-
Third computer
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37
Run by ZPM at 12:39:09 on 2014-05-14
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.630 [GMT -7:00]
.
AV: Bitdefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: ZoneAlarm Antivirus *Disabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: Norton Internet Worm Protection *Disabled*
FW: Bitdefender Firewall *Enabled*
FW: ZoneAlarm Firewall *Disabled*
.
============== Running Processes ================
.
C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Emerge Desktop\emergeCore.exe
C:\Program Files\Emerge Desktop\Explorer.exe
C:\Program Files\Emerge Desktop\emergeTasks.exe
C:\Program Files\Emerge Desktop\emergeTray.exe
C:\Program Files\Emerge Desktop\emergeWorkspace.exe
C:\Program Files\Emerge Desktop\emergeLauncher.exe
C:\Program Files\Emerge Desktop\emergeHotkeys.exe
C:\Program Files\Emerge Desktop\emergeCommand.exe
C:\Program Files\Emerge Desktop\emergeSysMon.exe
C:\Program Files\Emerge Desktop\emergePower.exe
C:\Documents and Settings\ZPM\My Documents\iTunes3.exe
C:\Program Files\DateInTray\DateInTray.exe
C:\Documents and Settings\ZPM\Local Settings\Apps\2.0\HMONWXZO.CX5\NE27Y0J8.ZWO\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\AirPort\APAgent.exe
C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
c:\windows\explorer.exe
C:\Documents and Settings\ZPM\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\ZPM\My Documents\My Dropbox\Personal\CARDFILE.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = about:blank
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uWinlogon: Shell = c:\program files\emerge desktop\emergeCore.exe
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [DateInTray] c:\program files\dateintray\DateInTray.exe
uRun: [DellSystemDetect] c:\documents and settings\zpm\local settings\apps\2.0\hmonwxzo.cx5\ne27y0j8.zwo\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
mRun: [AirPort Base Station Agent] "c:\program files\airport\APAgent.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
mRun: [Bdagent] c:\program files\bitdefender\bitdefender 2013\bdagent.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\docume~1\zpm\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\zpm\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\zpm\startm~1\programs\startup\shortc~1.lnk - c:\documents and settings\zpm\my documents\iTunes3.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: dell.com
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356985899781
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file://c:\program files\autocad 2002\AcDcToday.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - hxxp://pcpitstop.com/mhLbl.cab
DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} - file://c:\program files\autocad 2002\InstBanr.ocx
DPF: {C6637286-300D-11D4-AE0A-0010830243BD} - file://c:\program files\autocad 2002\InstFred.ocx
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file://c:\program files\autocad 2002\AcPreview.ocx
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{0BAE00E5-F879-4156-96DD-CF23EEFEDDE3} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\zpm\application data\mozilla\firefox\profiles\144fcraj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: c:\program files\photosynth\npPhotosynthMozilla.dll
FF - plugin: c:\program files\skyhook wireless\loki browser plugin\versions\3.4.2.20\nploki.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_13_0_0_206.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_13_0_0_214.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
---- FIREFOX POLICIES ----
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 1000000
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: network.http.max-persistent-connections-per-server - 4
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2012-12-31 778032]
R0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2012-12-31 165744]
R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2013\updatesrv.exe [2012-12-31 54960]
R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2012-12-31 242504]
R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2012-12-31 516936]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf.sys [2012-12-31 116560]
S2 gupdate1c9a072f8106ff4;Google Update Service (gupdate1c9a072f8106ff4);c:\program files\google\update\GoogleUpdate.exe [2009-3-8 133104]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-9-5 171680]
S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\drivers\BazisVirtualCDBus.sys [2011-6-4 117584]
S3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2012-12-31 66832]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-8-5 80824]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2008-9-23 20480]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2009-8-3 174336]
S3 SKYSCOUT;Celestron SkyScout driver;c:\windows\system32\drivers\UsbScout.sys [2005-6-14 20480]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-8-5 181432]
S3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\drivers\VX6000Xp.sys [2010-1-24 2077840]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe --> c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [?]
S4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\bitdefender\bitdefender 2013\bdparentalservice.exe [2012-12-31 62688]
S4 Freemake Improver;Freemake Improver;c:\documents and settings\all users\application data\freemake\freemakeutilsservice\FreemakeUtilsService.exe [2012-4-12 96768]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\Notepad2.exe="c:\program files\notepad2\Notepad2.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2014-05-14 13:58:54 -------- d-----w- c:\documents and settings\zpm\application data\DropboxMaster
2014-05-13 04:22:52 -------- d-----w- c:\program files\iPod
2014-05-13 04:22:29 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-10 15:08:05 93808 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
2014-05-10 15:07:59 75376 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
2014-05-10 15:07:59 46704 ----a-w- c:\program files\mozilla firefox\browser\components\browsercomps.dll
2014-05-10 15:07:59 20080 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll
2014-05-03 15:04:57 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-03 15:04:26 50648 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-03 15:04:26 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-03 15:04:26 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
.
==================== Find3M ====================
.
2014-05-14 04:49:36 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-14 04:49:36 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-01 05:46:48 130712 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2014-04-01 05:46:48 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2014-03-06 17:59:23 920064 ----a-w- c:\windows\system32\wininet.dll
2014-03-06 17:59:22 43520 ------w- c:\windows\system32\licmgr10.dll
2014-03-06 17:59:22 18944 ----a-w- c:\windows\system32\corpol.dll
2014-03-06 17:59:22 1469440 ------w- c:\windows\system32\inetcpl.cpl
2014-03-06 00:46:54 385024 ------w- c:\windows\system32\html.iec
2014-02-26 01:59:05 13312 ------w- c:\windows\system32\xp_eos.exe
.
============= FINISH: 12:40:17.73 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-05-14 12:45:58
-----------------------------
12:45:58.843 OS Version: Windows 5.1.2600 Service Pack 3
12:45:58.843 Number of processors: 2 586 0xF06
12:45:58.843 ComputerName: LAPTOP3 UserName: ZPM
12:46:10.343 Initialize success
13:00:36.953 AVAST engine defs: 14051401
13:01:18.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
13:01:18.125 Disk 0 Vendor: WDC_WD3200BEKT-60KA9T0 01.01A01 Size: 305245MB BusType: 3
13:01:18.234 Disk 0 MBR read successfully
13:01:18.250 Disk 0 MBR scan
13:01:18.375 Disk 0 unknown MBR code
13:01:18.390 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 128809 MB offset 2048
13:01:18.437 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 176432 MB offset 263803365
13:01:18.703 Disk 0 scanning sectors +625137345
13:01:18.781 Disk 0 scanning C:\WINDOWS\system32\drivers
13:01:50.687 Service scanning
13:01:54.765 Service Bdfndisf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf.sys **LOCKED** 5
13:01:54.953 Service bdftdif C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys **LOCKED** 5
13:01:55.109 Service bdselfpr C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys **LOCKED** 5
13:02:17.531 Modules scanning
13:02:23.453 Disk 0 trace - called modules:
13:02:23.484 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
13:02:23.500 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a809ab8]
13:02:23.500 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000071[0x8a80df18]
13:02:23.515 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a86b940]
13:02:24.015 AVAST engine scan C:\WINDOWS
13:02:36.718 AVAST engine scan C:\WINDOWS\system32
13:06:28.859 AVAST engine scan C:\WINDOWS\system32\drivers
13:06:56.359 AVAST engine scan C:\Documents and Settings\ZPM
13:46:40.468 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\ZPM\Desktop\MBR.dat"
13:46:40.578 The log file has been saved successfully to "C:\Documents and Settings\ZPM\Desktop\aswMBR.txt"
Last edited by tashi; 2014-05-15 at 06:08.
Reason: Merged two posts
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
