symefa.sys [2011-10-21 897656]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\bashdefs\20111014.001\BHDrvx86.sys [2011-10-15 818808]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1301010.003\ccsetx86.sys [2011-10-21 132744]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\ipsdefs\20111020.030\IDSvix86.sys [2011-10-20 368248]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1301010.003\ironx86.sys [2011-10-21 149624]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1301010.003\symtdiv.sys [2011-10-21 344184]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.1.1.3\ccsvchst.exe [2011-10-21 138760]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-10-14 994360]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-10-14 399416]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-10-21 105592]
R3 gttap1;GoTrusted TAP Adapter;c:\windows\system32\drivers\gttap1.sys [2008-3-18 20480]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S3 MOSUMAC;USB-Ethernet Driver;c:\windows\system32\drivers\MOSUMAC.SYS [2010-11-19 43520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-10-21 16:15:01 -------- d-----w- c:\program files\CCleaner
2011-10-21 15:53:05 -------- d-----w- c:\users\chris\appdata\roaming\SUPERAntiSpyware.com
2011-10-21 15:52:40 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-10-21 15:52:40 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-10-21 14:49:52 -------- d-----w- c:\users\chris\appdata\local\GoTrusted.com
2011-10-21 14:39:51 -------- d-----w- c:\program files\GoTrusted.com
2011-10-21 13:36:01 -------- d-----w- c:\programdata\AVAST Software
2011-10-21 13:36:01 -------- d-----w- c:\program files\AVAST Software
2011-10-21 13:33:54 -------- d-----w- c:\users\chris\appdata\roaming\Malwarebytes
2011-10-21 13:33:47 -------- d-----w- c:\programdata\Malwarebytes
2011-10-21 13:33:43 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-21 13:33:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-21 13:10:54 -------- d-----w- c:\program files\FileHippo.com
2011-10-21 13:07:39 -------- d-----w- c:\users\chris\appdata\local\Adobe
2011-10-21 13:04:21 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-10-21 13:00:35 -------- d-----w- c:\program files\common files\xing shared
2011-10-21 12:55:10 -------- d-----w- c:\users\chris\appdata\local\Secunia PSI
2011-10-21 12:55:01 -------- d-----w- c:\program files\Secunia
2011-10-21 12:54:11 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-21 12:17:24 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-10-21 12:17:24 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-10-21 12:15:59 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-10-21 12:13:57 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-10-21 12:01:59 -------- d-----w- c:\programdata\Symantec
2011-10-21 12:01:56 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-10-21 12:01:56 -------- d-----w- c:\program files\Symantec
2011-10-21 12:01:56 -------- d-----w- c:\program files\common files\Symantec Shared
2011-10-21 12:00:59 -------- d-----w- c:\windows\system32\drivers\NIS
2011-10-21 12:00:57 -------- d-----w- c:\program files\Norton Internet Security
2011-10-21 12:00:56 -------- d-----w- c:\programdata\Norton
2011-10-21 12:00:47 -------- d-----w- c:\programdata\NortonInstaller
2011-10-21 12:00:47 -------- d-----w- c:\program files\NortonInstaller
.
==================== Find3M ====================
.
2011-10-21 13:12:55 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-21 13:00:13 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-10-21 13:00:13 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-09-06 13:30:12 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-08-25 16:15:04 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-08-25 16:14:01 563712 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-25 16:14:01 238080 ----a-w- c:\windows\system32\oleacc.dll
2011-08-25 13:31:01 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-08-08 23:38:11 132744 ----a-w- c:\windows\system32\drivers\nis\1301010.003\ccsetx86.sys
2011-08-03 02:22:10 566904 ----a-w- c:\windows\system32\drivers\nis\1301010.003\srtsp.sys
2011-08-03 02:22:10 31864 ----a-w- c:\windows\system32\drivers\nis\1301010.003\srtspx.sys
2011-07-29 16:01:34 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-07-29 16:01:33 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-07-29 16:00:14 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-07-29 03:20:02 897656 ----a-w- c:\windows\system32\drivers\nis\1301010.003\symefa.sys
2011-07-26 02:18:39 344184 ----a-w- c:\windows\system32\drivers\nis\1301010.003\symtdiv.sys
2011-07-26 02:18:39 314488 ----a-w- c:\windows\system32\drivers\nis\1301010.003\symnets.sys
2011-07-26 02:15:51 149624 ----a-w- c:\windows\system32\drivers\nis\1301010.003\ironx86.sys
2011-07-25 18:18:36 340088 ----a-r- c:\windows\system32\drivers\nis\1301010.003\symds.sys
.
============= FINISH: 17:56:48.99 ===============