jray9242
2013-04-23, 20:51
Here is the information you requested and I hope this is helpful.
Thanks for the help.
Jim
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2
Run by USER at 13:18:12 on 2013-04-23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3583.2256 [GMT -4:00]
.
AV: PC Cleaner Pro *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}
AV: AVG Internet Security 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2013 *Disabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Documents and Settings\USER\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
d:\Program Files\WinHTTrack\WinHTTrack.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: AutorunsDisabled - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - c:\program files\nuance\pdf professional 7\bin\PlusIEContextMenu.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: ZeonIEEventHelper Class: {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Nuance PDF: {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [Nvtmru] "c:\program files\nvidia corporation\nvidia update core\nvtmru.exe" -f "c:\documents and settings\all users\application data\nvidia\updatus\nvtmru\nvtmru.dat"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
dRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
StartupFolder: c:\docume~1\user\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
uPolicies-Explorer: HideSCABattery = dword:1
uPolicies-Explorer: NoFavoritesMenu = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append the content of the link to existing PDF file - <no file>
IE: Append the content of the selected links to existing PDF file - <no file>
IE: Append to existing PDF file - <no file>
IE: Create PDF file - <no file>
IE: Create PDF file from the content of the link - <no file>
IE: Create PDF files from the selected links - <no file>
IE: Customize Menu - c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Fill Forms - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Open with Nuance PDF Converter 7.0 - c:\program files\nuance\pdf professional 7\cnvres_eng.dll /100
IE: Open with PDF Professional 7 - c:\program files\nuance\pdf professional 7\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: Save Forms - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Show RoboForm Toolbar - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{0411C004-F895-41A8-987A-879B62CCD8A8} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{6DF17BA4-C99B-49E2-BED8-4EE3BA3AB159} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{8EE23DCE-6214-4ED7-9F8F-103F39BF9C4F} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D9221241-82E4-4D10-AD34-340726E24810} : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxdev.dll
Notify: Schedule - <no file>
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\
FF - prefs.js: browser.startup.homepage - hxxp://www.ocregister.com/
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\documents and settings\user\local settings\application data\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\nuance\pdf professional 7\bin\nppdf.dll
FF - plugin: c:\program files\nuance\pdf professional 7\bin\nppdf.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1202122.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_169.dll
FF - ExtSQL: 2013-03-16 18:56; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: 2013-03-22 09:48; {22119944-ED35-4ab1-910B-E619EA06A115}; c:\program files\siber systems\ai roboform\Firefox
FF - ExtSQL: 2013-04-02 11:05; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-04-06 10:32; {4BBDD651-70CF-4821-84F8-2B918CF89CA3}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
FF - ExtSQL: 2013-04-06 10:36; firebug@software.joehewitt.com; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\firebug@software.joehewitt.com.xpi
FF - ExtSQL: 2013-04-06 10:36; translator@dontfollowme.net; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\translator@dontfollowme.net.xpi
FF - ExtSQL: 2013-04-06 10:36; {c45c406e-ab73-11d8-be73-000a95be3b12}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF - ExtSQL: 2013-04-06 10:36; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF - ExtSQL: 2013-04-06 10:36; {64161300-e22b-11db-8314-0800200c9a66}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF - ExtSQL: 2013-04-06 10:36; cache@status.org; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\cache@status.org.xpi
FF - ExtSQL: 2013-04-08 13:11; hdvc@hdvc.com; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\hdvc@hdvc.com.xpi
FF - ExtSQL: 2013-04-16 11:33; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-04-19 13:11; mbiturbd@flfsx-o.edu; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\mbiturbd@flfsx-o.edu
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 3ae0e300000000000000f46d042b580f
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15818
FF - user.js: extensions.delta.vrsn - 1.8.16.16
FF - user.js: extensions.delta.vrsni - 1.8.16.16
FF - user.js: extensions.delta.vrsnTs - 1.8.16.166:13:24
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 35552]
R0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2011-4-4 50248]
R0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2013-1-16 40648]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 164832]
R1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2011-4-4 14920]
R1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [2011-12-8 185032]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2013-3-30 21664]
R2 ASO3DiskOptimizer;ASO3DiskOptimizer;c:\program files\advanced system optimizer 3\ASO3DefragSrv.exe [2012-8-9 240480]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-16 5814904]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2012-2-4 12184]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-2-11 35088]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2012-3-23 87040]
R2 WSWNDA3100;WSWNDA3100;c:\program files\netgear\wnda3100v2\WifiSvc.exe [2013-3-26 272864]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]
R3 L1c;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2011-12-7 89240]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2011-9-2 42648]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2011-9-2 12184]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\drivers\StarPortLite.sys [2010-11-25 95592]
S1 vcdrom;Virtual CD-ROM Device Driver;h:\msdn\virtual drive\VCdRom.sys [2007-9-21 8576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-4 418376]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-4 701512]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-4-23 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-4-23 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-4-23 168384]
S3 ADASPROT;SYSTWEAKASO;\??\c:\program files\advanced system optimizer 3\adasprot32.sys --> c:\program files\advanced system optimizer 3\adasprot32.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-11-23 1691480]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [2013-3-26 642432]
S3 EaseUS Agent;EaseUS Agent Service;c:\program files\easeus\todo backup\bin\Agent.exe [2013-1-16 69192]
S3 EUBAKUP0;EUBAKUP0;\??\c:\windows\system32\drivers\eubakup0.sys --> c:\windows\system32\drivers\EUBAKUP0.sys [?]
S3 EUFDDISK0;EUFDDISK0;\??\c:\windows\system32\drivers\eufddisk0.sys --> c:\windows\system32\drivers\EUFDDISK0.sys [?]
S3 Guard Agent;Guard Agent Service;c:\program files\easeus\todo backup\bin\GuardAgent.exe [2013-1-16 23624]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2012-7-11 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2011-12-7 21248]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-20 22856]
S3 Partizan;Partizan;c:\windows\system32\drivers\Partizan.sys [2013-1-13 34760]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-12-31 27064]
S3 SystemExplorerHelpService;System Explorer Service;c:\program files\system explorer\service\SystemExplorerService.exe [2013-4-21 567256]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\razer\razer game booster\driver\WinRing0.sys [2012-11-14 14416]
S4 FreemakeVideoCapture;FreemakeVideoCapture;"c:\program files\freemake\capturelib\capturelibservice.exe" --> c:\program files\freemake\capturelib\CaptureLibService.exe [?]
S4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\futuremark\futuremark systeminfo\FMSISvc.exe [2012-1-28 135584]
S4 PDFProFiltSrv;PDFProFiltSrv;c:\program files\nuance\pdf professional 7\PDFProFiltSrv.exe [2010-7-25 134944]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S4 WACService;WACService;c:\program files\wondershare\wondershare application center\WACService.exe [2013-2-1 103272]
S4 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
.
=============== File Associations ===============
.
FileExt: .cmd: cmdfile=NOTEPAD.EXE %1
FileExt: .txt: UltraEdit.txt="c:\program files\idm computer solutions\ultraedit\uedit32.exe" "%1"
FileExt: .js: UltraEdit.js="c:\program files\idm computer solutions\ultraedit\uedit32.exe" "%1"
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-04-23 16:35:53 -------- d-----w- C:\My Web Sites
2013-04-23 10:11:55 -------- d-----w- c:\documents and settings\all users\application data\Babylon
2013-04-23 10:11:54 -------- d-----w- c:\documents and settings\user\application data\Babylon
2013-04-23 10:10:39 274432 ----a-w- c:\windows\system32\ssleay32.dll
2013-04-23 10:10:39 1122304 ----a-w- c:\windows\system32\libeay32.dll
2013-04-23 10:10:38 81920 ----a-w- c:\windows\eSellerateControl350.dll
2013-04-23 10:10:38 356352 ----a-w- c:\windows\eSellerateEngine.dll
2013-04-23 09:06:07 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-04-23 00:58:57 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro
2013-04-22 00:13:12 2083 ----a-w- c:\documents and settings\all users\application data\xml5E9.tmp
2013-04-22 00:13:12 13830 ----a-w- c:\documents and settings\all users\application data\xml5E8.tmp
2013-04-22 00:13:11 9486 ----a-w- c:\documents and settings\all users\application data\xml5E7.tmp
2013-04-21 16:00:46 -------- d-----w- c:\documents and settings\all users\application data\SystemExplorer
2013-04-21 16:00:44 -------- d-----w- c:\program files\System Explorer
2013-04-20 23:31:37 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-20 14:07:00 707728 ----a-w- c:\program files\64Uninstall TelevisionFanatic.dll
2013-04-20 14:07:00 178568 ----a-w- c:\program files\64res.dll
2013-04-20 14:00:02 -------- d-----w- C:\Fraps
2013-04-19 19:07:05 -------- d-----w- c:\program files\HD Tune
2013-04-19 17:10:55 -------- d-----w- c:\documents and settings\all users\application data\VVAudix
2013-04-18 13:46:23 -------- d-----w- c:\documents and settings\user\application data\Wargaming.net
2013-04-16 16:41:17 79360 ----a-w- c:\windows\system32\ff_vfw.dll
2013-04-16 16:41:16 -------- d-----w- c:\program files\ffdshow
2013-04-16 11:25:14 -------- d-----w- c:\documents and settings\all users\application data\AVG
2013-04-16 11:24:51 -------- d-sh--w- c:\documents and settings\all users\application data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-04-15 16:53:38 892704 ----a-w- c:\windows\system32\nvdispgenco3231422.dll
2013-04-15 16:53:37 1012512 ----a-w- c:\windows\system32\nvdispco3231422.dll
2013-04-14 19:45:38 -------- d-----w- c:\documents and settings\user\local settings\application data\Sun
2013-04-14 19:44:49 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-14 18:55:52 -------- d-----w- c:\documents and settings\user\local settings\application data\NVIDIA
2013-04-07 16:17:48 -------- d-----w- c:\documents and settings\user\application data\ts3overlay
2013-04-07 16:11:21 -------- d-----w- c:\program files\Schmads Inc
2013-04-07 16:06:29 -------- d-----w- c:\documents and settings\user\local settings\application data\TeamSpeak 3 Client
2013-04-06 19:56:23 83968 ----a-r- c:\windows\system32\drivers\Rtnicxp.sys
2013-04-01 23:48:02 -------- d-----w- c:\documents and settings\all users\application data\dvdfab
2013-03-31 00:01:04 21664 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2013-03-30 00:28:34 892704 ----a-w- c:\windows\system32\nvdispgenco3220162.dll
2013-03-30 00:28:34 1012512 ----a-w- c:\windows\system32\nvdispco3220294.dll
2013-03-27 16:38:19 -------- d-----w- c:\windows\44BD21C2913248DBB65B23817E4C6F4B.TMP
2013-03-26 17:28:08 -------- d-----w- c:\program files\Network Stumbler
2013-03-26 17:08:57 642432 ----a-w- c:\windows\system32\drivers\bcmwlhigh5.sys
2013-03-26 17:08:52 -------- d-----w- c:\program files\NETGEAR
2013-03-25 20:39:46 4546560 ----a-w- c:\windows\system32\GPhotos.scr
2013-03-25 15:43:01 -------- d-----w- c:\program files\PdaNet for Android
2013-03-24 20:59:01 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
.
==================== Find3M ====================
.
2013-04-23 13:53:52 1083408 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-04-23 13:53:52 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-04-23 13:53:49 1083408 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-04-20 17:28:48 3068 ----a-w- c:\windows\system32\ASOROSet.bin
2013-04-18 14:52:13 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-18 14:52:12 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-14 19:44:18 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-04 18:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-21 16:21:24 24576 ----a-w- c:\windows\system32\AsIO.dll
2013-03-21 16:21:24 11296 ----a-w- c:\windows\system32\drivers\AsIO.sys
2013-03-21 16:21:21 5810 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2013-03-15 05:47:17 7745536 ----a-w- c:\windows\system32\nvcuda.dll
2013-03-15 05:47:17 6074368 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-15 05:47:17 4079104 ----a-w- c:\windows\system32\nv4_disp.dll
2013-03-15 05:47:17 2733344 ----a-w- c:\windows\system32\nvcuvid.dll
2013-03-15 05:47:17 2490368 ----a-w- c:\windows\system32\nvapi.dll
2013-03-15 05:47:17 1995552 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-03-15 05:47:17 19689472 ----a-w- c:\windows\system32\nvoglnt.dll
2013-03-15 05:47:17 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-03-15 05:47:17 10713024 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-03-15 02:57:16 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-03-15 02:57:14 223008 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-15 02:57:14 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-03-15 02:57:13 15668512 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 02:57:11 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-02-26 06:31:26 65536 ----a-w- c:\windows\system32\frapsvid.dll
2013-02-23 21:00:51 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
.
============= FINISH: 13:18:43.39 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-23 13:19:40
-----------------------------
13:19:40.234 OS Version: Windows 5.1.2600 Service Pack 3
13:19:40.234 Number of processors: 2 586 0x403
13:19:40.234 ComputerName: JIM-VMQLUAY9LYA UserName: USER
13:19:42.234 Initialize success
13:24:22.312 AVAST engine defs: 13042300
13:25:05.359 The log file has been saved successfully to "C:\Documents and Settings\USER\Desktop\aswMBR.txt"
Thanks for the help.
Jim
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2
Run by USER at 13:18:12 on 2013-04-23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3583.2256 [GMT -4:00]
.
AV: PC Cleaner Pro *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}
AV: AVG Internet Security 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2013 *Disabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDCountdown.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDPop3.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Documents and Settings\USER\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
d:\Program Files\WinHTTrack\WinHTTrack.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: AutorunsDisabled - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - c:\program files\nuance\pdf professional 7\bin\PlusIEContextMenu.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: ZeonIEEventHelper Class: {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Nuance PDF: {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [Nvtmru] "c:\program files\nvidia corporation\nvidia update core\nvtmru.exe" -f "c:\documents and settings\all users\application data\nvidia\updatus\nvtmru\nvtmru.dat"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
dRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
StartupFolder: c:\docume~1\user\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
uPolicies-Explorer: HideSCABattery = dword:1
uPolicies-Explorer: NoFavoritesMenu = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append the content of the link to existing PDF file - <no file>
IE: Append the content of the selected links to existing PDF file - <no file>
IE: Append to existing PDF file - <no file>
IE: Create PDF file - <no file>
IE: Create PDF file from the content of the link - <no file>
IE: Create PDF files from the selected links - <no file>
IE: Customize Menu - c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Fill Forms - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Open with Nuance PDF Converter 7.0 - c:\program files\nuance\pdf professional 7\cnvres_eng.dll /100
IE: Open with PDF Professional 7 - c:\program files\nuance\pdf professional 7\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: Save Forms - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Show RoboForm Toolbar - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{0411C004-F895-41A8-987A-879B62CCD8A8} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{6DF17BA4-C99B-49E2-BED8-4EE3BA3AB159} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{8EE23DCE-6214-4ED7-9F8F-103F39BF9C4F} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{D9221241-82E4-4D10-AD34-340726E24810} : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxdev.dll
Notify: Schedule - <no file>
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\
FF - prefs.js: browser.startup.homepage - hxxp://www.ocregister.com/
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\documents and settings\user\local settings\application data\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\nuance\pdf professional 7\bin\nppdf.dll
FF - plugin: c:\program files\nuance\pdf professional 7\bin\nppdf.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1202122.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_169.dll
FF - ExtSQL: 2013-03-16 18:56; {DAC3F861-B30D-40dd-9166-F4E75327FAC7}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: 2013-03-22 09:48; {22119944-ED35-4ab1-910B-E619EA06A115}; c:\program files\siber systems\ai roboform\Firefox
FF - ExtSQL: 2013-04-02 11:05; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2013-04-06 10:32; {4BBDD651-70CF-4821-84F8-2B918CF89CA3}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
FF - ExtSQL: 2013-04-06 10:36; firebug@software.joehewitt.com; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\firebug@software.joehewitt.com.xpi
FF - ExtSQL: 2013-04-06 10:36; translator@dontfollowme.net; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\translator@dontfollowme.net.xpi
FF - ExtSQL: 2013-04-06 10:36; {c45c406e-ab73-11d8-be73-000a95be3b12}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF - ExtSQL: 2013-04-06 10:36; {DDC359D1-844A-42a7-9AA1-88A850A938A8}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF - ExtSQL: 2013-04-06 10:36; {64161300-e22b-11db-8314-0800200c9a66}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
FF - ExtSQL: 2013-04-06 10:36; cache@status.org; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\cache@status.org.xpi
FF - ExtSQL: 2013-04-08 13:11; hdvc@hdvc.com; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\hdvc@hdvc.com.xpi
FF - ExtSQL: 2013-04-16 11:33; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-04-19 13:11; mbiturbd@flfsx-o.edu; c:\documents and settings\user\application data\mozilla\firefox\profiles\nomuxefd.default-1365258421421\extensions\mbiturbd@flfsx-o.edu
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 3ae0e300000000000000f46d042b580f
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15818
FF - user.js: extensions.delta.vrsn - 1.8.16.16
FF - user.js: extensions.delta.vrsni - 1.8.16.16
FF - user.js: extensions.delta.vrsnTs - 1.8.16.166:13:24
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 35552]
R0 EUBAKUP;EUBAKUP;c:\windows\system32\drivers\eubakup.sys [2011-4-4 50248]
R0 EUBKMON;EUBKMON;c:\windows\system32\drivers\EUBKMON.sys [2013-1-16 40648]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 164832]
R1 EUDSKACS;EUDSKACS;c:\windows\system32\drivers\eudskacs.sys [2011-4-4 14920]
R1 EUFDDISK;EUFDDISK;c:\windows\system32\drivers\EuFdDisk.sys [2011-12-8 185032]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2013-3-30 21664]
R2 ASO3DiskOptimizer;ASO3DiskOptimizer;c:\program files\advanced system optimizer 3\ASO3DefragSrv.exe [2012-8-9 240480]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-16 5814904]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2012-2-4 12184]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-2-11 35088]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2012-3-23 87040]
R2 WSWNDA3100;WSWNDA3100;c:\program files\netgear\wnda3100v2\WifiSvc.exe [2013-3-26 272864]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]
R3 L1c;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2011-12-7 89240]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\drivers\LEqdUsb.sys [2011-9-2 42648]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\drivers\LHidEqd.sys [2011-9-2 12184]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\drivers\StarPortLite.sys [2010-11-25 95592]
S1 vcdrom;Virtual CD-ROM Device Driver;h:\msdn\virtual drive\VCdRom.sys [2007-9-21 8576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-4 418376]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-4 701512]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-4-23 1103392]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-4-23 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-4-23 168384]
S3 ADASPROT;SYSTWEAKASO;\??\c:\program files\advanced system optimizer 3\adasprot32.sys --> c:\program files\advanced system optimizer 3\adasprot32.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-11-23 1691480]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [2013-3-26 642432]
S3 EaseUS Agent;EaseUS Agent Service;c:\program files\easeus\todo backup\bin\Agent.exe [2013-1-16 69192]
S3 EUBAKUP0;EUBAKUP0;\??\c:\windows\system32\drivers\eubakup0.sys --> c:\windows\system32\drivers\EUBAKUP0.sys [?]
S3 EUFDDISK0;EUFDDISK0;\??\c:\windows\system32\drivers\eufddisk0.sys --> c:\windows\system32\drivers\EUFDDISK0.sys [?]
S3 Guard Agent;Guard Agent Service;c:\program files\easeus\todo backup\bin\GuardAgent.exe [2013-1-16 23624]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2012-7-11 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2011-12-7 21248]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-20 22856]
S3 Partizan;Partizan;c:\windows\system32\drivers\Partizan.sys [2013-1-13 34760]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-12-31 27064]
S3 SystemExplorerHelpService;System Explorer Service;c:\program files\system explorer\service\SystemExplorerService.exe [2013-4-21 567256]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\razer\razer game booster\driver\WinRing0.sys [2012-11-14 14416]
S4 FreemakeVideoCapture;FreemakeVideoCapture;"c:\program files\freemake\capturelib\capturelibservice.exe" --> c:\program files\freemake\capturelib\CaptureLibService.exe [?]
S4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\futuremark\futuremark systeminfo\FMSISvc.exe [2012-1-28 135584]
S4 PDFProFiltSrv;PDFProFiltSrv;c:\program files\nuance\pdf professional 7\PDFProFiltSrv.exe [2010-7-25 134944]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S4 WACService;WACService;c:\program files\wondershare\wondershare application center\WACService.exe [2013-2-1 103272]
S4 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
.
=============== File Associations ===============
.
FileExt: .cmd: cmdfile=NOTEPAD.EXE %1
FileExt: .txt: UltraEdit.txt="c:\program files\idm computer solutions\ultraedit\uedit32.exe" "%1"
FileExt: .js: UltraEdit.js="c:\program files\idm computer solutions\ultraedit\uedit32.exe" "%1"
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-04-23 16:35:53 -------- d-----w- C:\My Web Sites
2013-04-23 10:11:55 -------- d-----w- c:\documents and settings\all users\application data\Babylon
2013-04-23 10:11:54 -------- d-----w- c:\documents and settings\user\application data\Babylon
2013-04-23 10:10:39 274432 ----a-w- c:\windows\system32\ssleay32.dll
2013-04-23 10:10:39 1122304 ----a-w- c:\windows\system32\libeay32.dll
2013-04-23 10:10:38 81920 ----a-w- c:\windows\eSellerateControl350.dll
2013-04-23 10:10:38 356352 ----a-w- c:\windows\eSellerateEngine.dll
2013-04-23 09:06:07 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-04-23 00:58:57 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro
2013-04-22 00:13:12 2083 ----a-w- c:\documents and settings\all users\application data\xml5E9.tmp
2013-04-22 00:13:12 13830 ----a-w- c:\documents and settings\all users\application data\xml5E8.tmp
2013-04-22 00:13:11 9486 ----a-w- c:\documents and settings\all users\application data\xml5E7.tmp
2013-04-21 16:00:46 -------- d-----w- c:\documents and settings\all users\application data\SystemExplorer
2013-04-21 16:00:44 -------- d-----w- c:\program files\System Explorer
2013-04-20 23:31:37 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-20 14:07:00 707728 ----a-w- c:\program files\64Uninstall TelevisionFanatic.dll
2013-04-20 14:07:00 178568 ----a-w- c:\program files\64res.dll
2013-04-20 14:00:02 -------- d-----w- C:\Fraps
2013-04-19 19:07:05 -------- d-----w- c:\program files\HD Tune
2013-04-19 17:10:55 -------- d-----w- c:\documents and settings\all users\application data\VVAudix
2013-04-18 13:46:23 -------- d-----w- c:\documents and settings\user\application data\Wargaming.net
2013-04-16 16:41:17 79360 ----a-w- c:\windows\system32\ff_vfw.dll
2013-04-16 16:41:16 -------- d-----w- c:\program files\ffdshow
2013-04-16 11:25:14 -------- d-----w- c:\documents and settings\all users\application data\AVG
2013-04-16 11:24:51 -------- d-sh--w- c:\documents and settings\all users\application data\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-04-15 16:53:38 892704 ----a-w- c:\windows\system32\nvdispgenco3231422.dll
2013-04-15 16:53:37 1012512 ----a-w- c:\windows\system32\nvdispco3231422.dll
2013-04-14 19:45:38 -------- d-----w- c:\documents and settings\user\local settings\application data\Sun
2013-04-14 19:44:49 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-14 18:55:52 -------- d-----w- c:\documents and settings\user\local settings\application data\NVIDIA
2013-04-07 16:17:48 -------- d-----w- c:\documents and settings\user\application data\ts3overlay
2013-04-07 16:11:21 -------- d-----w- c:\program files\Schmads Inc
2013-04-07 16:06:29 -------- d-----w- c:\documents and settings\user\local settings\application data\TeamSpeak 3 Client
2013-04-06 19:56:23 83968 ----a-r- c:\windows\system32\drivers\Rtnicxp.sys
2013-04-01 23:48:02 -------- d-----w- c:\documents and settings\all users\application data\dvdfab
2013-03-31 00:01:04 21664 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2013-03-30 00:28:34 892704 ----a-w- c:\windows\system32\nvdispgenco3220162.dll
2013-03-30 00:28:34 1012512 ----a-w- c:\windows\system32\nvdispco3220294.dll
2013-03-27 16:38:19 -------- d-----w- c:\windows\44BD21C2913248DBB65B23817E4C6F4B.TMP
2013-03-26 17:28:08 -------- d-----w- c:\program files\Network Stumbler
2013-03-26 17:08:57 642432 ----a-w- c:\windows\system32\drivers\bcmwlhigh5.sys
2013-03-26 17:08:52 -------- d-----w- c:\program files\NETGEAR
2013-03-25 20:39:46 4546560 ----a-w- c:\windows\system32\GPhotos.scr
2013-03-25 15:43:01 -------- d-----w- c:\program files\PdaNet for Android
2013-03-24 20:59:01 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
.
==================== Find3M ====================
.
2013-04-23 13:53:52 1083408 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-04-23 13:53:52 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-04-23 13:53:49 1083408 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-04-20 17:28:48 3068 ----a-w- c:\windows\system32\ASOROSet.bin
2013-04-18 14:52:13 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-18 14:52:12 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-14 19:44:18 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-04 18:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-21 16:21:24 24576 ----a-w- c:\windows\system32\AsIO.dll
2013-03-21 16:21:24 11296 ----a-w- c:\windows\system32\drivers\AsIO.sys
2013-03-21 16:21:21 5810 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2013-03-15 05:47:17 7745536 ----a-w- c:\windows\system32\nvcuda.dll
2013-03-15 05:47:17 6074368 ----a-w- c:\windows\system32\nvopencl.dll
2013-03-15 05:47:17 4079104 ----a-w- c:\windows\system32\nv4_disp.dll
2013-03-15 05:47:17 2733344 ----a-w- c:\windows\system32\nvcuvid.dll
2013-03-15 05:47:17 2490368 ----a-w- c:\windows\system32\nvapi.dll
2013-03-15 05:47:17 1995552 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-03-15 05:47:17 19689472 ----a-w- c:\windows\system32\nvoglnt.dll
2013-03-15 05:47:17 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-03-15 05:47:17 10713024 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-03-15 02:57:16 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-03-15 02:57:14 223008 ----a-w- c:\windows\system32\nvmctray.dll
2013-03-15 02:57:14 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-03-15 02:57:13 15668512 ----a-w- c:\windows\system32\nvcpl.dll
2013-03-15 02:57:11 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-02-26 06:31:26 65536 ----a-w- c:\windows\system32\frapsvid.dll
2013-02-23 21:00:51 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-12 00:32:23 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
.
============= FINISH: 13:18:43.39 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-23 13:19:40
-----------------------------
13:19:40.234 OS Version: Windows 5.1.2600 Service Pack 3
13:19:40.234 Number of processors: 2 586 0x403
13:19:40.234 ComputerName: JIM-VMQLUAY9LYA UserName: USER
13:19:42.234 Initialize success
13:24:22.312 AVAST engine defs: 13042300
13:25:05.359 The log file has been saved successfully to "C:\Documents and Settings\USER\Desktop\aswMBR.txt"