PDA

View Full Version : Browse to Save removal


jray9242
2013-04-23, 19:51
Here is the information you requested and I hope this is helpful.

Thanks for the help.

Jim

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2
Run by USER at 13:18:12 on 2013-04-23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3583.2256 [GMT -4:00]
.
AV: PC Cleaner Pro *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}
AV: AVG Internet Security 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2013 *Disabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Documents and Settings\USER\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
d:\Program Files\WinHTTrack\WinHTTrack.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: AutorunsDisabled - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - c:\program files\nuance\pdf professional 7\bin\PlusIEContextMenu.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: ZeonIEEventHelper Class: {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Nuance PDF: {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [Nvtmru] "c:\program files\nvidia corporation\nvidia update core\nvtmru.exe" -f "c:\documents and settings\all users\application data\nvidia\updatus\nvtmru\nvtmru.dat"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
dRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
StartupFolder: c:\docume~1\user\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
uPolicies-Explorer: HideSCABattery = dword:1
uPolicies-Explorer: NoFavoritesMenu = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append the content of the link to existing PDF file - <no file>
IE: Append the content of the selected links to existing PDF file - <no file>
IE: Append to existing PDF file - <no file>
IE: Create PDF file - <no file>
IE: Create PDF file from the content of the link - <no file>
IE: Create PDF files from the selected links - <no file>
IE: Customize Menu - c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Fill Forms - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Open with Nuance PDF Converter 7.0 - c:\program files\nuance\pdf professional 7\cnvres_eng.dll /100
IE: Open with PDF Professional 7 - c:\program files\nuance\pdf professional 7\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: Save Forms - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Show RoboForm Toolbar - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{0411C004-F895-41A8-987A-879B62CCD8A8} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{6DF17BA4-C99B-49E2-BED8-4EE3BA3AB159} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{8EE23DCE-6214-4ED7-9F8F-103F39BF9C4F} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D9221241-82E4-4D10-AD34-340726E24810} : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxdev.dll
Notify: Schedule - <no file>
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\
FF - prefs.js: browser.startup.homepage - hxxp://www.ocregister.com/
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\documents and settings\user\local settings\application data\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\nuance\pdf professional 7\bin\nppdf.dll
FF - plugin: c:\program files\nuance\pdf professional 7\bin\nppdf.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1202122.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_169.dll
FF - ExtSQL: 2013-03-16 18:56; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: 2013-03-22 09:48; {22119944-ED35-4ab1-910B-E619EA06A115}; c:\program files\siber systems\ai roboform\Firefox
FF - ExtSQL: 2013-04-02 11:05; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-04-06 10:32; {4BBDD651-70CF-4821-84F8-2B918CF89CA3}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
FF - ExtSQL: 2013-04-06 10:36; firebug@software.joehewitt.com; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\firebug@software.joehewitt.com.xpi
FF - ExtSQL: 2013-04-06 10:36; translator@dontfollowme.net; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\translator@dontfollowme.net.xpi
FF - ExtSQL: 2013-04-06 10:36; {c45c406e-ab73-11d8-be73-000a95be3b12}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF - ExtSQL: 2013-04-06 10:36; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF - ExtSQL: 2013-04-06 10:36; {64161300-e22b-11db-8314-0800200c9a66}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF - ExtSQL: 2013-04-06 10:36; cache@status.org; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\cache@status.org.xpi
FF - ExtSQL: 2013-04-08 13:11; hdvc@hdvc.com; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\hdvc@hdvc.com.xpi
FF - ExtSQL: 2013-04-16 11:33; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-04-19 13:11; mbiturbd@flfsx-o.edu; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\mbiturbd@flfsx-o.edu
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 3ae0e300000000000000f46d042b580f
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15818
FF - user.js: extensions.delta.vrsn - 1.8.16.16
FF - user.js: extensions.delta.vrsni - 1.8.16.16
FF - user.js: extensions.delta.vrsnTs - 1.8.16.166:13:24
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 35552]
R0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2011-4-4 50248]
R0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2013-1-16 40648]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 164832]
R1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2011-4-4 14920]
R1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [2011-12-8 185032]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2013-3-30 21664]
R2 ASO3DiskOptimizer;ASO3DiskOptimizer;c:\program files\advanced system optimizer 3\ASO3DefragSrv.exe [2012-8-9 240480]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-16 5814904]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2012-2-4 12184]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-2-11 35088]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2012-3-23 87040]
R2 WSWNDA3100;WSWNDA3100;c:\program files\netgear\wnda3100v2\WifiSvc.exe [2013-3-26 272864]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]
R3 L1c;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2011-12-7 89240]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2011-9-2 42648]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2011-9-2 12184]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\drivers\StarPortLite.sys [2010-11-25 95592]
S1 vcdrom;Virtual CD-ROM Device Driver;h:\msdn\virtual drive\VCdRom.sys [2007-9-21 8576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-4 418376]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-4 701512]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-4-23 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-4-23 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-4-23 168384]
S3 ADASPROT;SYSTWEAKASO;\??\c:\program files\advanced system optimizer 3\adasprot32.sys --> c:\program files\advanced system optimizer 3\adasprot32.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-11-23 1691480]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [2013-3-26 642432]
S3 EaseUS Agent;EaseUS Agent Service;c:\program files\easeus\todo backup\bin\Agent.exe [2013-1-16 69192]
S3 EUBAKUP0;EUBAKUP0;\??\c:\windows\system32\drivers\eubakup0.sys --> c:\windows\system32\drivers\EUBAKUP0.sys [?]
S3 EUFDDISK0;EUFDDISK0;\??\c:\windows\system32\drivers\eufddisk0.sys --> c:\windows\system32\drivers\EUFDDISK0.sys [?]
S3 Guard Agent;Guard Agent Service;c:\program files\easeus\todo backup\bin\GuardAgent.exe [2013-1-16 23624]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2012-7-11 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2011-12-7 21248]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-20 22856]
S3 Partizan;Partizan;c:\windows\system32\drivers\Partizan.sys [2013-1-13 34760]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-12-31 27064]
S3 SystemExplorerHelpService;System Explorer Service;c:\program files\system explorer\service\SystemExplorerService.exe [2013-4-21 567256]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\razer\razer game booster\driver\WinRing0.sys [2012-11-14 14416]
S4 FreemakeVideoCapture;FreemakeVideoCapture;"c:\program files\freemake\capturelib\capturelibservice.exe" --> c:\program files\freemake\capturelib\CaptureLibService.exe [?]
S4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\futuremark\futuremark systeminfo\FMSISvc.exe [2012-1-28 135584]
S4 PDFProFiltSrv;PDFProFiltSrv;c:\program files\nuance\pdf professional 7\PDFProFiltSrv.exe [2010-7-25 134944]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S4 WACService;WACService;c:\program files\wondershare\wondershare application center\WACService.exe [2013-2-1 103272]
S4 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
.
=============== File Associations ===============
.
FileExt: .cmd: cmdfile=NOTEPAD.EXE %1
FileExt: .txt: UltraEdit.txt="c:\program files\idm computer solutions\ultraedit\uedit32.exe" "%1"
FileExt: .js: UltraEdit.js="c:\program files\idm computer solutions\ultraedit\uedit32.exe" "%1"
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-04-23 16:35:53 -------- d-----w- C:\My Web Sites
2013-04-23 10:11:55 -------- d-----w- c:\documents and settings\all users\application data\Babylon
2013-04-23 10:11:54 -------- d-----w- c:\documents and settings\user\application data\Babylon
2013-04-23 10:10:39 274432 ----a-w- c:\windows\system32\ssleay32.dll
2013-04-23 10:10:39 1122304 ----a-w- c:\windows\system32\libeay32.dll
2013-04-23 10:10:38 81920 ----a-w- c:\windows\eSellerateControl350.dll
2013-04-23 10:10:38 356352 ----a-w- c:\windows\eSellerateEngine.dll
2013-04-23 09:06:07 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-04-23 00:58:57 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro
2013-04-22 00:13:12 2083 ----a-w- c:\documents and settings\all users\application data\xml5E9.tmp
2013-04-22 00:13:12 13830 ----a-w- c:\documents and settings\all users\application data\xml5E8.tmp
2013-04-22 00:13:11 9486 ----a-w- c:\documents and settings\all users\application data\xml5E7.tmp
2013-04-21 16:00:46 -------- d-----w- c:\documents and settings\all users\application data\SystemExplorer
2013-04-21 16:00:44 -------- d-----w- c:\program files\System Explorer
2013-04-20 23:31:37 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-20 14:07:00 707728 ----a-w- c:\program files\64Uninstall TelevisionFanatic.dll
2013-04-20 14:07:00 178568 ----a-w- c:\program files\64res.dll
2013-04-20 14:00:02 -------- d-----w- C:\Fraps
2013-04-19 19:07:05 -------- d-----w- c:\program files\HD Tune
2013-04-19 17:10:55 -------- d-----w- c:\documents and settings\all users\application data\VVAudix
2013-04-18 13:46:23 -------- d-----w- c:\documents and settings\user\application data\Wargaming.net
2013-04-16 16:41:17 79360 ----a-w- c:\windows\system32\ff_vfw.dll
2013-04-16 16:41:16 -------- d-----w- c:\program files\ffdshow
2013-04-16 11:25:14 -------- d-----w- c:\documents and settings\all users\application data\AVG
2013-04-16 11:24:51 -------- d-sh--w- c:\documents and settings\all users\application data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-04-15 16:53:38 892704 ----a-w- c:\windows\system32\nvdispgenco3231422.dll
2013-04-15 16:53:37 1012512 ----a-w- c:\windows\system32\nvdispco3231422.dll
2013-04-14 19:45:38 -------- d-----w- c:\documents and settings\user\local settings\application data\Sun
2013-04-14 19:44:49 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-14 18:55:52 -------- d-----w- c:\documents and settings\user\local settings\application data\NVIDIA
2013-04-07 16:17:48 -------- d-----w- c:\documents and settings\user\application data\ts3overlay
2013-04-07 16:11:21 -------- d-----w- c:\program files\Schmads Inc
2013-04-07 16:06:29 -------- d-----w- c:\documents and settings\user\local settings\application data\TeamSpeak 3 Client
2013-04-06 19:56:23 83968 ----a-r- c:\windows\system32\drivers\Rtnicxp.sys
2013-04-01 23:48:02 -------- d-----w- c:\documents and settings\all users\application data\dvdfab
2013-03-31 00:01:04 21664 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2013-03-30 00:28:34 892704 ----a-w- c:\windows\system32\nvdispgenco3220162.dll
2013-03-30 00:28:34 1012512 ----a-w- c:\windows\system32\nvdispco3220294.dll
2013-03-27 16:38:19 -------- d-----w- c:\windows\44BD21C2913248DBB65B23817E4C6F4B.TMP
2013-03-26 17:28:08 -------- d-----w- c:\program files\Network Stumbler
2013-03-26 17:08:57 642432 ----a-w- c:\windows\system32\drivers\bcmwlhigh5.sys
2013-03-26 17:08:52 -------- d-----w- c:\program files\NETGEAR
2013-03-25 20:39:46 4546560 ----a-w- c:\windows\system32\GPhotos.scr
2013-03-25 15:43:01 -------- d-----w- c:\program files\PdaNet for Android
2013-03-24 20:59:01 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
.
==================== Find3M ====================
.
2013-04-23 13:53:52 1083408 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-04-23 13:53:52 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-04-23 13:53:49 1083408 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-04-20 17:28:48 3068 ----a-w- c:\windows\system32\ASOROSet.bin
2013-04-18 14:52:13 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-18 14:52:12 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-14 19:44:18 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-04 18:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-21 16:21:24 24576 ----a-w- c:\windows\system32\AsIO.dll
2013-03-21 16:21:24 11296 ----a-w- c:\windows\system32\drivers\AsIO.sys
2013-03-21 16:21:21 5810 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2013-03-15 05:47:17 7745536 ----a-w- c:\windows\system32\nvcuda.dll
2013-03-15 05:47:17 6074368 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-15 05:47:17 4079104 ----a-w- c:\windows\system32\nv4_disp.dll
2013-03-15 05:47:17 2733344 ----a-w- c:\windows\system32\nvcuvid.dll
2013-03-15 05:47:17 2490368 ----a-w- c:\windows\system32\nvapi.dll
2013-03-15 05:47:17 1995552 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-03-15 05:47:17 19689472 ----a-w- c:\windows\system32\nvoglnt.dll
2013-03-15 05:47:17 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-03-15 05:47:17 10713024 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-03-15 02:57:16 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-03-15 02:57:14 223008 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-15 02:57:14 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-03-15 02:57:13 15668512 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 02:57:11 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-02-26 06:31:26 65536 ----a-w- c:\windows\system32\frapsvid.dll
2013-02-23 21:00:51 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
.
============= FINISH: 13:18:43.39 ===============


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-23 13:19:40
-----------------------------
13:19:40.234 OS Version: Windows 5.1.2600 Service Pack 3
13:19:40.234 Number of processors: 2 586 0x403
13:19:40.234 ComputerName: JIM-VMQLUAY9LYA UserName: USER
13:19:42.234 Initialize success
13:24:22.312 AVAST engine defs: 13042300
13:25:05.359 The log file has been saved successfully to "C:\Documents and Settings\USER\Desktop\aswMBR.txt"
ken545
2013-04-28, 22:37
:welcome:

Sorry for the delay, we get busy most times. Run these programs in order please

Go here (http://www.bleepingcomputer.com/download/adwcleaner/dl/125/) and download AdwCleaner to your desktop


Double click on AdwCleaner.exe to run the tool.
Click on Delete
A logfile will automatically open after the scan has finished.
Please post the content of that logfile in your reply.
You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.


http://i24.photobucket.com/albums/c30/ken545/AdwareCleaner.jpg







Download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop


shut down your protection software now to avoid potential conflicts.
run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
the tool will open and start scanning your system
please be patient as this can take a while to complete depending on your system's specifications
on completion, a log (JRT.txt) is saved to your desktop and will automatically open
post the contents of JRT.txt into your next message.









Please download Malwarebytes from Here (http://www.malwarebytes.org/mbam-download.php) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)


Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://i24.photobucket.com/albums/c30/ken545/MBAMCapture.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please








OTL by OldTimer

Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Click the "Scan All Users" checkbox.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
ken545
2013-05-04, 14:59
Due to inactivity, this thread will now be closed.

If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a new DDS log with a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.