madcat11
2011-06-07, 12:57
I thought i had allready submitted these logs: any advice would be gratefully recieved.
I stared to be suspicious,when i found a bitmap image problem with mft and mirror a 4kb difference. ok maybe drives on its way out no prob? so ran chkdsk found issues so ran chkdsk c: /f on reboot it only ran 3 checks it will run all 5 from the properties window but not from c/ prompt, and after a lot of reading thought it would be best to let some one who knows what their doing have a look.:rolleyes:
.
DDS (Ver_2011-06-03.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by me at 16:35:53 on 2011-06-06
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.511.114 [GMT 1:00]
.
.
============== Running Processes ===============
.
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Tiny Personal Firewall\PERSFW.EXE
C:\PROGRA~1\HUAWEI~1\HUAWEI~1\3 USB Modem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\me\My Documents\Downloads\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton antivirus\engine\18.6.0.29\ips\IPSBHO.DLL
uRun: [HUAWEI 3G Data Card MTS] c:\progra~1\huawei~1\huawei~1\3 USB Modem.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1031519443281
TCP: Interfaces\{11A6B17A-6B6A-41B0-8F1D-69C0F3E264BA} : NameServer = 217.171.135.1 217.171.132.1
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\me\application data\mozilla\firefox\profiles\9vhwctum.default\
.
============= SERVICES / DRIVERS ===============
.
R? MpKsl1fb5e283;MpKsl1fb5e283
R? MpKsl432d5c6f;MpKsl432d5c6f
R? RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter
S? BHDrvx86;BHDrvx86
S? EAPPkt;Realtek EAPPkt Protocol
S? fwdrv;Tiny Personal Firewall Driver
S? IDSxpx86;IDSxpx86
S? MpFilter;Microsoft Malware Protection Driver
S? MpKslfb5d3e47;MpKslfb5d3e47
S? NAV;Norton AntiVirus
S? NAVENG;NAVENG
S? NAVEX15;NAVEX15
S? SymDS;Symantec Data Store
S? SymEFA;Symantec Extended File Attributes
S? SymIRON;Symantec Iron Driver
.
=============== Created Last 30 ================
.
2011-06-06 13:40:56 101760 -c--a-w- c:\windows\system32\dllcache\OLDB8B.tmp
2011-06-06 13:40:52 18944 -c--a-w- c:\windows\system32\dllcache\OLDB87.tmp
2011-06-06 13:40:43 161568 -c--a-w- c:\windows\system32\dllcache\OLDB84.tmp
2011-06-06 13:40:39 18400 -c--a-w- c:\windows\system32\dllcache\OLDB80.tmp
2011-06-06 13:40:35 98080 -c--a-w- c:\windows\system32\dllcache\OLDB7C.tmp
2011-06-06 13:40:31 386560 -c--a-w- c:\windows\system32\dllcache\OLDB78.tmp
2011-06-06 13:40:27 36480 -c--a-w- c:\windows\system32\dllcache\OLDB74.tmp
2011-06-06 13:40:19 6784 -c--a-w- c:\windows\system32\dllcache\OLDB70.tmp
2011-06-06 13:40:16 17664 -c--a-w- c:\windows\system32\dllcache\OLDB6C.tmp
2011-06-06 13:40:11 26112 -c--a-w- c:\windows\system32\dllcache\OLDB68.tmp
2011-06-06 13:40:09 6912 -c--a-w- c:\windows\system32\dllcache\OLDB64.tmp
2011-06-06 13:40:04 11520 -c--a-w- c:\windows\system32\dllcache\OLDB60.tmp
2011-06-06 13:40:03 11648 -c--a-w- c:\windows\system32\dllcache\OLDB5C.tmp
2011-06-06 13:38:58 41216 -c--a-w- c:\windows\system32\dllcache\OLDB1C.tmp
2011-06-06 13:37:57 86097 -c--a-w- c:\windows\system32\dllcache\OLDAD5.tmp
2011-06-06 13:36:59 33152 -c--a-w- c:\windows\system32\dllcache\OLDA9E.tmp
2011-06-06 13:35:58 70144 -c--a-w- c:\windows\system32\dllcache\OLDA4C.tmp
2011-06-06 13:34:57 30282 -c--a-w- c:\windows\system32\dllcache\OLD9F9.tmp
2011-06-06 13:33:56 48000 -c--a-w- c:\windows\system32\dllcache\OLD9B9.tmp
2011-06-06 13:33:52 25088 -c--a-w- c:\windows\system32\dllcache\OLD9B5.tmp
2011-06-06 13:33:48 54186 -c--a-w- c:\windows\system32\dllcache\OLD9B1.tmp
2011-06-06 13:33:44 43689 -c--a-w- c:\windows\system32\dllcache\OLD9AD.tmp
2011-06-06 13:33:40 27209 -c--a-w- c:\windows\system32\dllcache\OLD9A9.tmp
2011-06-06 13:33:35 54528 -c--a-w- c:\windows\system32\dllcache\OLD9A5.tmp
2011-06-06 13:33:26 61696 -c--a-w- c:\windows\system32\dllcache\OLD9A1.tmp
2011-06-06 13:33:15 198144 -c--a-w- c:\windows\system32\dllcache\OLD99D.tmp
2011-06-06 13:33:11 123776 -c--a-w- c:\windows\system32\dllcache\OLD999.tmp
2011-06-06 13:33:01 2027008 -c--a-w- c:\windows\system32\dllcache\OLD995.tmp
2011-06-06 13:31:59 10880 -c--a-w- c:\windows\system32\dllcache\OLD95E.tmp
2011-06-06 13:30:57 119808 -c--a-w- c:\windows\system32\dllcache\OLD91B.tmp
2011-06-06 13:30:41 5504 -c--a-w- c:\windows\system32\dllcache\OLD918.tmp
2011-06-06 13:30:40 49024 -c--a-w- c:\windows\system32\dllcache\OLD914.tmp
2011-06-06 13:30:35 12416 -c--a-w- c:\windows\system32\dllcache\OLD910.tmp
2011-06-06 13:30:23 40960 -c--a-w- c:\windows\system32\dllcache\OLD90C.tmp
2011-06-06 13:30:22 22016 -c--a-w- c:\windows\system32\dllcache\OLD909.tmp
2011-06-06 13:30:20 1875968 -c--a-w- c:\windows\system32\dllcache\OLD905.tmp
2011-06-06 13:30:19 98304 -c--a-w- c:\windows\system32\dllcache\OLD902.tmp
2011-06-06 13:30:09 35200 -c--a-w- c:\windows\system32\dllcache\OLD8FF.tmp
2011-06-06 13:30:04 6016 -c--a-w- c:\windows\system32\dllcache\OLD8FB.tmp
2011-06-06 13:30:01 56832 -c--a-w- c:\windows\system32\dllcache\OLD8F7.tmp
2011-06-06 13:30:00 51200 -c--a-w- c:\windows\system32\dllcache\OLD8F3.tmp
2011-06-06 13:28:59 164586 -c--a-w- c:\windows\system32\dllcache\OLD8BB.tmp
2011-06-06 13:27:57 25065 -c--a-w- c:\windows\system32\dllcache\OLD86D.tmp
2011-06-06 13:26:59 14592 -c--a-w- c:\windows\system32\dllcache\OLD7E8.tmp
2011-06-06 13:25:58 16000 -c--a-w- c:\windows\system32\dllcache\OLD774.tmp
2011-06-06 13:24:58 61952 -c--a-w- c:\windows\system32\dllcache\OLD70E.tmp
2011-06-06 13:23:59 10096640 -c--a-w- c:\windows\system32\dllcache\OLD6CC.tmp
2011-06-06 13:22:59 25952 -c--a-w- c:\windows\system32\dllcache\OLD685.tmp
2011-06-06 13:21:58 28288 -c--a-w- c:\windows\system32\dllcache\OLD630.tmp
2011-06-06 13:20:56 442240 -c--a-w- c:\windows\system32\dllcache\OLD5BB.tmp
2011-06-06 13:19:59 24064 -c--a-w- c:\windows\system32\dllcache\OLD56B.tmp
2011-06-06 13:18:57 144896 -c--a-w- c:\windows\system32\dllcache\OLD50D.tmp
2011-06-06 13:17:54 20992 -c--a-w- c:\windows\system32\dllcache\OLD4A8.tmp
2011-06-06 13:16:53 91305 -c--a-w- c:\windows\system32\dllcache\OLD45C.tmp
2011-06-06 13:15:59 110592 -c--a-w- c:\windows\system32\dllcache\OLD404.tmp
2011-06-06 13:14:57 175104 -c--a-w- c:\windows\system32\dllcache\OLD391.tmp
2011-06-06 13:13:58 49182 -c--a-w- c:\windows\system32\dllcache\OLD314.tmp
2011-06-06 13:12:35 13824 -c--a-w- c:\windows\system32\dllcache\OLD202.tmp
2011-06-06 13:11:59 66557 -c--a-w- c:\windows\system32\dllcache\OLD194.tmp
2011-06-06 13:10:59 46464 -c--a-w- c:\windows\system32\dllcache\OLD118.tmp
2011-06-06 13:10:47 77568 -c--a-w- c:\windows\system32\dllcache\OLD114.tmp
2011-06-06 13:10:46 96128 -c--a-w- c:\windows\system32\dllcache\OLD110.tmp
2011-06-06 13:10:44 97354 -c--a-w- c:\windows\system32\dllcache\OLD10C.tmp
2011-06-06 13:10:42 14848 -c--a-w- c:\windows\system32\dllcache\OLD108.tmp
2011-06-06 13:10:41 22400 -c--a-w- c:\windows\system32\dllcache\OLD104.tmp
2011-06-06 13:10:40 26496 -c--a-w- c:\windows\system32\dllcache\OLD100.tmp
2011-06-06 13:10:16 19456 -c--a-w- c:\windows\system32\dllcache\OLDBE.tmp
2011-06-06 13:10:08 24576 -c--a-w- c:\windows\system32\dllcache\OLDBB.tmp
2011-06-06 13:10:02 5632 -c--a-w- c:\windows\system32\dllcache\OLDB7.tmp
2011-06-06 13:10:00 101888 -c--a-w- c:\windows\system32\dllcache\OLDB3.tmp
2011-06-06 13:08:36 16384 -c--a-w- c:\windows\system32\dllcache\OLD53.tmp
2011-06-06 13:08:35 32827 -c--a-w- c:\windows\system32\dllcache\OLD50.tmp
2011-06-06 13:08:32 16437 -c--a-w- c:\windows\system32\dllcache\OLD4D.tmp
2011-06-06 13:08:31 20536 -c--a-w- c:\windows\system32\dllcache\OLD4A.tmp
2011-06-06 13:08:23 66048 -c--a-w- c:\windows\system32\dllcache\OLD47.tmp
2011-06-06 13:06:59 20540 -c--a-w- c:\windows\system32\dllcache\OLD4.tmp
2011-06-06 12:00:33 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ef019ca2-f197-4374-8706-3a92faaa9821}\MpKslfb5d3e47.sys
2011-06-06 11:45:58 7168 -c--a-w- c:\windows\system32\dllcache\EXCH_snprfdll.dll
2011-06-06 11:45:50 12288 -c--a-w- c:\windows\system32\dllcache\EXCH_smtpctrs.dll
2011-06-06 11:43:20 26112 -c--a-w- c:\windows\system32\dllcache\EXCH_seos.dll
2011-06-06 11:43:08 57856 -c--a-w- c:\windows\system32\dllcache\EXCH_scripto.dll
2011-06-06 11:41:01 23040 -c--a-w- c:\windows\system32\dllcache\EXCH_regtrace.exe
2011-06-06 11:36:27 61696 -c--a-w- c:\windows\system32\dllcache\ohci1394.sys
2011-06-06 11:36:16 198144 -c--a-w- c:\windows\system32\dllcache\nv3.sys
2011-06-06 11:36:13 123776 -c--a-w- c:\windows\system32\dllcache\nv3.dll
2011-06-06 11:36:01 51552 -c--a-w- c:\windows\system32\dllcache\ntgrip.sys
2011-06-06 11:36:00 38912 -c--a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2011-06-06 11:34:56 91488 -c--a-w- c:\windows\system32\dllcache\n9i3disp.dll
2011-06-06 11:33:42 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2011-06-06 11:33:41 49024 -c--a-w- c:\windows\system32\dllcache\mstape.sys
2011-06-06 11:33:31 12416 -c--a-w- c:\windows\system32\dllcache\msriffwv.sys
2011-06-06 11:33:18 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
2011-06-06 11:33:16 98304 -c--a-w- c:\windows\system32\dllcache\msir3jp.dll
2011-06-06 11:33:04 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2011-06-06 11:31:59 8320 -c--a-w- c:\windows\system32\dllcache\memcard.sys
2011-06-06 11:30:56 25065 -c--a-w- c:\windows\system32\dllcache\lmndis3.sys
2011-06-06 11:29:59 5632 -c--a-w- c:\windows\system32\dllcache\kbddiv1.dll
2011-06-06 11:28:58 16000 -c--a-w- c:\windows\system32\dllcache\ini910u.sys
2011-06-06 11:27:58 26624 -c--a-w- c:\windows\system32\dllcache\icam3ext.dll
2011-06-06 11:26:58 73279 -c--a-w- c:\windows\system32\dllcache\hsf_spkp.sys
2011-06-06 11:25:59 31232 -c--a-w- c:\windows\system32\dllcache\hpgt42tk.dll
2011-06-06 11:24:59 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys
2011-06-06 11:23:59 14848 -c--a-w- c:\windows\system32\dllcache\flattemp.exe
2011-06-06 11:22:59 72192 -c--a-w- c:\windows\system32\dllcache\es1969.sys
2011-06-06 11:21:59 44103 -c--a-w- c:\windows\system32\dllcache\el515.sys
2011-06-06 11:20:58 6729 -c--a-w- c:\windows\system32\dllcache\disrvci.dll
2011-06-06 11:19:56 14720 -c--a-w- c:\windows\system32\dllcache\dac960nt.sys
2011-06-06 11:18:58 39936 -c--a-w- c:\windows\system32\dllcache\cnxt1803.sys
2011-06-06 11:17:59 54528 -c--a-w- c:\windows\system32\dllcache\cap7146.sys
2011-06-06 11:17:58 121856 -c--a-w- c:\windows\system32\dllcache\camext30.dll
2011-06-06 11:17:56 236032 -c--a-w- c:\windows\system32\dllcache\camext20.dll
2011-06-06 11:17:54 74240 -c--a-w- c:\windows\system32\dllcache\camexo20.dll
2011-06-06 11:17:52 171264 -c--a-w- c:\windows\system32\dllcache\camdrv30.sys
2011-06-06 11:17:50 223232 -c--a-w- c:\windows\system32\dllcache\camdrv21.sys
2011-06-06 11:17:49 314752 -c--a-w- c:\windows\system32\dllcache\camdro21.sys
2011-06-06 11:17:43 6656 -c--a-w- c:\windows\system32\dllcache\c_is2022.dll
2011-06-06 11:17:43 10752 -c--a-w- c:\windows\system32\dllcache\c_iscii.dll
2011-06-06 11:15:59 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys
2011-06-06 11:14:50 23552 -c--a-w- c:\windows\system32\dllcache\atixbar.sys
2011-06-06 11:13:59 12032 -c--a-w- c:\windows\system32\dllcache\amsint.sys
2011-06-02 17:59:34 -------- d-----w- c:\windows\pss
2011-06-02 17:59:15 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys
2011-06-02 17:59:03 38144 ----a-r- c:\windows\system32\drivers\EAPPkt.sys
2011-06-02 12:19:13 166976 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-06-02 10:24:03 6962000 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ef019ca2-f197-4374-8706-3a92faaa9821}\mpengine.dll
2011-05-25 13:20:52 -------- d-sh--w- c:\documents and settings\me\IECompatCache
2011-05-25 13:20:36 -------- d-sh--w- c:\documents and settings\me\PrivacIE
2011-05-23 16:21:19 44024 ----a-r- c:\windows\system32\drivers\SymIM.sys
2011-05-23 14:55:36 331384 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symtdiv.sys
2011-05-23 14:55:35 744568 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symefa.sys
2011-05-23 14:55:35 369784 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symtdi.sys
2011-05-23 14:55:35 340088 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symds.sys
2011-05-23 14:55:35 296568 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symnets.sys
2011-05-23 14:55:34 516216 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\srtsp.sys
2011-05-23 14:55:34 50168 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\srtspx.sys
2011-05-23 14:55:34 136312 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\ironx86.sys
2011-05-23 14:54:54 -------- d-----w- c:\windows\system32\drivers\nav\1206000.01D
2011-05-23 13:10:21 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2011-05-23 13:10:21 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-05-23 13:10:20 -------- d-----w- c:\program files\Symantec
2011-05-23 13:10:20 -------- d-----w- c:\program files\common files\Symantec Shared
2011-05-23 13:09:04 -------- d-----w- c:\windows\system32\drivers\NAV
2011-05-23 13:08:57 -------- d-----w- c:\program files\Norton AntiVirus
2011-05-23 13:08:56 -------- d-----w- c:\documents and settings\all users\application data\Norton
2011-05-23 13:08:17 -------- d-----w- c:\program files\NortonInstaller
2011-05-23 13:08:17 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller
2011-05-23 12:33:26 -------- d-----w- c:\windows\system32\scripting
2011-05-23 12:33:26 -------- d-----w- c:\windows\l2schemas
2011-05-23 12:33:25 -------- d-----w- c:\windows\system32\en
2011-05-23 12:33:24 -------- d-----w- c:\windows\system32\bits
2011-05-23 12:26:18 -------- d-----w- c:\windows\network diagnostic
2011-05-23 12:24:06 -------- d-----w- c:\windows\system32\ReinstallBackups
2011-05-23 12:19:31 -------- d-----w- c:\windows\EHome
2011-05-23 11:35:37 -------- d-----w- c:\windows\ServicePackFiles
2011-05-23 11:35:13 -------- d-----w- c:\windows\ie8updates
2011-05-23 11:23:03 63488 -c--a-w- c:\windows\system32\dllcache\atinxsxx.sys
2011-05-23 11:14:51 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-05-23 10:42:59 6962000 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-05-23 10:27:42 -------- d-sh--w- c:\documents and settings\me\IETldCache
2011-05-23 09:56:30 -------- dc-h--w- c:\windows\ie8
2011-05-21 10:06:33 2148864 -c--a-w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-05-21 10:06:27 2027008 -c--a-w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-05-21 09:59:29 -------- d-----w- c:\windows\Temp3211D54D-A954-567F-7B25-5EB42D2FCFB7-Signatures
2011-05-21 09:59:21 -------- d-----w- c:\program files\Microsoft Security Client
2011-05-21 09:23:59 272128 -c--a-w- c:\windows\system32\dllcache\bthport.sys
2011-05-21 09:23:59 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-05-21 08:58:47 293376 ------w- c:\windows\system32\browserchoice.exe
2011-05-21 02:26:02 -------- d-----w- c:\documents and settings\me\local settings\application data\PCHealth
2011-05-21 02:23:58 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-05-21 02:23:58 215920 ----a-w- c:\windows\system32\muweb.dll
2011-05-21 02:23:58 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2011-05-20 21:22:39 -------- d-----w- c:\windows\system32\PreInstall
2011-05-20 21:22:38 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2011-05-20 21:22:37 -------- d--h--w- c:\windows\$hf_mig$
2011-05-20 18:58:50 6962000 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll
2011-05-20 18:16:51 222080 ------w- c:\windows\system32\MpSigStub.exe
.
==================== Find3M ====================
.
.
============= FINISH: 16:41:18.62 ===============
I stared to be suspicious,when i found a bitmap image problem with mft and mirror a 4kb difference. ok maybe drives on its way out no prob? so ran chkdsk found issues so ran chkdsk c: /f on reboot it only ran 3 checks it will run all 5 from the properties window but not from c/ prompt, and after a lot of reading thought it would be best to let some one who knows what their doing have a look.:rolleyes:
.
DDS (Ver_2011-06-03.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by me at 16:35:53 on 2011-06-06
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.511.114 [GMT 1:00]
.
.
============== Running Processes ===============
.
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Tiny Personal Firewall\PERSFW.EXE
C:\PROGRA~1\HUAWEI~1\HUAWEI~1\3 USB Modem.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\me\My Documents\Downloads\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton antivirus\engine\18.6.0.29\ips\IPSBHO.DLL
uRun: [HUAWEI 3G Data Card MTS] c:\progra~1\huawei~1\huawei~1\3 USB Modem.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1031519443281
TCP: Interfaces\{11A6B17A-6B6A-41B0-8F1D-69C0F3E264BA} : NameServer = 217.171.135.1 217.171.132.1
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\me\application data\mozilla\firefox\profiles\9vhwctum.default\
.
============= SERVICES / DRIVERS ===============
.
R? MpKsl1fb5e283;MpKsl1fb5e283
R? MpKsl432d5c6f;MpKsl432d5c6f
R? RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter
S? BHDrvx86;BHDrvx86
S? EAPPkt;Realtek EAPPkt Protocol
S? fwdrv;Tiny Personal Firewall Driver
S? IDSxpx86;IDSxpx86
S? MpFilter;Microsoft Malware Protection Driver
S? MpKslfb5d3e47;MpKslfb5d3e47
S? NAV;Norton AntiVirus
S? NAVENG;NAVENG
S? NAVEX15;NAVEX15
S? SymDS;Symantec Data Store
S? SymEFA;Symantec Extended File Attributes
S? SymIRON;Symantec Iron Driver
.
=============== Created Last 30 ================
.
2011-06-06 13:40:56 101760 -c--a-w- c:\windows\system32\dllcache\OLDB8B.tmp
2011-06-06 13:40:52 18944 -c--a-w- c:\windows\system32\dllcache\OLDB87.tmp
2011-06-06 13:40:43 161568 -c--a-w- c:\windows\system32\dllcache\OLDB84.tmp
2011-06-06 13:40:39 18400 -c--a-w- c:\windows\system32\dllcache\OLDB80.tmp
2011-06-06 13:40:35 98080 -c--a-w- c:\windows\system32\dllcache\OLDB7C.tmp
2011-06-06 13:40:31 386560 -c--a-w- c:\windows\system32\dllcache\OLDB78.tmp
2011-06-06 13:40:27 36480 -c--a-w- c:\windows\system32\dllcache\OLDB74.tmp
2011-06-06 13:40:19 6784 -c--a-w- c:\windows\system32\dllcache\OLDB70.tmp
2011-06-06 13:40:16 17664 -c--a-w- c:\windows\system32\dllcache\OLDB6C.tmp
2011-06-06 13:40:11 26112 -c--a-w- c:\windows\system32\dllcache\OLDB68.tmp
2011-06-06 13:40:09 6912 -c--a-w- c:\windows\system32\dllcache\OLDB64.tmp
2011-06-06 13:40:04 11520 -c--a-w- c:\windows\system32\dllcache\OLDB60.tmp
2011-06-06 13:40:03 11648 -c--a-w- c:\windows\system32\dllcache\OLDB5C.tmp
2011-06-06 13:38:58 41216 -c--a-w- c:\windows\system32\dllcache\OLDB1C.tmp
2011-06-06 13:37:57 86097 -c--a-w- c:\windows\system32\dllcache\OLDAD5.tmp
2011-06-06 13:36:59 33152 -c--a-w- c:\windows\system32\dllcache\OLDA9E.tmp
2011-06-06 13:35:58 70144 -c--a-w- c:\windows\system32\dllcache\OLDA4C.tmp
2011-06-06 13:34:57 30282 -c--a-w- c:\windows\system32\dllcache\OLD9F9.tmp
2011-06-06 13:33:56 48000 -c--a-w- c:\windows\system32\dllcache\OLD9B9.tmp
2011-06-06 13:33:52 25088 -c--a-w- c:\windows\system32\dllcache\OLD9B5.tmp
2011-06-06 13:33:48 54186 -c--a-w- c:\windows\system32\dllcache\OLD9B1.tmp
2011-06-06 13:33:44 43689 -c--a-w- c:\windows\system32\dllcache\OLD9AD.tmp
2011-06-06 13:33:40 27209 -c--a-w- c:\windows\system32\dllcache\OLD9A9.tmp
2011-06-06 13:33:35 54528 -c--a-w- c:\windows\system32\dllcache\OLD9A5.tmp
2011-06-06 13:33:26 61696 -c--a-w- c:\windows\system32\dllcache\OLD9A1.tmp
2011-06-06 13:33:15 198144 -c--a-w- c:\windows\system32\dllcache\OLD99D.tmp
2011-06-06 13:33:11 123776 -c--a-w- c:\windows\system32\dllcache\OLD999.tmp
2011-06-06 13:33:01 2027008 -c--a-w- c:\windows\system32\dllcache\OLD995.tmp
2011-06-06 13:31:59 10880 -c--a-w- c:\windows\system32\dllcache\OLD95E.tmp
2011-06-06 13:30:57 119808 -c--a-w- c:\windows\system32\dllcache\OLD91B.tmp
2011-06-06 13:30:41 5504 -c--a-w- c:\windows\system32\dllcache\OLD918.tmp
2011-06-06 13:30:40 49024 -c--a-w- c:\windows\system32\dllcache\OLD914.tmp
2011-06-06 13:30:35 12416 -c--a-w- c:\windows\system32\dllcache\OLD910.tmp
2011-06-06 13:30:23 40960 -c--a-w- c:\windows\system32\dllcache\OLD90C.tmp
2011-06-06 13:30:22 22016 -c--a-w- c:\windows\system32\dllcache\OLD909.tmp
2011-06-06 13:30:20 1875968 -c--a-w- c:\windows\system32\dllcache\OLD905.tmp
2011-06-06 13:30:19 98304 -c--a-w- c:\windows\system32\dllcache\OLD902.tmp
2011-06-06 13:30:09 35200 -c--a-w- c:\windows\system32\dllcache\OLD8FF.tmp
2011-06-06 13:30:04 6016 -c--a-w- c:\windows\system32\dllcache\OLD8FB.tmp
2011-06-06 13:30:01 56832 -c--a-w- c:\windows\system32\dllcache\OLD8F7.tmp
2011-06-06 13:30:00 51200 -c--a-w- c:\windows\system32\dllcache\OLD8F3.tmp
2011-06-06 13:28:59 164586 -c--a-w- c:\windows\system32\dllcache\OLD8BB.tmp
2011-06-06 13:27:57 25065 -c--a-w- c:\windows\system32\dllcache\OLD86D.tmp
2011-06-06 13:26:59 14592 -c--a-w- c:\windows\system32\dllcache\OLD7E8.tmp
2011-06-06 13:25:58 16000 -c--a-w- c:\windows\system32\dllcache\OLD774.tmp
2011-06-06 13:24:58 61952 -c--a-w- c:\windows\system32\dllcache\OLD70E.tmp
2011-06-06 13:23:59 10096640 -c--a-w- c:\windows\system32\dllcache\OLD6CC.tmp
2011-06-06 13:22:59 25952 -c--a-w- c:\windows\system32\dllcache\OLD685.tmp
2011-06-06 13:21:58 28288 -c--a-w- c:\windows\system32\dllcache\OLD630.tmp
2011-06-06 13:20:56 442240 -c--a-w- c:\windows\system32\dllcache\OLD5BB.tmp
2011-06-06 13:19:59 24064 -c--a-w- c:\windows\system32\dllcache\OLD56B.tmp
2011-06-06 13:18:57 144896 -c--a-w- c:\windows\system32\dllcache\OLD50D.tmp
2011-06-06 13:17:54 20992 -c--a-w- c:\windows\system32\dllcache\OLD4A8.tmp
2011-06-06 13:16:53 91305 -c--a-w- c:\windows\system32\dllcache\OLD45C.tmp
2011-06-06 13:15:59 110592 -c--a-w- c:\windows\system32\dllcache\OLD404.tmp
2011-06-06 13:14:57 175104 -c--a-w- c:\windows\system32\dllcache\OLD391.tmp
2011-06-06 13:13:58 49182 -c--a-w- c:\windows\system32\dllcache\OLD314.tmp
2011-06-06 13:12:35 13824 -c--a-w- c:\windows\system32\dllcache\OLD202.tmp
2011-06-06 13:11:59 66557 -c--a-w- c:\windows\system32\dllcache\OLD194.tmp
2011-06-06 13:10:59 46464 -c--a-w- c:\windows\system32\dllcache\OLD118.tmp
2011-06-06 13:10:47 77568 -c--a-w- c:\windows\system32\dllcache\OLD114.tmp
2011-06-06 13:10:46 96128 -c--a-w- c:\windows\system32\dllcache\OLD110.tmp
2011-06-06 13:10:44 97354 -c--a-w- c:\windows\system32\dllcache\OLD10C.tmp
2011-06-06 13:10:42 14848 -c--a-w- c:\windows\system32\dllcache\OLD108.tmp
2011-06-06 13:10:41 22400 -c--a-w- c:\windows\system32\dllcache\OLD104.tmp
2011-06-06 13:10:40 26496 -c--a-w- c:\windows\system32\dllcache\OLD100.tmp
2011-06-06 13:10:16 19456 -c--a-w- c:\windows\system32\dllcache\OLDBE.tmp
2011-06-06 13:10:08 24576 -c--a-w- c:\windows\system32\dllcache\OLDBB.tmp
2011-06-06 13:10:02 5632 -c--a-w- c:\windows\system32\dllcache\OLDB7.tmp
2011-06-06 13:10:00 101888 -c--a-w- c:\windows\system32\dllcache\OLDB3.tmp
2011-06-06 13:08:36 16384 -c--a-w- c:\windows\system32\dllcache\OLD53.tmp
2011-06-06 13:08:35 32827 -c--a-w- c:\windows\system32\dllcache\OLD50.tmp
2011-06-06 13:08:32 16437 -c--a-w- c:\windows\system32\dllcache\OLD4D.tmp
2011-06-06 13:08:31 20536 -c--a-w- c:\windows\system32\dllcache\OLD4A.tmp
2011-06-06 13:08:23 66048 -c--a-w- c:\windows\system32\dllcache\OLD47.tmp
2011-06-06 13:06:59 20540 -c--a-w- c:\windows\system32\dllcache\OLD4.tmp
2011-06-06 12:00:33 28752 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ef019ca2-f197-4374-8706-3a92faaa9821}\MpKslfb5d3e47.sys
2011-06-06 11:45:58 7168 -c--a-w- c:\windows\system32\dllcache\EXCH_snprfdll.dll
2011-06-06 11:45:50 12288 -c--a-w- c:\windows\system32\dllcache\EXCH_smtpctrs.dll
2011-06-06 11:43:20 26112 -c--a-w- c:\windows\system32\dllcache\EXCH_seos.dll
2011-06-06 11:43:08 57856 -c--a-w- c:\windows\system32\dllcache\EXCH_scripto.dll
2011-06-06 11:41:01 23040 -c--a-w- c:\windows\system32\dllcache\EXCH_regtrace.exe
2011-06-06 11:36:27 61696 -c--a-w- c:\windows\system32\dllcache\ohci1394.sys
2011-06-06 11:36:16 198144 -c--a-w- c:\windows\system32\dllcache\nv3.sys
2011-06-06 11:36:13 123776 -c--a-w- c:\windows\system32\dllcache\nv3.dll
2011-06-06 11:36:01 51552 -c--a-w- c:\windows\system32\dllcache\ntgrip.sys
2011-06-06 11:36:00 38912 -c--a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2011-06-06 11:34:56 91488 -c--a-w- c:\windows\system32\dllcache\n9i3disp.dll
2011-06-06 11:33:42 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2011-06-06 11:33:41 49024 -c--a-w- c:\windows\system32\dllcache\mstape.sys
2011-06-06 11:33:31 12416 -c--a-w- c:\windows\system32\dllcache\msriffwv.sys
2011-06-06 11:33:18 22016 -c--a-w- c:\windows\system32\dllcache\msircomm.sys
2011-06-06 11:33:16 98304 -c--a-w- c:\windows\system32\dllcache\msir3jp.dll
2011-06-06 11:33:04 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys
2011-06-06 11:31:59 8320 -c--a-w- c:\windows\system32\dllcache\memcard.sys
2011-06-06 11:30:56 25065 -c--a-w- c:\windows\system32\dllcache\lmndis3.sys
2011-06-06 11:29:59 5632 -c--a-w- c:\windows\system32\dllcache\kbddiv1.dll
2011-06-06 11:28:58 16000 -c--a-w- c:\windows\system32\dllcache\ini910u.sys
2011-06-06 11:27:58 26624 -c--a-w- c:\windows\system32\dllcache\icam3ext.dll
2011-06-06 11:26:58 73279 -c--a-w- c:\windows\system32\dllcache\hsf_spkp.sys
2011-06-06 11:25:59 31232 -c--a-w- c:\windows\system32\dllcache\hpgt42tk.dll
2011-06-06 11:24:59 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys
2011-06-06 11:23:59 14848 -c--a-w- c:\windows\system32\dllcache\flattemp.exe
2011-06-06 11:22:59 72192 -c--a-w- c:\windows\system32\dllcache\es1969.sys
2011-06-06 11:21:59 44103 -c--a-w- c:\windows\system32\dllcache\el515.sys
2011-06-06 11:20:58 6729 -c--a-w- c:\windows\system32\dllcache\disrvci.dll
2011-06-06 11:19:56 14720 -c--a-w- c:\windows\system32\dllcache\dac960nt.sys
2011-06-06 11:18:58 39936 -c--a-w- c:\windows\system32\dllcache\cnxt1803.sys
2011-06-06 11:17:59 54528 -c--a-w- c:\windows\system32\dllcache\cap7146.sys
2011-06-06 11:17:58 121856 -c--a-w- c:\windows\system32\dllcache\camext30.dll
2011-06-06 11:17:56 236032 -c--a-w- c:\windows\system32\dllcache\camext20.dll
2011-06-06 11:17:54 74240 -c--a-w- c:\windows\system32\dllcache\camexo20.dll
2011-06-06 11:17:52 171264 -c--a-w- c:\windows\system32\dllcache\camdrv30.sys
2011-06-06 11:17:50 223232 -c--a-w- c:\windows\system32\dllcache\camdrv21.sys
2011-06-06 11:17:49 314752 -c--a-w- c:\windows\system32\dllcache\camdro21.sys
2011-06-06 11:17:43 6656 -c--a-w- c:\windows\system32\dllcache\c_is2022.dll
2011-06-06 11:17:43 10752 -c--a-w- c:\windows\system32\dllcache\c_iscii.dll
2011-06-06 11:15:59 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys
2011-06-06 11:14:50 23552 -c--a-w- c:\windows\system32\dllcache\atixbar.sys
2011-06-06 11:13:59 12032 -c--a-w- c:\windows\system32\dllcache\amsint.sys
2011-06-02 17:59:34 -------- d-----w- c:\windows\pss
2011-06-02 17:59:15 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys
2011-06-02 17:59:03 38144 ----a-r- c:\windows\system32\drivers\EAPPkt.sys
2011-06-02 12:19:13 166976 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-06-02 10:24:03 6962000 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{ef019ca2-f197-4374-8706-3a92faaa9821}\mpengine.dll
2011-05-25 13:20:52 -------- d-sh--w- c:\documents and settings\me\IECompatCache
2011-05-25 13:20:36 -------- d-sh--w- c:\documents and settings\me\PrivacIE
2011-05-23 16:21:19 44024 ----a-r- c:\windows\system32\drivers\SymIM.sys
2011-05-23 14:55:36 331384 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symtdiv.sys
2011-05-23 14:55:35 744568 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symefa.sys
2011-05-23 14:55:35 369784 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symtdi.sys
2011-05-23 14:55:35 340088 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symds.sys
2011-05-23 14:55:35 296568 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\symnets.sys
2011-05-23 14:55:34 516216 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\srtsp.sys
2011-05-23 14:55:34 50168 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\srtspx.sys
2011-05-23 14:55:34 136312 ----a-w- c:\windows\system32\drivers\nav\1206000.01d\ironx86.sys
2011-05-23 14:54:54 -------- d-----w- c:\windows\system32\drivers\nav\1206000.01D
2011-05-23 13:10:21 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2011-05-23 13:10:21 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-05-23 13:10:20 -------- d-----w- c:\program files\Symantec
2011-05-23 13:10:20 -------- d-----w- c:\program files\common files\Symantec Shared
2011-05-23 13:09:04 -------- d-----w- c:\windows\system32\drivers\NAV
2011-05-23 13:08:57 -------- d-----w- c:\program files\Norton AntiVirus
2011-05-23 13:08:56 -------- d-----w- c:\documents and settings\all users\application data\Norton
2011-05-23 13:08:17 -------- d-----w- c:\program files\NortonInstaller
2011-05-23 13:08:17 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller
2011-05-23 12:33:26 -------- d-----w- c:\windows\system32\scripting
2011-05-23 12:33:26 -------- d-----w- c:\windows\l2schemas
2011-05-23 12:33:25 -------- d-----w- c:\windows\system32\en
2011-05-23 12:33:24 -------- d-----w- c:\windows\system32\bits
2011-05-23 12:26:18 -------- d-----w- c:\windows\network diagnostic
2011-05-23 12:24:06 -------- d-----w- c:\windows\system32\ReinstallBackups
2011-05-23 12:19:31 -------- d-----w- c:\windows\EHome
2011-05-23 11:35:37 -------- d-----w- c:\windows\ServicePackFiles
2011-05-23 11:35:13 -------- d-----w- c:\windows\ie8updates
2011-05-23 11:23:03 63488 -c--a-w- c:\windows\system32\dllcache\atinxsxx.sys
2011-05-23 11:14:51 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-05-23 10:42:59 6962000 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-05-23 10:27:42 -------- d-sh--w- c:\documents and settings\me\IETldCache
2011-05-23 09:56:30 -------- dc-h--w- c:\windows\ie8
2011-05-21 10:06:33 2148864 -c--a-w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-05-21 10:06:27 2027008 -c--a-w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-05-21 09:59:29 -------- d-----w- c:\windows\Temp3211D54D-A954-567F-7B25-5EB42D2FCFB7-Signatures
2011-05-21 09:59:21 -------- d-----w- c:\program files\Microsoft Security Client
2011-05-21 09:23:59 272128 -c--a-w- c:\windows\system32\dllcache\bthport.sys
2011-05-21 09:23:59 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-05-21 08:58:47 293376 ------w- c:\windows\system32\browserchoice.exe
2011-05-21 02:26:02 -------- d-----w- c:\documents and settings\me\local settings\application data\PCHealth
2011-05-21 02:23:58 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-05-21 02:23:58 215920 ----a-w- c:\windows\system32\muweb.dll
2011-05-21 02:23:58 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2011-05-20 21:22:39 -------- d-----w- c:\windows\system32\PreInstall
2011-05-20 21:22:38 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2011-05-20 21:22:37 -------- d--h--w- c:\windows\$hf_mig$
2011-05-20 18:58:50 6962000 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll
2011-05-20 18:16:51 222080 ------w- c:\windows\system32\MpSigStub.exe
.
==================== Find3M ====================
.
.
============= FINISH: 16:41:18.62 ===============