Jump to content

Calnestitccher

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Never mind, I found it on my computer all along. Here they are- aswMBR aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-06-28 14:29:57 ----------------------------- 14:29:57.276 OS Version: Windows x64 6.1.7601 Service Pack 1 14:29:57.276 Number of processors: 2 586 0x170A 14:29:57.276 ComputerName: CALNESTITCHER UserName: Calnestitcher 14:30:00.037 Initialize success 14:32:01.165 AVAST engine defs: 12062800 14:32:28.168 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 14:32:28.184 Disk 0 Vendor: WDC_WD5000BEVT-60ZAT1 02.01A02 Size: 476940MB BusType: 11 14:32:28.184 Disk 0 MBR read successfully 14:32:28.199 Disk 0 MBR scan 14:32:28.199 Disk 0 Windows 7 default MBR code 14:32:28.199 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 462621 MB offset 63 14:32:28.262 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 14315 MB offset 947449856 14:32:28.324 Disk 0 scanning C:\Windows\system32\drivers 14:32:46.373 Service scanning 14:33:24.609 Modules scanning 14:33:24.625 Disk 0 trace - called modules: 14:33:24.671 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys >>UNKNOWN [0xfffffa8005e1b2c0]<<sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 14:33:24.687 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80064d1060] 14:33:24.703 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> [0xfffffa80064d0a10] 14:33:24.703 5 hpdskflt.sys[fffff88001dc0189] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005f44680] 14:33:24.718 \Driver\atapi[0xfffffa8005f23440] -> IRP_MJ_CREATE -> 0xfffffa8005e1b2c0 14:33:27.542 AVAST engine scan C:\Windows 14:33:30.693 AVAST engine scan C:\Windows\system32 14:38:49.419 AVAST engine scan C:\Windows\system32\drivers 14:39:11.992 AVAST engine scan C:\Users\Calnestitcher 14:41:59.428 AVAST engine scan C:\ProgramData 14:42:34.418 Scan finished successfully 14:43:02.327 Disk 0 MBR has been saved successfully to "C:\Users\Calnestitcher\Desktop\MBR.dat" 14:43:02.327 The log file has been saved successfully to "C:\Users\Calnestitcher\Desktop\aswMBR.txt" DDS . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Calnestitcher at 15:26:00 on 2012-06-28 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6111.4819 [GMT -4:00] . AV: Norton 360 Premier Edition *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1dd7c6fad1048e9e\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Hpservice.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\Tablet\Pen\Pen_TouchService.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1dd7c6fad1048e9e\AESTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Tablet\Pen\Pen_Tablet.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\Explorer.EXE C:\Program Files\Tablet\Pen\Pen_TouchUser.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files\Tablet\Pen\Pen_TabletUser.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Windows\System32\spool\drivers\x64\3\E_IATICDA.EXE C:\Program Files\Tablet\Pen\Pen_Tablet.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\PrintIsolationHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: {9194649F-7143-4308-90C1-D6A35B0E354E} - No File BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} uRun: [Google Update] "C:\Users\Calnestitcher\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [EPSON Stylus CX7400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDA.EXE /FU "C:\Windows\TEMP\E_S645E.tmp" /EF "HKCU" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{497ED35F-BA08-41A9-8BBB-5B05B3CF7B28} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{EF86821E-9D52-4F29-ADEC-2AC0BEAD7200} : DhcpNameServer = 10.0.0.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll BHO-X64: Norton Identity Protection - No File BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.DLL BHO-X64: Norton Vulnerability Protection - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: {9194649F-7143-4308-90C1-D6A35B0E354E} - No File BHO-X64: BHO_PROJECT - No File BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS [?] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS [?] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120619.001\BHDrvx64.sys [2012-6-19 1161376] R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys --> C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys [?] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120627.001\IDSviA64.sys [2012-6-28 509088] R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS [?] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\drivers\N360x64\0602010.005\SYMNETS.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\SYMNETS.SYS [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1dd7c6fad1048e9e\AESTSr64.exe [2012-6-18 89600] R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?] R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe [2012-6-20 138232] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-6-17 1153368] R2 Sentinel64;Sentinel64;C:\Windows\system32\Drivers\Sentinel64.sys --> C:\Windows\system32\Drivers\Sentinel64.sys [?] R2 SentinelKeysServer;Sentinel Keys Server;C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2007-4-27 316992] R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2012-6-15 5790064] R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2012-6-15 487280] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-6-22 138912] R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-13 257224] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-06-28 00:48:24 80024 ----a-w- C:\Windows\SysWow64\PICSDK.dll 2012-06-28 00:48:24 51360 ----a-w- C:\Windows\SysWow64\EpPicPrt.dll 2012-06-28 00:48:24 51360 ----a-w- C:\Windows\SysWow64\EpPicMgr.dll 2012-06-28 00:48:24 501912 ----a-w- C:\Windows\SysWow64\PICSDK2.dll 2012-06-28 00:48:24 108704 ----a-w- C:\Windows\SysWow64\PICEntry.dll 2012-06-28 00:48:13 -------- d-----w- C:\ProgramData\EPSON 2012-06-28 00:45:39 -------- d-----w- C:\Program Files\EPSON 2012-06-28 00:45:21 101376 ----a-w- C:\Windows\System32\esxcwiad.dll 2012-06-28 00:45:21 -------- d-----w- C:\Program Files (x86)\epson 2012-06-27 01:55:21 -------- d-----w- C:\Windows\JMCR_DIR 2012-06-27 01:55:11 109568 ----a-w- C:\Windows\SysWow64\JmCrIcon.dll 2012-06-27 01:55:11 109568 ----a-w- C:\Windows\System32\JmCrIcon.dll 2012-06-27 01:51:24 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\ElevatedDiagnostics 2012-06-27 00:04:19 43640 ----a-r- C:\Windows\System32\drivers\SymIMV.sys 2012-06-24 23:25:42 142120 ----a-w- C:\Windows\System32\drivers\sentinel64.sys 2012-06-24 23:25:21 -------- d-----w- C:\Program Files (x86)\SafeNet Sentinel 2012-06-24 23:25:19 -------- d-----w- C:\Program Files (x86)\Common Files\SafeNet Sentinel 2012-06-24 23:23:58 -------- d-----w- C:\Windows\Downloaded Installations 2012-06-24 23:22:56 -------- d-----w- C:\Program Files\NewTek 2012-06-22 11:37:09 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-22 11:36:42 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-22 11:36:13 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-22 11:36:13 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-21 04:28:22 -------- d-----w- C:\Program Files\Paint.NET 2012-06-21 04:27:43 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Paint.NET 2012-06-21 03:20:54 -------- d--h--w- C:\ProgramData\Common Files 2012-06-21 03:20:35 -------- d-----w- C:\Program Files (x86)\GRETECH 2012-06-20 18:05:15 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared 2012-06-20 16:37:30 -------- d-----w- C:\Users\Calnestitcher\Tracing 2012-06-20 16:36:00 737912 ----a-r- C:\Windows\System32\drivers\N360x64\0602010.005\srtsp64.sys 2012-06-20 16:36:00 451192 ----a-r- C:\Windows\System32\drivers\N360x64\0602010.005\SymDS64.sys 2012-06-20 16:36:00 405624 ----a-r- C:\Windows\System32\drivers\N360x64\0602010.005\symnets.sys 2012-06-20 16:36:00 37496 ----a-r- C:\Windows\System32\drivers\N360x64\0602010.005\srtspx64.sys 2012-06-20 16:36:00 190072 ----a-r- C:\Windows\System32\drivers\N360x64\0602010.005\Ironx64.sys 2012-06-20 16:36:00 167048 ----a-r- C:\Windows\System32\drivers\N360x64\0602010.005\ccSetx64.sys 2012-06-20 16:36:00 1092728 ----a-r- C:\Windows\System32\drivers\N360x64\0602010.005\SymEFA64.sys 2012-06-20 16:35:53 -------- d-----w- C:\Windows\System32\drivers\N360x64\0602010.005 2012-06-19 16:06:27 -------- d-----w- C:\Windows\en 2012-06-19 16:03:54 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2012-06-19 16:00:47 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys 2012-06-19 16:00:14 -------- d-----w- C:\Windows\PCHEALTH 2012-06-19 15:57:48 -------- d-----w- C:\Program Files (x86)\Microsoft 2012-06-19 15:54:51 7450888 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d83468991cd4e3308\bingbarsetup.exe 2012-06-19 15:54:32 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d082e09d1cd4e3307\MeshBetaRemover.exe 2012-06-19 15:54:23 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c9ecdaa81cd4e3306\DSETUP.dll 2012-06-19 15:54:23 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c9ecdaa81cd4e3306\DXSETUP.exe 2012-06-19 15:54:23 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c9ecdaa81cd4e3306\dsetup32.dll 2012-06-19 15:54:16 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c542813d1cd4e3305\DSETUP.dll 2012-06-19 15:54:16 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c542813d1cd4e3305\DXSETUP.exe 2012-06-19 15:54:16 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c542813d1cd4e3305\dsetup32.dll 2012-06-19 15:54:08 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bf2078d11cd4e3304\Silverlight.4.0.exe 2012-06-19 15:53:21 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Windows Live 2012-06-19 15:53:19 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2012-06-19 01:09:19 -------- d-----w- C:\Program Files (x86)\VideoLAN 2012-06-19 00:41:02 68608 ----a-w- C:\Windows\System32\AESTAR64.dll 2012-06-19 00:41:02 431104 ----a-w- C:\Windows\System32\AESTEC64.dll 2012-06-19 00:41:02 165888 ----a-w- C:\Windows\System32\AESTAC64.dll 2012-06-19 00:41:00 90624 ----a-w- C:\Windows\System32\AESTCo64.dll 2012-06-19 00:41:00 564224 ----a-w- C:\Windows\System32\idt64mp1.exe 2012-06-19 00:41:00 442368 ----a-w- C:\Windows\sttray64.exe 2012-06-19 00:41:00 3562496 ----a-w- C:\Windows\System32\stlang64.dll 2012-06-19 00:41:00 12147200 ----a-w- C:\Windows\System32\idtcpl64.cpl 2012-06-19 00:40:59 -------- d-----w- C:\Windows\System32\SRSLabs 2012-06-19 00:40:21 486400 ----a-w- C:\Windows\System32\drivers\stwrt64.sys 2012-06-19 00:40:21 431616 ----a-w- C:\Windows\System32\stcplx64.dll 2012-06-19 00:40:21 1430528 ----a-w- C:\Windows\System32\stapo64.dll 2012-06-19 00:40:20 595456 ------w- C:\Windows\System32\stapi64.dll 2012-06-19 00:40:20 206848 ----a-w- C:\Windows\System32\st646207.dll 2012-06-19 00:40:10 -------- d-----w- C:\Program Files\IDT 2012-06-18 05:11:43 -------- d-----w- C:\Users\Calnestitcher\AppData\Roaming\Malwarebytes 2012-06-18 05:11:33 -------- d-----w- C:\ProgramData\Malwarebytes 2012-06-18 05:11:32 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-18 05:11:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-06-18 04:43:04 30760 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2012-06-18 04:43:04 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll 2012-06-18 04:43:04 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll 2012-06-18 04:42:34 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2012-06-18 04:42:34 -------- d-----w- C:\Program Files\Symantec 2012-06-18 04:42:34 -------- d-----w- C:\Program Files\Common Files\Symantec Shared 2012-06-18 04:41:36 -------- d-----w- C:\Windows\System32\drivers\N360x64 2012-06-18 04:41:34 -------- d-----w- C:\ProgramData\Symantec 2012-06-18 04:41:34 -------- d-----w- C:\Program Files (x86)\Norton 360 2012-06-18 04:41:33 -------- d-----w- C:\ProgramData\Norton 2012-06-18 04:41:12 -------- d-----w- C:\ProgramData\NortonInstaller 2012-06-18 04:41:12 -------- d-----w- C:\Program Files (x86)\NortonInstaller 2012-06-18 03:09:22 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2012-06-18 03:09:22 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-06-18 02:49:53 -------- d-----w- C:\Users\Calnestitcher\AppData\Roaming\BucksBee Loyalty Plugin - 100884.rs for Chrome 2012-06-18 02:49:27 -------- d-----w- C:\Program Files (x86)\OApps 2012-06-18 01:49:20 49152 ----a-r- C:\Users\Calnestitcher\AppData\Roaming\Microsoft\Installer\{502499DC-2EDB-45A2-8F7C-83E6E5DE067E}\NewShortcut1_502499DC2EDB45A28F7C83E6E5DE067E.exe 2012-06-18 01:44:06 49152 ----a-r- C:\Users\Calnestitcher\AppData\Roaming\Microsoft\Installer\{C109AF5B-69D0-4C93-B360-F28D9FAB6084}\NewShortcut1_C109AF5B69D04C93B360F28D9FAB6084.exe 2012-06-17 18:32:08 -------- d-----w- C:\Users\Calnestitcher\AppData\Roaming\Blender Foundation 2012-06-17 18:30:55 -------- d-----w- C:\Users\Calnestitcher\.thumbnails 2012-06-17 18:30:25 -------- d-----w- C:\Program Files\Blender Foundation 2012-06-17 16:53:18 49152 ----a-r- C:\Users\Calnestitcher\AppData\Roaming\Microsoft\Installer\{FD1E17BC-2956-4AD7-B937-D23F06F1A5E8}\NewShortcut1_FD1E17BC29564AD7B937D23F06F1A5E8.exe 2012-06-17 09:16:09 560184 ----a-w- C:\Windows\System32\drivers\sptd.sys 2012-06-17 09:15:52 -------- d-----w- C:\Users\Calnestitcher\AppData\Roaming\DAEMON Tools Lite 2012-06-17 09:15:48 -------- d-----w- C:\Users\Calnestitcher\AppData\Roaming\OpenCandy 2012-06-17 09:15:48 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite 2012-06-17 09:14:28 -------- d-----w- C:\ProgramData\DAEMON Tools Lite 2012-06-17 09:12:49 -------- d-----w- C:\ProgramData\DAEMON Tools Pro 2012-06-17 06:51:59 73544 ----a-w- C:\Windows\System32\XAPOFX1_3.dll 2012-06-17 06:47:12 -------- d-----w- C:\Windows\SysWow64\directx 2012-06-17 06:39:37 1391104 ----a-w- C:\apploc.msi 2012-06-16 19:29:18 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Apple Computer 2012-06-16 19:28:16 -------- d-----w- C:\Program Files\iPod 2012-06-16 19:28:15 -------- d-----w- C:\Program Files\iTunes 2012-06-16 19:28:15 -------- d-----w- C:\Program Files (x86)\iTunes 2012-06-16 19:27:37 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Apple 2012-06-16 19:27:07 -------- d-----w- C:\Program Files\Bonjour 2012-06-16 19:27:07 -------- d-----w- C:\Program Files (x86)\Bonjour 2012-06-15 22:55:33 -------- d-----w- C:\Program Files (x86)\Bamboo Dock 2012-06-15 22:53:29 642928 ------w- C:\Windows\SysWow64\Pen_Touch_Tablet.dll 2012-06-15 22:53:29 -------- d-----w- C:\Users\Calnestitcher\AppData\Roaming\WTablet 2012-06-15 22:53:28 749936 ------w- C:\Windows\System32\Pen_Touch_Tablet.dll 2012-06-15 22:53:19 -------- d-----w- C:\Program Files (x86)\TabletPlugins 2012-06-15 22:52:43 18288 ----a-w- C:\Windows\System32\drivers\wacmoumonitor.sys 2012-06-15 22:52:38 12848 ----a-w- C:\Windows\System32\drivers\wacommousefilter.sys 2012-06-15 22:52:03 16168 ----a-w- C:\Windows\System32\drivers\wacomvhid.sys 2012-06-15 22:52:00 506736 ------w- C:\Windows\SysWow64\Wintab32.dll 2012-06-15 22:51:58 600432 ------w- C:\Windows\System32\Wintab32.dll 2012-06-15 22:51:57 650096 ------w- C:\Windows\SysWow64\Pen_Tablet.dll 2012-06-15 22:51:55 756592 ------w- C:\Windows\System32\Pen_Tablet.dll 2012-06-15 22:51:39 -------- d-----w- C:\Program Files\Tablet 2012-06-14 22:13:18 -------- d-----w- C:\Program Files (x86)\Pixologic 2012-06-14 22:11:43 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Downloaded Installations 2012-06-14 20:22:12 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll 2012-06-14 20:22:09 -------- d-----w- C:\Program Files (x86)\HP 2012-06-14 19:49:09 -------- d-----w- C:\Windows\SysWow64\Wat 2012-06-14 19:49:08 -------- d-----w- C:\Windows\System32\Wat 2012-06-14 19:30:59 995328 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2012-06-14 19:18:50 -------- d-----w- C:\Windows\System32\SPReview 2012-06-14 19:17:51 -------- d-----w- C:\Windows\System32\EventProviders 2012-06-14 19:16:06 48976 ----a-w- C:\Windows\System32\netfxperf.dll 2012-06-14 19:16:06 1942856 ----a-w- C:\Windows\System32\dfshim.dll 2012-06-14 19:14:59 4247040 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe 2012-06-14 19:13:59 82944 ----a-w- C:\Windows\SysWow64\thumbcache.dll 2012-06-14 19:12:59 189952 ----a-w- C:\Windows\SysWow64\sqmapi.dll 2012-06-14 19:12:44 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll 2012-06-14 19:12:44 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll 2012-06-14 19:12:44 189952 ----a-w- C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll 2012-06-14 19:12:12 529408 ----a-w- C:\Windows\System32\wbemcomn.dll 2012-06-14 19:12:12 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll 2012-06-14 19:12:10 244736 ----a-w- C:\Windows\System32\sqmapi.dll 2012-06-14 18:51:52 1139200 ----a-w- C:\Windows\System32\FntCache.dll 2012-06-14 18:51:51 902656 ----a-w- C:\Windows\System32\d2d1.dll 2012-06-14 18:51:51 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2012-06-14 02:15:25 -------- d-----w- C:\Windows\System32\appmgmt 2012-06-14 00:35:18 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-06-14 00:35:18 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-06-14 00:35:18 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-06-14 00:35:18 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-06-14 00:35:18 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-06-14 00:35:18 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-06-14 00:35:18 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-06-13 21:13:29 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Google 2012-06-13 21:13:15 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Deployment 2012-06-13 21:13:15 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Apps 2012-06-13 21:09:21 -------- d-----w- C:\Program Files\Synaptics 2012-06-13 19:26:58 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-13 19:26:58 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-13 18:24:57 142336 ----a-w- C:\Windows\System32\poqexec.exe 2012-06-13 18:23:57 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-13 18:22:46 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll 2012-06-13 18:22:45 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2012-06-13 18:22:33 1395712 ----a-w- C:\Windows\System32\mfc42.dll 2012-06-13 18:22:33 1359872 ----a-w- C:\Windows\System32\mfc42u.dll 2012-06-13 18:22:33 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll 2012-06-13 18:22:32 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll 2012-06-13 18:20:48 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-06-13 18:19:48 642944 ----a-w- C:\Windows\System32\winload.efi 2012-06-13 18:18:53 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe 2012-06-13 18:14:09 -------- d-----w- C:\Windows\Panther 2012-06-13 18:07:34 1731920 ----a-w- C:\Windows\System32\ntdll.dll 2012-06-13 18:07:34 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll 2012-06-13 18:03:55 -------- d-----w- C:\Windows.old 2012-06-13 17:55:21 -------- d-sh--w- C:\Windows\Installer 2012-06-13 17:55:09 637544 ----a-w- C:\Windows\System32\nvuninst.exe 2012-06-13 17:53:43 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-06-13 17:53:43 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-06-13 17:53:43 20992 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys 2012-06-13 17:53:43 162816 ----a-w- C:\Windows\System32\rdpudd.dll 2012-06-13 17:53:43 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-06-13 17:50:57 -------- d-sh--w- C:\Recovery 2012-06-13 14:34:00 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3CE4D1F-AEF6-409B-BCF9-CBBB00415932}\mpengine.dll 2012-06-13 14:34:00 279656 ------w- C:\Windows\System32\MpSigStub.exe . ==================== Find3M ==================== . 2012-06-14 19:30:59 91648 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe 2012-06-14 19:30:59 85504 ----a-w- C:\Windows\System32\iesetup.dll 2012-06-14 19:30:59 76800 ----a-w- C:\Windows\System32\tdc.ocx 2012-06-14 19:30:59 49664 ----a-w- C:\Windows\System32\imgutil.dll 2012-06-14 19:30:59 48640 ----a-w- C:\Windows\System32\mshtmler.dll 2012-06-14 19:30:59 448512 ----a-w- C:\Windows\System32\html.iec 2012-06-14 19:30:59 30720 ----a-w- C:\Windows\System32\licmgr10.dll 2012-06-14 19:30:59 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-14 19:30:59 135168 ----a-w- C:\Windows\System32\IEAdvpack.dll 2012-06-14 19:30:59 111616 ----a-w- C:\Windows\System32\iesysprep.dll 2012-06-14 19:30:58 603648 ----a-w- C:\Windows\System32\vbscript.dll 2012-06-14 19:30:58 165888 ----a-w- C:\Windows\System32\iexpress.exe 2012-06-14 19:30:58 160256 ----a-w- C:\Windows\System32\wextract.exe 2012-06-14 19:24:05 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2012-06-14 19:24:04 175616 ----a-w- C:\Windows\System32\msclmd.dll 2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 05:32:05 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-25 19:11:36 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys 2012-04-25 19:11:36 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll . ============= FINISH: 15:27:30.63 =============== mbam Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.28.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Calnestitcher :: CALNESTITCHER [administrator] 6/28/2012 2:20:34 PM mbam-log-2012-06-28 (14-20-34).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 202280 Time elapsed: 3 minute(s), 7 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Sorry for the mistake earlier.
  2. I fallowed your instructions except to do a fresh DDS log, I do not know what that is. Thank you for your fast reply. How ever, before I posted your reply and a few restarts, I may not know what I did but I deleted some things I didn't think should be in the hijackthis log. (after I checked many of the things it found that I did not know what they were. ) The computer is running smoothly now as it should but fun mods didn't go away, neither the aspca reminder thing. After your reply I fallowed your instructions except the DDS thing. Could you tell me what that is? I shall post the other logs after you reply. Also, Malwarebytes didn't find any malicious malware even after fallowing all your instructions. Thank you.
  3. My computer is over heating and there are many (missing) files in my hijackthis log which I don't know what they are. Also I removed (or think I removed) funmods but not aspca we care whatever the name is. I included my log file of hijack this since malwarebytes didn't find anything. I doubt it is not the fan because my cpu is running at 50 to 100% sometimes. Also included the Attach and DDS as requested. Thank you. Attach.txt DDS.txt hijackthis.log
  4. My computer is over heating and there are many (missing) files in my hijackthis log which I don't know what they are. Also I removed (or think I removed) funmods but not aspca we care whatever the name is. I included my log file of hijack this since malwarebytes didn't find anything. I doubt it is not the fan because my cpu is running at 50 to 100% sometimes. I came here because the hijack this site said I could post my log file here. If I made a mistake, I apologize in advance. Thank you. hijackthis.log
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.