Windows Recovery came up about a week ago. It has hidden everything.
I ran stop zilla and "removed threats" a few days ago.
Thanks in advance for your help.
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by josh at 22:16:34.05 on Fri 05/06/2011
Internet Explorer: 8.0.6001.18882
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1033.18.1013.394 [GMT -6:00]
.
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\SUPERAntiSpyware\SASCore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k Akamai
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\josh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFPCNF2F\dds[1].com
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://qwest.live.com
uWindow Title = Windows Internet Explorer
uInternet Settings,ProxyOverride = <local>
uURLSearchHooks: H - No File
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: STOPzilla Browser Helper Object: {e3215f20-3212-11d6-9f8b-00d0b743919d} - c:\program files\stopzilla!\SZIEBHO.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
StartupFolder: c:\users\josh\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
mPolicies-system: EnableLUA = 0 (0x0)
IE: &Search - ?p=ZUxdm486MQUS
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 szkg5;szkg5;c:\windows\system32\drivers\SZKG.sys [2009-12-7 61328]
R0 szkgfs;szkgfs;c:\windows\system32\drivers\SZKGFS.sys [2010-5-12 59280]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]
R1 MpKsl389b8864;MpKsl389b8864;c:\programdata\microsoft\microsoft antimalware\definition updates\{0c28424a-14cb-4099-9db6-4470ecf4d6c7}\MpKsl389b8864.sys [2011-5-5 28752]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-2 13384]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-2-2 77896]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-1-20 73728]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2006-11-2 22016]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-9-25 189736]
R2 SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2010-2-2 120832]
R2 sprtlisten;SupportSoft Listener Service;c:\program files\common files\supportsoft\bin\sprtlisten.exe [2008-1-8 1213728]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-1-21 111104]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
S0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [2009-12-7 61328]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-4 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-4 135664]
S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2009-3-19 552448]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-2-2 4096]
S4 iaNvStor;Intel(R) Turbo Memory Controller;c:\windows\system32\drivers\iaNvStor.sys [2008-1-21 209408]
.
=============== Created Last 30 ================
.
2011-05-06 02:26:35 28752 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{0c28424a-14cb-4099-9db6-4470ecf4d6c7}\MpKsl389b8864.sys
2011-05-06 02:25:41 7071056 ------w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{0c28424a-14cb-4099-9db6-4470ecf4d6c7}\mpengine.dll
2011-05-04 04:38:29 -------- d-----w- c:\program files\Safer Networking
2011-04-24 22:11:45 -------- d-----w- c:\program files\STOPzilla!
2011-04-24 22:11:43 -------- d-----w- c:\program files\common files\iS3
2011-04-24 22:11:41 -------- d-----w- c:\progra~2\STOPzilla!
2011-04-24 15:50:14 -------- d-----w- c:\users\josh\appdata\roaming\AVG10
2011-04-24 15:49:06 -------- d--h--w- c:\progra~2\Common Files
2011-04-24 15:44:34 -------- d-----w- c:\windows\system32\drivers\AVG
2011-04-24 15:44:34 -------- d-----w- c:\progra~2\AVG10
2011-04-24 15:43:52 -------- d-----w- c:\program files\AVG
2011-04-24 14:59:09 -------- d-----w- c:\progra~2\MFAData
2011-04-24 04:33:03 -------- d-----w- c:\users\josh\appdata\local\PackageAware
2011-04-21 01:45:54 7071056 ------w- c:\progra~2\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-04-20 02:10:50 396800 ----a-w- c:\windows\system32\drivers\http.sys
2011-04-20 02:10:49 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-04-20 02:10:49 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-04-20 02:09:41 378368 ----a-w- c:\windows\system32\winhttp.dll
2011-04-19 23:38:56 22992 ----a-r- c:\windows\system32\SZIO5.dll
2011-04-19 23:38:56 132560 ----a-r- c:\windows\system32\IS3HTUI5.dll
2011-04-19 23:38:54 67024 ----a-r- c:\windows\system32\IS3Hks5.dll
2011-04-19 23:38:54 546256 ----a-r- c:\windows\system32\SZComp5.dll
2011-04-19 23:38:54 452048 ----a-r- c:\windows\system32\SZBase5.dll
2011-04-19 23:38:54 398800 ----a-r- c:\windows\system32\IS3DBA5.dll
2011-04-19 23:38:54 28624 ----a-r- c:\windows\system32\IS3XDat5.dll
2011-04-19 23:38:52 99792 ----a-r- c:\windows\system32\IS3Svc5.dll
2011-04-19 23:38:52 99792 ----a-r- c:\windows\system32\IS3Inet5.dll
2011-04-19 23:38:52 738768 ----a-r- c:\windows\system32\IS3Base5.dll
2011-04-19 23:38:52 390608 ----a-r- c:\windows\system32\IS3UI5.dll
2011-04-19 23:38:52 230864 ----a-r- c:\windows\system32\IS3Win325.dll
2011-04-19 15:00:42 439632 ------w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{2eefd220-75f2-4520-a1df-b334489846ec}\gapaengine.dll
2011-04-19 14:55:47 -------- d--h--w- c:\program files\Microsoft Security Client
2011-04-19 06:00:33 -------- d--h--w- C:\zzzzz
2011-04-19 05:55:13 -------- d--h--w- c:\progra~2\SUPERAntiSpyware.com
2011-04-19 05:55:04 -------- d--h--w- c:\progra~2\SASCORE
2011-04-19 05:55:01 -------- d--h--w- c:\users\josh\appdata\roaming\SUPERAntiSpyware.com
2011-04-19 05:55:01 -------- d--h--w- c:\program files\SUPERAntiSpyware
2011-04-19 05:54:45 -------- d--h--w- c:\program files\common files\Wise Installation Wizard
2011-04-19 05:26:59 -------- d--h--w- c:\users\josh\appdata\roaming\wsInspector
2011-04-19 05:18:56 -------- d--h--w- c:\program files\Startup Inspector for Windows
2011-04-19 04:11:13 172032 ---ha-w- c:\windows\system32\igfxres.dll
2011-04-16 03:28:38 -------- d--h--w- c:\program files\iPod
.
==================== Find3M ====================
.
2011-02-18 22:36:58 4184352 ---ha-w- c:\windows\system32\usbaaplrc.dll
.
============= FINISH: 22:17:22.30 ===============