View Single Post
 
Old 08-26-2012, 08:58 PM
Gen. D's Avatar
Gen. D Gen. D is offline
Major Member
 
Join Date: Dec 2003
Location: Las Vegas, Nv
Posts: 1,157
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1
Run by Roy Holland at 18:52:08 on 2012-08-26
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.2577 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
C:\Program Files\Avanquest\Fix-It\AVQWinMonEngine.exe
C:\PROGRA~1\AVANQU~1\Fix-It\mxtask.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\StkASv2K.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt. exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\PROGRA~1\AVANQU~1\Fix-It\mxtask2.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Paragon Software\System Backup 10.5 Special Edition\program\dbhagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Paragon Software\System Backup 10.5 Special Edition\program\dbhservice.exe
C:\Program Files\Warecentral\PrintKey-Pro\PKey_Pro.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\PROGRA~1\Inbox\CToolbar.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
c:\PROGRA~1\Inbox\CMail.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchnu.com/421
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\prxtbOnl1.dll
uURLSearchHooks: InternetHelper Toolbar: {9d0f7eb2-452d-4766-b535-8d23e36c300e} - c:\program files\internethelper\prxtbInte.dll
uURLSearchHooks: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - c:\program files\myashampoo\prxtbMyA0.dll
mURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\prxtbOnl1.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\search~1\datamngr\toolbar\searchqudtx. dll
BHO: InternetHelper Toolbar: {9d0f7eb2-452d-4766-b535-8d23e36c300e} - c:\program files\internethelper\prxtbInte.dll
BHO: DataMngr: {9d717f81-9148-4f12-8568-69135f087db0} - c:\progra~1\search~1\datamngr\BROWSE~1.DLL
BHO: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - c:\program files\myashampoo\prxtbMyA0.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\s wg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: WiseConvert Toolbar: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - c:\program files\wiseconvert\prxtbWis0.dll
TB: Online Radio 1.1 Toolbar: {343db173-0e5a-4f2a-b7bb-71a49085d70e} - c:\program files\online_radio_1.1\prxtbOnl1.dll
TB: &Inbox.com Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} -
TB: WiseConvert Toolbar: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - c:\program files\wiseconvert\prxtbWis0.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\search~1\datamngr\toolbar\searchqudtx. dll
TB: !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: InternetHelper Toolbar: {9d0f7eb2-452d-4766-b535-8d23e36c300e} - c:\program files\internethelper\prxtbInte.dll
TB: MyAshampoo Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - c:\program files\myashampoo\prxtbMyA0.dll
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - No File
uRun: [EPSON Stylus CX4400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatic aa.exe /fu "c:\windows\temp\E_SCC.tmp" /EF "HKCU"
uRun: [EPSON Stylus CX4400 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatic aa.exe /fu "c:\windows\temp\E_SD3.tmp" /EF "HKCU"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [EPSON Stylus Photo 1400 Series (Copy 2)] c:\windows\system32\spool\drivers\w32x86\3\e_fatib ua.exe /fu "c:\windows\temp\E_S1B.tmp" /EF "HKCU"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [SPMTray] "c:\program files\pc speed maximizer\SPMTray.exe"
uRun: [CrawlerMail] c:\progra~1\inbox\cmail.exe /startup
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNo tifier.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.e xe"
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [DBHAgent] c:\program files\paragon software\system backup 10.5 special edition\program\dbhagent.exe
mRun: [DATAMNGR] c:\progra~1\search~1\datamngr\DATAMN~1.EXE
StartupFolder: c:\docume~1\royhol~1\startm~1\programs\startup\ope nof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pri ntk~1.lnk - c:\program files\warecentral\printkey-pro\PKey_Pro.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\win dow~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Inbox Search - tbr:iemenu
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
LSP: %SYSTEMROOT%\system32\nvLsp.dll
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{C4253DB4-7C6B-4AB4-B7F4-556B978E3C72} : DhcpNameServer = 192.168.0.1
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
AppInit_DLLs: c:\progra~1\search~1\datamngr\datamngr.dll c:\progra~1\search~1\datamngr\IEBHO.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
============= SERVICES / DRIVERS ===============
.
R0 hotcore3;hc3ServiceName;c:\windows\system32\driver s\hotcore3.sys [2010-11-27 58568]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\adobe\elements 9 organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408]
R2 AvanquestWindowsMonitorService;AvanquestWindowsMon itorService;c:\program files\avanquest\fix-it\AVQWinMonEngine.exe [2010-10-8 328704]
R2 Fix-It Essentials Task Manager;Fix-It Essentials Task Manager;c:\progra~1\avanqu~1\fix-it\mxtask.exe -service --> c:\progra~1\avanqu~1\fix-it\mxtask.exe -Service [?]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-2-14 655944]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-4-19 2218600]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\dr ivers\mbam.sys [2012-7-17 22344]
R3 Paragon System Backup Service;Paragon System Backup Service;c:\program files\paragon software\system backup 10.5 special edition\program\dbhservice.exe [2011-10-6 160048]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\ v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-11-26 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPl ayerUpdateService.exe [2012-5-15 250056]
S3 ampa;ampa;c:\windows\system32\ampa.sys [2012-4-28 10936]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2012-7-14 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2012-7-14 8456]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-11-26 136176]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2006-2-28 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30 319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-08-27 00:17:56 -------- d-----w- c:\program files\CCleaner
2012-08-26 07:19:24 35008 ----a-w- c:\windows\system32\mxntdfg.exe
2012-08-26 07:19:22 -------- d-----w- c:\documents and settings\all users\application data\Avanquest
2012-08-26 07:18:03 -------- d--h--w- C:\_Backup
2012-08-26 07:17:36 -------- d-----w- c:\documents and settings\roy holland\application data\Avanquest
2012-08-26 07:12:56 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2012-08-26 02:20:30 7023536 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0509a289-37ba-4a21-8782-a712a5ca2d34}\mpengine.dll
2012-08-24 22:39:53 7023536 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-08-24 01:40:58 -------- d-----w- c:\documents and settings\roy holland\local settings\application data\MyAshampoo
2012-08-24 01:40:57 -------- d-----w- c:\program files\MyAshampoo
2012-08-24 01:40:53 -------- d-----w- c:\documents and settings\roy holland\local settings\application data\ashampoo
2012-08-24 01:40:53 -------- d-----w- c:\documents and settings\all users\application data\ashampoo
2012-08-22 22:47:07 -------- d-----w- c:\documents and settings\all users\application data\clonehdd
2012-08-22 21:10:39 -------- d-----w- C:\archdb
2012-08-22 21:06:35 -------- d-----w- c:\documents and settings\all users\application data\Paragon
2012-08-22 20:35:06 -------- d-----w- c:\documents and settings\roy holland\local settings\application data\InternetHelper
2012-08-22 20:35:03 -------- d-----w- c:\program files\InternetHelper
2012-08-20 19:29:37 -------- d-sh--r- C:\_Backup.RC
2012-08-20 19:29:35 -------- d--h--w- C:\VCOM
2012-08-20 19:29:04 -------- d-----w- c:\documents and settings\roy holland\application data\VCOM
2012-08-20 19:28:44 -------- d-----w- c:\program files\VCOM
2012-08-12 18:02:35 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-12 18:02:35 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-11 03:32:31 61440 ----a-w- c:\windows\system32\CIUtils.dll
2012-08-11 03:32:30 -------- d-----w- c:\program files\Franzis
2012-08-03 21:11:59 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-08-03 21:11:59 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-08-03 21:11:53 -------- d-----w- c:\windows\Logs
2012-08-03 21:11:40 -------- d-----w- c:\program files\DVDFab Media Player
.
==================== Find3M ====================
.
2012-07-20 06:49:11 558133 ----a-w- c:\windows\system32\sqlite3.dll
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 20:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49:32 43520 ------w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49:32 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05:43 385024 ------w- c:\windows\system32\html.iec
2012-06-26 06:02:53 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-05 00:35:26 222448 ----a-w- c:\windows\system32\muweb.dll
2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 22:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 22:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 22:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 22:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 22:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 22:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 22:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
.
============= FINISH: 18:52:42.06 ===============
Hope this is what is required .
__________________
ASUS CM6730 COMPUTER, WINDOWS 8.1, i3 PROC., 6 G RAM,. Epson XP 600 Scanner/ printer, EPSON stylus, NX230 scanner/printer, Artisan 1430 PRINTER, ALTEC Snd sys. ViewSonic 22" Monitor. EXT. 1 TB HD .
Reply With Quote