.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by sdees at 21:25:05 on 2012-09-08
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.1.1033.18.1791.953 [GMT -7:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Acer\eProtection\Service\eProtectionServ.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://
www.kirotv.com
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&s=1&o=vz32&d=0110&m=vl410g
mStart Page = hxxp://
www.yahoo.com
mDefault_Page_URL = hxxp://
www.yahoo.com
uInternet Settings,ProxyOverride = <local>;*.local
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Shopping Assistant Plugin: {1631550f-191d-4826-b069-d9439253d926} - c:\program files\pricegong\2.6.4\PriceGongIE.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: SpecialSavings: {74f475fa-6c75-43bd-aab9-ecda6184f600} - c:\program files\specialsavings\SpecialSavingsSinged.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [c:\dl31df.tmp] c:\DL31DF.tmp AUTOMATICUPDATECHECK=yes
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Facebook Update] "c:\users\sdees\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Google Update] "c:\users\sdees\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Apanel] c:\acersw\config\SetApanel.cmd
mRun: [Acer Product Registration] "c:\program files\acer registration\ACE1.exe" /startup
mRun: [Acer Assist Launcher] c:\program files\acer assist\launcher.exe
mRun: [eRecoveryService]
mRun: [Acer Tour Reminder] c:\acer\acertour\Reminder.exe
mRun: [WrtMon.exe] c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\specialsavings\SpecialSavingsSinged.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {B80CD4E6-5B02-4B6C-99BE-68F1511E9549} - hxxp://plugin.slingbox.com/downloads/pc/1.4.0.85/WebSlingPlayer.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1 184.16.33.54
TCP: Interfaces\{06A5C46C-5C78-45B4-8CB2-636B1175F385} : DhcpNameServer = 192.168.1.1 184.16.33.54
TCP: Interfaces\{15AFD585-8A16-430D-B11E-0325F9EB1B38} : DhcpNameServer = 192.168.1.1 184.16.33.54
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\sdees\appdata\roaming\mozilla\firefox\profiles\zkaqpwwn.default\
FF - prefs.js: browser.startup.homepage -
www.kirotv.com
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\sdees\appdata\local\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_265.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-9-7 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-9-7 355632]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-8-11 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-9-7 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-9-7 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-9-7 44808]
R2 eProtection;eProtection Service;c:\program files\acer\eprotection\service\eProtectionServ.exe [2008-4-7 24576]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-9-7 1153368]
R3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\system32\drivers\WN111v2v.sys [2008-9-29 449536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-9-7 250056]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\toolbarbroker.exe --> c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [?]
S3 hcwhdpvr;Hauppauge HD PVR Capture Device;c:\windows\system32\drivers\hcwhdpvr.sys [2010-3-4 157184]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-9-7 114144]
S3 netr28u;Linksys USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2007-12-14 570880]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-9-7 27192]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-1-20 16896]
S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\drivers\WSDScan.sys [2010-3-7 19968]
.
=============== Created Last 30 ================
.
2012-09-08 22:09:45 -------- d-----w- c:\users\sdees\appdata\local\Avg2013
2012-09-08 21:52:40 -------- d-----w- c:\users\sdees\appdata\roaming\TuneUp Software
2012-09-08 21:46:22 -------- d-----w- c:\users\sdees\appdata\local\MFAData
2012-09-08 19:50:12 -------- d-----w- c:\program files\ESET
2012-09-08 01:46:44 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-08 01:46:28 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-07 20:25:28 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-09-07 20:25:26 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-09-07 20:24:46 41224 ----a-w- c:\windows\avastSS.scr
2012-09-07 19:00:15 -------- d-----w- c:\users\sdees\appdata\roaming\SUPERAntiSpyware.com
2012-09-07 18:59:55 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-09-07 18:59:54 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-09-07 18:51:52 -------- d-----w- c:\program files\SpywareBlaster
2012-09-07 18:48:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-09-07 18:48:55 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-09-07 18:46:54 -------- d-----w- c:\users\sdees\appdata\roaming\Malwarebytes
2012-09-07 18:46:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-07 18:46:40 -------- d-----w- c:\programdata\Malwarebytes
2012-09-07 18:46:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-07 16:53:26 -------- d-----w- c:\program files\Belarc
2012-09-07 16:47:38 -------- d-----w- c:\program files\common files\Java(0)
2012-09-07 16:39:32 -------- d-----w- c:\programdata\AVAST Software
2012-09-07 16:39:32 -------- d-----w- c:\program files\AVAST Software
2012-09-07 16:27:06 -------- d-----w- c:\users\sdees\appdata\local\VS Revo Group
2012-09-07 16:27:03 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2012-09-07 16:27:02 -------- d-----w- c:\program files\VS Revo Group
2012-09-07 16:25:32 -------- d-----w- c:\users\sdees\appdata\local\Macromedia
2012-09-07 16:25:06 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-07 16:25:06 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-21 06:45:32 -------- d-----w- c:\users\sdees\appdata\roaming\PerformerSoft
2012-08-21 06:45:25 17464 ----a-w- c:\windows\system32\roboot.exe
2012-08-21 06:45:19 -------- d-----w- c:\programdata\InstallBrainService
2012-08-21 06:42:14 -------- d-----w- c:\users\sdees\appdata\local\Apps
2012-08-21 05:30:22 -------- d-----w- c:\program files\Yontoo
2012-08-21 05:30:18 -------- d-----w- c:\programdata\Tarma Installer
2012-08-21 05:30:13 -------- d-----w- c:\programdata\IBUpdaterService
2012-08-21 05:29:55 -------- d-----w- c:\users\sdees\appdata\local\CRE
2012-08-21 05:29:20 -------- d-----w- c:\program files\PriceGong
2012-08-21 05:29:16 -------- d-----w- c:\users\sdees\appdata\local\Savings Sidekick
2012-08-21 05:29:15 -------- d-----w- c:\program files\SpecialSavings
2012-08-21 05:29:13 -------- d-----w- c:\program files\Savings Sidekick
2012-08-16 17:10:59 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-08-16 01:45:14 623616 ----a-w- c:\windows\system32\localspl.dll
.
==================== Find3M ====================
.
2012-09-08 01:46:00 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-08 07:28:40 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-08-08 07:28:40 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-06-29 00:16:58 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 21:25:30.13 ===============