Calnestitccher
Members-
Posts
4 -
Joined
-
Last visited
Reputation
0 Neutral-
Never mind, I found it on my computer all along. Here they are- aswMBR aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-06-28 14:29:57 ----------------------------- 14:29:57.276 OS Version: Windows x64 6.1.7601 Service Pack 1 14:29:57.276 Number of processors: 2 586 0x170A 14:29:57.276 ComputerName: CALNESTITCHER UserName: Calnestitcher 14:30:00.037 Initialize success 14:32:01.165 AVAST engine defs: 12062800 14:32:28.168 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 14:32:28.184 Disk 0 Vendor: WDC_WD5000BEVT-60ZAT1 02.01A02 Size: 476940MB BusType: 11 14:32:28.184 Disk 0 MBR read successfully 14:32:28.199 Disk 0 MBR scan 14:32:28.199 Disk 0 Windows 7 default MBR code 14:32:28.199 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 462621 MB offset 63 14:32:28.262 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 14315 MB offset 947449856 14:32:28.324 Disk 0 scanning C:\Windows\system32\drivers 14:32:46.373 Service scanning 14:33:24.609 Modules scanning 14:33:24.625 Disk 0 trace - called modules: 14:33:24.671 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys >>UNKNOWN [0xfffffa8005e1b2c0]<<sptd.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 14:33:24.687 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80064d1060] 14:33:24.703 3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> [0xfffffa80064d0a10] 14:33:24.703 5 hpdskflt.sys[fffff88001dc0189] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005f44680] 14:33:24.718 \Driver\atapi[0xfffffa8005f23440] -> IRP_MJ_CREATE -> 0xfffffa8005e1b2c0 14:33:27.542 AVAST engine scan C:\Windows 14:33:30.693 AVAST engine scan C:\Windows\system32 14:38:49.419 AVAST engine scan C:\Windows\system32\drivers 14:39:11.992 AVAST engine scan C:\Users\Calnestitcher 14:41:59.428 AVAST engine scan C:\ProgramData 14:42:34.418 Scan finished successfully 14:43:02.327 Disk 0 MBR has been saved successfully to "C:\Users\Calnestitcher\Desktop\MBR.dat" 14:43:02.327 The log file has been saved successfully to "C:\Users\Calnestitcher\Desktop\aswMBR.txt" DDS . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Calnestitcher at 15:26:00 on 2012-06-28 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6111.4819 [GMT -4:00] . AV: Norton 360 Premier Edition *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1dd7c6fad1048e9e\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Hpservice.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\Tablet\Pen\Pen_TouchService.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1dd7c6fad1048e9e\AESTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Tablet\Pen\Pen_Tablet.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe C:\Windows\system32\Dwm.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\Explorer.EXE C:\Program Files\Tablet\Pen\Pen_TouchUser.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files\Tablet\Pen\Pen_TabletUser.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Windows\System32\spool\drivers\x64\3\E_IATICDA.EXE C:\Program Files\Tablet\Pen\Pen_Tablet.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\PrintIsolationHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: {9194649F-7143-4308-90C1-D6A35B0E354E} - No File BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} uRun: [Google Update] "C:\Users\Calnestitcher\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [EPSON Stylus CX7400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDA.EXE /FU "C:\Windows\TEMP\E_S645E.tmp" /EF "HKCU" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{497ED35F-BA08-41A9-8BBB-5B05B3CF7B28} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{EF86821E-9D52-4F29-ADEC-2AC0BEAD7200} : DhcpNameServer = 10.0.0.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll BHO-X64: Norton Identity Protection - No File BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\IPS\IPSBHO.DLL BHO-X64: Norton Vulnerability Protection - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: {9194649F-7143-4308-90C1-D6A35B0E354E} - No File BHO-X64: BHO_PROJECT - No File BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\coIEPlg.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" . ============= SERVICES / DRIVERS =============== . R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS [?] R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS [?] R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120619.001\BHDrvx64.sys [2012-6-19 1161376] R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys --> C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys [?] R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120627.001\IDSviA64.sys [2012-6-28 509088] R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS [?] R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\drivers\N360x64\0602010.005\SYMNETS.SYS --> C:\Windows\system32\drivers\N360x64\0602010.005\SYMNETS.SYS [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1dd7c6fad1048e9e\AESTSr64.exe [2012-6-18 89600] R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?] R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe [2012-6-20 138232] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-6-17 1153368] R2 Sentinel64;Sentinel64;C:\Windows\system32\Drivers\Sentinel64.sys --> C:\Windows\system32\Drivers\Sentinel64.sys [?] R2 SentinelKeysServer;Sentinel Keys Server;C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2007-4-27 316992] R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2012-6-15 5790064] R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2012-6-15 487280] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-6-22 138912] R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-13 257224] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-06-28 00:48:24 80024 ----a-w- C:\Windows\SysWow64\PICSDK.dll 2012-06-28 00:48:24 51360 ----a-w- C:\Windows\SysWow64\EpPicPrt.dll 2012-06-28 00:48:24 51360 ----a-w- C:\Windows\SysWow64\EpPicMgr.dll 2012-06-28 00:48:24 501912 ----a-w- C:\Windows\SysWow64\PICSDK2.dll 2012-06-28 00:48:24 108704 ----a-w- C:\Windows\SysWow64\PICEntry.dll 2012-06-28 00:48:13 -------- d-----w- C:\ProgramData\EPSON 2012-06-28 00:45:39 -------- d-----w- C:\Program Files\EPSON 2012-06-28 00:45:21 101376 ----a-w- C:\Windows\System32\esxcwiad.dll 2012-06-28 00:45:21 -------- d-----w- C:\Program Files (x86)\epson 2012-06-27 01:55:21 -------- d-----w- C:\Windows\JMCR_DIR 2012-06-27 01:55:11 109568 ----a-w- C:\Windows\SysWow64\JmCrIcon.dll 2012-06-27 01:55:11 109568 ----a-w- C:\Windows\System32\JmCrIcon.dll 2012-06-27 01:51:24 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\ElevatedDiagnostics 2012-06-27 00:04:19 43640 ----a-r- C:\Windows\System32\drivers\SymIMV.sys 2012-06-24 23:25:42 142120 ----a-w- C:\Windows\System32\drivers\sentinel64.sys 2012-06-24 23:25:21 -------- d-----w- C:\Program Files (x86)\SafeNet Sentinel 2012-06-24 23:25:19 -------- d-----w- C:\Program Files (x86)\Common Files\SafeNet Sentinel 2012-06-24 23:23:58 -------- d-----w- C:\Windows\Downloaded Installations 2012-06-24 23:22:56 -------- d-----w- C:\Program Files\NewTek 2012-06-22 11:37:09 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-22 11:36:42 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-22 11:36:13 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-22 11:36:13 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-21 04:28:22 -------- d-----w- C:\Program Files\Paint.NET 2012-06-21 04:27:43 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Paint.NET 2012-06-21 03:20:54 -------- d--h--w- C:\ProgramData\Common Files 2012-06-21 03:20:35 -------- d-----w- C:\Program Files (x86)\GRETECH 2012-06-20 18:05:15 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared 2012-06-20 16:37:30 -------- d-----w- C:\Users\Calnestitcher\Tracing 2012-06-20 16:36:00 737912 ----a-r- C:\Windows\System32\drivers\N360x64\0602010.005\srtsp64.sys 2012-06-20 16:36:00 451192 ----a-r- C:\Windows\System32\drivers\N360x64\0602010.005\SymDS64.sys 2012-06-20 16:36:00 405624 ----a-r- C:\Windows\System32\drivers\N360x64\0602010.005\symnets.sys 2012-06-20 16:36:00 37496 ----a-r- C:\Windows\System32\drivers\N360x64\0602010.005\srtspx64.sys 2012-06-20 16:36:00 190072 ----a-r- C:\Windows\System32\drivers\N360x64\0602010.005\Ironx64.sys 2012-06-20 16:36:00 167048 ----a-r- C:\Windows\System32\drivers\N360x64\0602010.005\ccSetx64.sys 2012-06-20 16:36:00 1092728 ----a-r- C:\Windows\System32\drivers\N360x64\0602010.005\SymEFA64.sys 2012-06-20 16:35:53 -------- d-----w- C:\Windows\System32\drivers\N360x64\0602010.005 2012-06-19 16:06:27 -------- d-----w- C:\Windows\en 2012-06-19 16:03:54 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2012-06-19 16:00:47 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys 2012-06-19 16:00:14 -------- d-----w- C:\Windows\PCHEALTH 2012-06-19 15:57:48 -------- d-----w- C:\Program Files (x86)\Microsoft 2012-06-19 15:54:51 7450888 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d83468991cd4e3308\bingbarsetup.exe 2012-06-19 15:54:32 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d082e09d1cd4e3307\MeshBetaRemover.exe 2012-06-19 15:54:23 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c9ecdaa81cd4e3306\DSETUP.dll 2012-06-19 15:54:23 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c9ecdaa81cd4e3306\DXSETUP.exe 2012-06-19 15:54:23 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c9ecdaa81cd4e3306\dsetup32.dll 2012-06-19 15:54:16 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c542813d1cd4e3305\DSETUP.dll 2012-06-19 15:54:16 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c542813d1cd4e3305\DXSETUP.exe 2012-06-19 15:54:16 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c542813d1cd4e3305\dsetup32.dll 2012-06-19 15:54:08 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\bf2078d11cd4e3304\Silverlight.4.0.exe 2012-06-19 15:53:21 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Windows Live 2012-06-19 15:53:19 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2012-06-19 01:09:19 -------- d-----w- C:\Program Files (x86)\VideoLAN 2012-06-19 00:41:02 68608 ----a-w- C:\Windows\System32\AESTAR64.dll 2012-06-19 00:41:02 431104 ----a-w- C:\Windows\System32\AESTEC64.dll 2012-06-19 00:41:02 165888 ----a-w- C:\Windows\System32\AESTAC64.dll 2012-06-19 00:41:00 90624 ----a-w- C:\Windows\System32\AESTCo64.dll 2012-06-19 00:41:00 564224 ----a-w- C:\Windows\System32\idt64mp1.exe 2012-06-19 00:41:00 442368 ----a-w- C:\Windows\sttray64.exe 2012-06-19 00:41:00 3562496 ----a-w- C:\Windows\System32\stlang64.dll 2012-06-19 00:41:00 12147200 ----a-w- C:\Windows\System32\idtcpl64.cpl 2012-06-19 00:40:59 -------- d-----w- C:\Windows\System32\SRSLabs 2012-06-19 00:40:21 486400 ----a-w- C:\Windows\System32\drivers\stwrt64.sys 2012-06-19 00:40:21 431616 ----a-w- C:\Windows\System32\stcplx64.dll 2012-06-19 00:40:21 1430528 ----a-w- C:\Windows\System32\stapo64.dll 2012-06-19 00:40:20 595456 ------w- C:\Windows\System32\stapi64.dll 2012-06-19 00:40:20 206848 ----a-w- C:\Windows\System32\st646207.dll 2012-06-19 00:40:10 -------- d-----w- C:\Program Files\IDT 2012-06-18 05:11:43 -------- d-----w- C:\Users\Calnestitcher\AppData\Roaming\Malwarebytes 2012-06-18 05:11:33 -------- d-----w- C:\ProgramData\Malwarebytes 2012-06-18 05:11:32 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-18 05:11:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-06-18 04:43:04 30760 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2012-06-18 04:43:04 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll 2012-06-18 04:43:04 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll 2012-06-18 04:42:34 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2012-06-18 04:42:34 -------- d-----w- C:\Program Files\Symantec 2012-06-18 04:42:34 -------- d-----w- C:\Program Files\Common Files\Symantec Shared 2012-06-18 04:41:36 -------- d-----w- C:\Windows\System32\drivers\N360x64 2012-06-18 04:41:34 -------- d-----w- C:\ProgramData\Symantec 2012-06-18 04:41:34 -------- d-----w- C:\Program Files (x86)\Norton 360 2012-06-18 04:41:33 -------- d-----w- C:\ProgramData\Norton 2012-06-18 04:41:12 -------- d-----w- C:\ProgramData\NortonInstaller 2012-06-18 04:41:12 -------- d-----w- C:\Program Files (x86)\NortonInstaller 2012-06-18 03:09:22 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2012-06-18 03:09:22 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-06-18 02:49:53 -------- d-----w- C:\Users\Calnestitcher\AppData\Roaming\BucksBee Loyalty Plugin - 100884.rs for Chrome 2012-06-18 02:49:27 -------- d-----w- C:\Program Files (x86)\OApps 2012-06-18 01:49:20 49152 ----a-r- C:\Users\Calnestitcher\AppData\Roaming\Microsoft\Installer\{502499DC-2EDB-45A2-8F7C-83E6E5DE067E}\NewShortcut1_502499DC2EDB45A28F7C83E6E5DE067E.exe 2012-06-18 01:44:06 49152 ----a-r- C:\Users\Calnestitcher\AppData\Roaming\Microsoft\Installer\{C109AF5B-69D0-4C93-B360-F28D9FAB6084}\NewShortcut1_C109AF5B69D04C93B360F28D9FAB6084.exe 2012-06-17 18:32:08 -------- d-----w- C:\Users\Calnestitcher\AppData\Roaming\Blender Foundation 2012-06-17 18:30:55 -------- d-----w- C:\Users\Calnestitcher\.thumbnails 2012-06-17 18:30:25 -------- d-----w- C:\Program Files\Blender Foundation 2012-06-17 16:53:18 49152 ----a-r- C:\Users\Calnestitcher\AppData\Roaming\Microsoft\Installer\{FD1E17BC-2956-4AD7-B937-D23F06F1A5E8}\NewShortcut1_FD1E17BC29564AD7B937D23F06F1A5E8.exe 2012-06-17 09:16:09 560184 ----a-w- C:\Windows\System32\drivers\sptd.sys 2012-06-17 09:15:52 -------- d-----w- C:\Users\Calnestitcher\AppData\Roaming\DAEMON Tools Lite 2012-06-17 09:15:48 -------- d-----w- C:\Users\Calnestitcher\AppData\Roaming\OpenCandy 2012-06-17 09:15:48 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite 2012-06-17 09:14:28 -------- d-----w- C:\ProgramData\DAEMON Tools Lite 2012-06-17 09:12:49 -------- d-----w- C:\ProgramData\DAEMON Tools Pro 2012-06-17 06:51:59 73544 ----a-w- C:\Windows\System32\XAPOFX1_3.dll 2012-06-17 06:47:12 -------- d-----w- C:\Windows\SysWow64\directx 2012-06-17 06:39:37 1391104 ----a-w- C:\apploc.msi 2012-06-16 19:29:18 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Apple Computer 2012-06-16 19:28:16 -------- d-----w- C:\Program Files\iPod 2012-06-16 19:28:15 -------- d-----w- C:\Program Files\iTunes 2012-06-16 19:28:15 -------- d-----w- C:\Program Files (x86)\iTunes 2012-06-16 19:27:37 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Apple 2012-06-16 19:27:07 -------- d-----w- C:\Program Files\Bonjour 2012-06-16 19:27:07 -------- d-----w- C:\Program Files (x86)\Bonjour 2012-06-15 22:55:33 -------- d-----w- C:\Program Files (x86)\Bamboo Dock 2012-06-15 22:53:29 642928 ------w- C:\Windows\SysWow64\Pen_Touch_Tablet.dll 2012-06-15 22:53:29 -------- d-----w- C:\Users\Calnestitcher\AppData\Roaming\WTablet 2012-06-15 22:53:28 749936 ------w- C:\Windows\System32\Pen_Touch_Tablet.dll 2012-06-15 22:53:19 -------- d-----w- C:\Program Files (x86)\TabletPlugins 2012-06-15 22:52:43 18288 ----a-w- C:\Windows\System32\drivers\wacmoumonitor.sys 2012-06-15 22:52:38 12848 ----a-w- C:\Windows\System32\drivers\wacommousefilter.sys 2012-06-15 22:52:03 16168 ----a-w- C:\Windows\System32\drivers\wacomvhid.sys 2012-06-15 22:52:00 506736 ------w- C:\Windows\SysWow64\Wintab32.dll 2012-06-15 22:51:58 600432 ------w- C:\Windows\System32\Wintab32.dll 2012-06-15 22:51:57 650096 ------w- C:\Windows\SysWow64\Pen_Tablet.dll 2012-06-15 22:51:55 756592 ------w- C:\Windows\System32\Pen_Tablet.dll 2012-06-15 22:51:39 -------- d-----w- C:\Program Files\Tablet 2012-06-14 22:13:18 -------- d-----w- C:\Program Files (x86)\Pixologic 2012-06-14 22:11:43 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Downloaded Installations 2012-06-14 20:22:12 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll 2012-06-14 20:22:09 -------- d-----w- C:\Program Files (x86)\HP 2012-06-14 19:49:09 -------- d-----w- C:\Windows\SysWow64\Wat 2012-06-14 19:49:08 -------- d-----w- C:\Windows\System32\Wat 2012-06-14 19:30:59 995328 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll 2012-06-14 19:18:50 -------- d-----w- C:\Windows\System32\SPReview 2012-06-14 19:17:51 -------- d-----w- C:\Windows\System32\EventProviders 2012-06-14 19:16:06 48976 ----a-w- C:\Windows\System32\netfxperf.dll 2012-06-14 19:16:06 1942856 ----a-w- C:\Windows\System32\dfshim.dll 2012-06-14 19:14:59 4247040 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe 2012-06-14 19:13:59 82944 ----a-w- C:\Windows\SysWow64\thumbcache.dll 2012-06-14 19:12:59 189952 ----a-w- C:\Windows\SysWow64\sqmapi.dll 2012-06-14 19:12:44 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll 2012-06-14 19:12:44 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll 2012-06-14 19:12:44 189952 ----a-w- C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll 2012-06-14 19:12:12 529408 ----a-w- C:\Windows\System32\wbemcomn.dll 2012-06-14 19:12:12 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll 2012-06-14 19:12:10 244736 ----a-w- C:\Windows\System32\sqmapi.dll 2012-06-14 18:51:52 1139200 ----a-w- C:\Windows\System32\FntCache.dll 2012-06-14 18:51:51 902656 ----a-w- C:\Windows\System32\d2d1.dll 2012-06-14 18:51:51 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2012-06-14 02:15:25 -------- d-----w- C:\Windows\System32\appmgmt 2012-06-14 00:35:18 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-06-14 00:35:18 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-06-14 00:35:18 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-06-14 00:35:18 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-06-14 00:35:18 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-06-14 00:35:18 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-06-14 00:35:18 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-06-13 21:13:29 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Google 2012-06-13 21:13:15 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Deployment 2012-06-13 21:13:15 -------- d-----w- C:\Users\Calnestitcher\AppData\Local\Apps 2012-06-13 21:09:21 -------- d-----w- C:\Program Files\Synaptics 2012-06-13 19:26:58 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-13 19:26:58 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-13 18:24:57 142336 ----a-w- C:\Windows\System32\poqexec.exe 2012-06-13 18:23:57 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-13 18:22:46 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll 2012-06-13 18:22:45 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll 2012-06-13 18:22:33 1395712 ----a-w- C:\Windows\System32\mfc42.dll 2012-06-13 18:22:33 1359872 ----a-w- C:\Windows\System32\mfc42u.dll 2012-06-13 18:22:33 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll 2012-06-13 18:22:32 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll 2012-06-13 18:20:48 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-06-13 18:19:48 642944 ----a-w- C:\Windows\System32\winload.efi 2012-06-13 18:18:53 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe 2012-06-13 18:14:09 -------- d-----w- C:\Windows\Panther 2012-06-13 18:07:34 1731920 ----a-w- C:\Windows\System32\ntdll.dll 2012-06-13 18:07:34 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll 2012-06-13 18:03:55 -------- d-----w- C:\Windows.old 2012-06-13 17:55:21 -------- d-sh--w- C:\Windows\Installer 2012-06-13 17:55:09 637544 ----a-w- C:\Windows\System32\nvuninst.exe 2012-06-13 17:53:43 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-06-13 17:53:43 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-06-13 17:53:43 20992 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys 2012-06-13 17:53:43 162816 ----a-w- C:\Windows\System32\rdpudd.dll 2012-06-13 17:53:43 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-06-13 17:50:57 -------- d-sh--w- C:\Recovery 2012-06-13 14:34:00 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3CE4D1F-AEF6-409B-BCF9-CBBB00415932}\mpengine.dll 2012-06-13 14:34:00 279656 ------w- C:\Windows\System32\MpSigStub.exe . ==================== Find3M ==================== . 2012-06-14 19:30:59 91648 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe 2012-06-14 19:30:59 85504 ----a-w- C:\Windows\System32\iesetup.dll 2012-06-14 19:30:59 76800 ----a-w- C:\Windows\System32\tdc.ocx 2012-06-14 19:30:59 49664 ----a-w- C:\Windows\System32\imgutil.dll 2012-06-14 19:30:59 48640 ----a-w- C:\Windows\System32\mshtmler.dll 2012-06-14 19:30:59 448512 ----a-w- C:\Windows\System32\html.iec 2012-06-14 19:30:59 30720 ----a-w- C:\Windows\System32\licmgr10.dll 2012-06-14 19:30:59 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-14 19:30:59 135168 ----a-w- C:\Windows\System32\IEAdvpack.dll 2012-06-14 19:30:59 111616 ----a-w- C:\Windows\System32\iesysprep.dll 2012-06-14 19:30:58 603648 ----a-w- C:\Windows\System32\vbscript.dll 2012-06-14 19:30:58 165888 ----a-w- C:\Windows\System32\iexpress.exe 2012-06-14 19:30:58 160256 ----a-w- C:\Windows\System32\wextract.exe 2012-06-14 19:24:05 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2012-06-14 19:24:04 175616 ----a-w- C:\Windows\System32\msclmd.dll 2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 05:32:05 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-25 19:11:36 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys 2012-04-25 19:11:36 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll . ============= FINISH: 15:27:30.63 =============== mbam Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.06.28.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Calnestitcher :: CALNESTITCHER [administrator] 6/28/2012 2:20:34 PM mbam-log-2012-06-28 (14-20-34).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 202280 Time elapsed: 3 minute(s), 7 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Sorry for the mistake earlier.
-
I fallowed your instructions except to do a fresh DDS log, I do not know what that is. Thank you for your fast reply. How ever, before I posted your reply and a few restarts, I may not know what I did but I deleted some things I didn't think should be in the hijackthis log. (after I checked many of the things it found that I did not know what they were. ) The computer is running smoothly now as it should but fun mods didn't go away, neither the aspca reminder thing. After your reply I fallowed your instructions except the DDS thing. Could you tell me what that is? I shall post the other logs after you reply. Also, Malwarebytes didn't find any malicious malware even after fallowing all your instructions. Thank you.
-
My computer is over heating and there are many (missing) files in my hijackthis log which I don't know what they are. Also I removed (or think I removed) funmods but not aspca we care whatever the name is. I included my log file of hijack this since malwarebytes didn't find anything. I doubt it is not the fan because my cpu is running at 50 to 100% sometimes. Also included the Attach and DDS as requested. Thank you. Attach.txt DDS.txt hijackthis.log
-
My computer is over heating and there are many (missing) files in my hijackthis log which I don't know what they are. Also I removed (or think I removed) funmods but not aspca we care whatever the name is. I included my log file of hijack this since malwarebytes didn't find anything. I doubt it is not the fan because my cpu is running at 50 to 100% sometimes. I came here because the hijack this site said I could post my log file here. If I made a mistake, I apologize in advance. Thank you. hijackthis.log