Results 1 to 9 of 9

Thread: Third computer

  1. #1
    Member
    Join Date
    Dec 2008
    Posts
    56

    Default Third computer

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_37
    Run by ZPM at 12:39:09 on 2014-05-14
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.630 [GMT -7:00]
    .
    AV: Bitdefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
    AV: ZoneAlarm Antivirus *Disabled/Updated* {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
    FW: Norton Internet Worm Protection *Disabled*
    FW: Bitdefender Firewall *Enabled*
    FW: ZoneAlarm Firewall *Disabled*
    .
    ============== Running Processes ================
    .
    C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Program Files\Emerge Desktop\emergeCore.exe
    C:\Program Files\Emerge Desktop\Explorer.exe
    C:\Program Files\Emerge Desktop\emergeTasks.exe
    C:\Program Files\Emerge Desktop\emergeTray.exe
    C:\Program Files\Emerge Desktop\emergeWorkspace.exe
    C:\Program Files\Emerge Desktop\emergeLauncher.exe
    C:\Program Files\Emerge Desktop\emergeHotkeys.exe
    C:\Program Files\Emerge Desktop\emergeCommand.exe
    C:\Program Files\Emerge Desktop\emergeSysMon.exe
    C:\Program Files\Emerge Desktop\emergePower.exe
    C:\Documents and Settings\ZPM\My Documents\iTunes3.exe
    C:\Program Files\DateInTray\DateInTray.exe
    C:\Documents and Settings\ZPM\Local Settings\Apps\2.0\HMONWXZO.CX5\NE27Y0J8.ZWO\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Dell\MediaDirect\PCMService.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\AirPort\APAgent.exe
    C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
    C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
    c:\windows\explorer.exe
    C:\Documents and Settings\ZPM\Application Data\Dropbox\bin\Dropbox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Documents and Settings\ZPM\My Documents\My Dropbox\Personal\CARDFILE.EXE
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    C:\WINDOWS\system32\svchost.exe -k rpcss
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    mStart Page = about:blank
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    uWinlogon: Shell = c:\program files\emerge desktop\emergeCore.exe
    BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    uRun: [DateInTray] c:\program files\dateintray\DateInTray.exe
    uRun: [DellSystemDetect] c:\documents and settings\zpm\local settings\apps\2.0\hmonwxzo.cx5\ne27y0j8.zwo\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
    mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
    mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay
    mRun: [AirPort Base Station Agent] "c:\program files\airport\APAgent.exe"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
    mRun: [Bdagent] c:\program files\bitdefender\bitdefender 2013\bdagent.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    StartupFolder: c:\docume~1\zpm\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\zpm\application data\dropbox\bin\Dropbox.exe
    StartupFolder: c:\docume~1\zpm\startm~1\programs\startup\shortc~1.lnk - c:\documents and settings\zpm\my documents\iTunes3.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    uPolicies-Explorer: NoDriveAutoRun = dword:67108863
    uPolicies-Explorer: NoDrives = dword:0
    mPolicies-Explorer: NoDriveAutoRun = dword:67108863
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    mPolicies-Explorer: NoDrives = dword:0
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    mPolicies-Explorer: NoDriveAutoRun = dword:67108863
    IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office12\EXCEL.EXE/3000
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    Trusted Zone: dell.com
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356985899781
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file://c:\program files\autocad 2002\AcDcToday.ocx
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - hxxp://pcpitstop.com/mhLbl.cab
    DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} - file://c:\program files\autocad 2002\InstBanr.ocx
    DPF: {C6637286-300D-11D4-AE0A-0010830243BD} - file://c:\program files\autocad 2002\InstFred.ocx
    DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
    DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file://c:\program files\autocad 2002\AcPreview.ocx
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{0BAE00E5-F879-4156-96DD-CF23EEFEDDE3} : DHCPNameServer = 192.168.1.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: AtiExtEvent - Ati2evxx.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\zpm\application data\mozilla\firefox\profiles\144fcraj.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\update\1.3.24.7\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.30214.0\npctrlui.dll
    FF - plugin: c:\program files\photosynth\npPhotosynthMozilla.dll
    FF - plugin: c:\program files\skyhook wireless\loki browser plugin\versions\3.4.2.20\nploki.dll
    FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_13_0_0_206.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_13_0_0_214.dll
    FF - plugin: c:\windows\system32\npdeployJava1.dll
    FF - plugin: c:\windows\system32\npptools.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: content.max.tokenizing.time - 1800000
    FF - user.js: content.notify.interval - 600000
    FF - user.js: content.switch.threshold - 1000000
    FF - user.js: nglayout.initialpaint.delay - 600
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2012-12-31 778032]
    R0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2012-12-31 165744]
    R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2013\updatesrv.exe [2012-12-31 54960]
    R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2012-12-31 242504]
    R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2012-12-31 516936]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf.sys [2012-12-31 116560]
    S2 gupdate1c9a072f8106ff4;Google Update Service (gupdate1c9a072f8106ff4);c:\program files\google\update\GoogleUpdate.exe [2009-3-8 133104]
    S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-9-5 171680]
    S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\drivers\BazisVirtualCDBus.sys [2011-6-4 117584]
    S3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2012-12-31 66832]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-8-5 80824]
    S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
    S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2008-9-23 20480]
    S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2009-8-3 174336]
    S3 SKYSCOUT;Celestron SkyScout driver;c:\windows\system32\drivers\UsbScout.sys [2005-6-14 20480]
    S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-8-5 181432]
    S3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\drivers\VX6000Xp.sys [2010-1-24 2077840]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe --> c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [?]
    S4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\bitdefender\bitdefender 2013\bdparentalservice.exe [2012-12-31 62688]
    S4 Freemake Improver;Freemake Improver;c:\documents and settings\all users\application data\freemake\freemakeutilsservice\FreemakeUtilsService.exe [2012-4-12 96768]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: Applications\Notepad2.exe="c:\program files\notepad2\Notepad2.exe" "%1" [UserChoice]
    .
    =============== Created Last 30 ================
    .
    2014-05-14 13:58:54 -------- d-----w- c:\documents and settings\zpm\application data\DropboxMaster
    2014-05-13 04:22:52 -------- d-----w- c:\program files\iPod
    2014-05-13 04:22:29 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2014-05-10 15:08:05 93808 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
    2014-05-10 15:07:59 75376 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
    2014-05-10 15:07:59 46704 ----a-w- c:\program files\mozilla firefox\browser\components\browsercomps.dll
    2014-05-10 15:07:59 20080 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll
    2014-05-03 15:04:57 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2014-05-03 15:04:26 50648 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2014-05-03 15:04:26 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
    2014-05-03 15:04:26 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
    .
    ==================== Find3M ====================
    .
    2014-05-14 04:49:36 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2014-05-14 04:49:36 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2014-04-01 05:46:48 130712 ----a-w- c:\windows\system32\MSSTDFMT.DLL
    2014-04-01 05:46:48 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
    2014-03-06 17:59:23 920064 ----a-w- c:\windows\system32\wininet.dll
    2014-03-06 17:59:22 43520 ------w- c:\windows\system32\licmgr10.dll
    2014-03-06 17:59:22 18944 ----a-w- c:\windows\system32\corpol.dll
    2014-03-06 17:59:22 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2014-03-06 00:46:54 385024 ------w- c:\windows\system32\html.iec
    2014-02-26 01:59:05 13312 ------w- c:\windows\system32\xp_eos.exe
    .
    ============= FINISH: 12:40:17.73 ===============

    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2014-05-14 12:45:58
    -----------------------------
    12:45:58.843 OS Version: Windows 5.1.2600 Service Pack 3
    12:45:58.843 Number of processors: 2 586 0xF06
    12:45:58.843 ComputerName: LAPTOP3 UserName: ZPM
    12:46:10.343 Initialize success
    13:00:36.953 AVAST engine defs: 14051401
    13:01:18.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
    13:01:18.125 Disk 0 Vendor: WDC_WD3200BEKT-60KA9T0 01.01A01 Size: 305245MB BusType: 3
    13:01:18.234 Disk 0 MBR read successfully
    13:01:18.250 Disk 0 MBR scan
    13:01:18.375 Disk 0 unknown MBR code
    13:01:18.390 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 128809 MB offset 2048
    13:01:18.437 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 176432 MB offset 263803365
    13:01:18.703 Disk 0 scanning sectors +625137345
    13:01:18.781 Disk 0 scanning C:\WINDOWS\system32\drivers
    13:01:50.687 Service scanning
    13:01:54.765 Service Bdfndisf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf.sys **LOCKED** 5
    13:01:54.953 Service bdftdif C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys **LOCKED** 5
    13:01:55.109 Service bdselfpr C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys **LOCKED** 5
    13:02:17.531 Modules scanning
    13:02:23.453 Disk 0 trace - called modules:
    13:02:23.484 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
    13:02:23.500 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a809ab8]
    13:02:23.500 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000071[0x8a80df18]
    13:02:23.515 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a86b940]
    13:02:24.015 AVAST engine scan C:\WINDOWS
    13:02:36.718 AVAST engine scan C:\WINDOWS\system32
    13:06:28.859 AVAST engine scan C:\WINDOWS\system32\drivers
    13:06:56.359 AVAST engine scan C:\Documents and Settings\ZPM
    13:46:40.468 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\ZPM\Desktop\MBR.dat"
    13:46:40.578 The log file has been saved successfully to "C:\Documents and Settings\ZPM\Desktop\aswMBR.txt"
    Attached Files Attached Files
    Last edited by tashi; 2014-05-15 at 07:08. Reason: Merged two posts

  2. #2
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Bernard,

    Not looking at anything earth shattering so far, lets just run some tools to clean you up.


    Download TFC to your desktop
    • Close any open windows.
    • Double click the TFC icon to run the program
    • TFC will close all open programs itself in order to run,
    • Click the Start button to begin the process.
    • Allow TFC to run uninterrupted.
    • The program should not take long to finish it's job
    • Once its finished it should automatically reboot your machine,
    • if it doesn't, manually reboot to ensure a complete clean








    -AdwCleaner-by Xplode

    Click on this link to download : ADWCleaner
    Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

    Do not click on any links in the top Advertisment.



    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Scan.
    • After the scan is complete click on "Clean"
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.










    Please download Malwarebytes Anti-Malware to your desktop.


    • Right-click and Run as Administrator mbam-setup.exe and follow the prompts to install the program.
    • Once installed, Malwarebytes will ask if you want to Launch Now. Please select to do so and then Malwarebytes will open and update on its own. Please allow this to complete.
    • If an update is found, it will download and install the latest version.
    • Let's be sure to run a Hyper Scan. Press the Scan tab and then select Hyper Scan.
    • Press Scan Now then Skip Update (since we just updated it)





    • When the scan is complete, click View Detailed Log, then Export to save the log to your Desktop (name the log MBAM Scan).
    • Copy and Paste all of the information in that file to your next reply.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  3. #3
    Member
    Join Date
    Dec 2008
    Posts
    56

    Default

    # AdwCleaner v3.208 - Report created 15/05/2014 at 12:23:50
    # Updated 11/05/2014 by Xplode
    # Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
    # Username : ZPM - LAPTOP3
    # Running from : C:\Documents and Settings\ZPM\My Documents\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
    File Deleted : C:\Documents and Settings\ZPM\Application Data\Mozilla\Firefox\Profiles\144fcraj.default\user.js

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
    Key Deleted : HKCU\Software\APN PIP
    Key Deleted : HKCU\Software\YahooPartnerToolbar
    Key Deleted : HKLM\Software\Freeze.com
    Key Deleted : HKLM\Software\PIP
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer

    ***** [ Browsers ] *****

    -\\ Internet Explorer v8.0.6001.18702


    -\\ Mozilla Firefox v29.0.1 (en-US)

    [ File : C:\Documents and Settings\ZPM\Application Data\Mozilla\Firefox\Profiles\144fcraj.default\prefs.js ]


    *************************

    AdwCleaner[R0].txt - [2201 octets] - [15/05/2014 12:12:35]
    AdwCleaner[S0].txt - [2160 octets] - [15/05/2014 12:23:50]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2220 octets] ##########


    # AdwCleaner v3.208 - Report created 15/05/2014 at 12:23:50
    # Updated 11/05/2014 by Xplode
    # Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
    # Username : ZPM - LAPTOP3
    # Running from : C:\Documents and Settings\ZPM\My Documents\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
    File Deleted : C:\Documents and Settings\ZPM\Application Data\Mozilla\Firefox\Profiles\144fcraj.default\user.js

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
    Key Deleted : HKCU\Software\APN PIP
    Key Deleted : HKCU\Software\YahooPartnerToolbar
    Key Deleted : HKLM\Software\Freeze.com
    Key Deleted : HKLM\Software\PIP
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer

    ***** [ Browsers ] *****

    -\\ Internet Explorer v8.0.6001.18702


    -\\ Mozilla Firefox v29.0.1 (en-US)

    [ File : C:\Documents and Settings\ZPM\Application Data\Mozilla\Firefox\Profiles\144fcraj.default\prefs.js ]


    *************************

    AdwCleaner[R0].txt - [2201 octets] - [15/05/2014 12:12:35]
    AdwCleaner[S0].txt - [2160 octets] - [15/05/2014 12:23:50]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2220 octets] ##########

  4. #4
    Member
    Join Date
    Dec 2008
    Posts
    56

    Default

    Not sure if it has anything to do with malware but this laptop just got extra-slow, to boot up, to run malwarebytes (almost 3 hours), to open firefox (which came up with helpful message to reset it since so slow), any idea?

    Thank you,
    Bernard

  5. #5
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Not sure, it did delete a profile that was picked up as bad, you can go ahead and reset FF back to defaults

    • Open Firefox
    • Click on Help > Troubleshooting Information > Reset Firefox to its default state


    If it didnt help then uninstall FF and download and install the latest version

    http://www.mozilla.org/en-US/firefox...-requirements/
    Last edited by ken545; 2014-05-16 at 02:01.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  6. #6
    Member
    Join Date
    Dec 2008
    Posts
    56

    Default

    Ok, all done. Now I'm going to reset the router. Verizon said there is nothing to it, an IT guy said it's not so simple, will see

    Thanks for cleaning up all the computers! Will follow your guidelines from now on to stay safer...

  7. #7
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hello Bernard,

    Glad things are working for you again. To reset a regular router is very easy, but I think what you have through Verizon is a combo router and modem, not sure, if it was me I would pay for a service call from Verizon explaining the problems you have had and that you wanted it wiped clean and reset back up to get online. Any other problems please post back

    Ken
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  8. #8
    Member
    Join Date
    Dec 2008
    Posts
    56

    Default

    So I did have a guy come and help reset the router. The wired stuff was indeed easy, even the IP didn't change, but some wireless stuff was less simple. Changed passwords, upgraded from WEP to WPA...

    What's interesting is that internet pages load faster on all computers after this, so... (Except Third Computer, too old and sluggish, so I'm switching that one to Linux, never used before, i.e. it's like I have a brand new toy!)

    Bernard

  9. #9
    Security Expert ken545's Avatar
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Thats great , glad it all worked out for you

    Take Care,

    Ken
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •