ssyoda
-
Posts
4 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by ssyoda
-
-
Your logs are clean , except for this random process in your DDS report:
C:\Users\ssyoda\Downloads\0nkwjfon.exe
That could just be the randomly named gmer exe though.
Please describe what your exact problem is when You claim this, and elaborate on all symptoms and explain why you did a system recovery:
Please post the Gmer log as it is very difficult for experts to decipher let alone lay people and it is a requested log. Do NOT attach it!! Copy and paste it into your reply!!
Ok on start up it's taking longer than usual to boot, then once the computer is booted my web browser is really slow, and youtube videos are slower with crackling audio noise from every video played. Files take longer to open. The issue was way worst before the system recovery was done.
On the gmer scanner I have the following boxes checked, services, registry, files, C:\, ADS. I run the scan until it's done, then a pop up box tells me it has found nothing, I click ok. Then hit save, but there's no log to save in the file. I'm I doing something wrong? My computer was very fast before, I have a intel quad core I7.
Any help is greatly appreciated
-
forgot to add the mbam logs
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5544
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
1/18/2011 1:15:32 AM
mbam-log-2011-01-18 (01-15-32).txt
Scan type: Quick scan
Objects scanned: 154329
Time elapsed: 16 minute(s), 52 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
full scan
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5551
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
1/18/2011 11:55:43 PM
mbam-log-2011-01-18 (23-55-43).txt
Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 318428
Time elapsed: 2 hour(s), 45 minute(s), 7 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
-
Can someone please help me read these logs? I have already done a system recovery, and the anti-virus has detected nothing. And neither does the gmer tool. But the problem is still on my cpu. Thank you for your time...
DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by ssyoda at 21:47:03.08 on Tue 01/18/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4086.2124 [GMT -5:00]
AV: Norton Internet Security *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\16.7.0.30\InstStub.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HPToneControl\HPToneCtl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\QuickTime\qttask.exe
C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\DigitalPersona\Bin\DPAgent.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\ssyoda\Downloads\Defogger.exe
C:\Windows\system32\conhost.exe
C:\Users\ssyoda\Downloads\0nkwjfon.exe
C:\Users\ssyoda\Downloads\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
mWinlogon: Userinit=userinit.exe
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DigitalPersona Personal Extension: {395610ae-c624-4f58-b89e-23733ea00f9a} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: hpBHO Class: {abd3b5e1-b268-407b-a150-2641dab8d898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
mRun: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
mRun: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
uPolicies-system: WallpaperStyle = 2
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-system: WallpaperStyle = 2
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: intuit.com\ttlc
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll
LSA: Notification Packages = scecli DPPWDFLT
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: DigitalPersona Personal Extension: {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll
BHO-X64: DigitalPersona Personal Extension - No File
BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
mRun-x64: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
mRun-x64: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
mRun-x64: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
mRun-x64: [HPToneControl] C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe
mRun-x64: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
================= FIREFOX ===================
FF - ProfilePath - C:\Users\ssyoda\AppData\Roaming\Mozilla\Firefox\Profiles\ao995f2o.default\
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\DigitalPersona\Bin\firefoxext\components\dpffcli.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - plugin: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: DigitalPersona Extension: otis@digitalpersona.com - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF - Ext: DigitalPersona Extension: otis@digitalpersona.com - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext
============= SERVICES / DRIVERS ===============
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2011/01/16 01:17:56];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2011-1-16 146928]
R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2009-6-29 70656]
R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-7-20 140712]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-1-13 7675392]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2009-6-26 83488]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-1-16 233472]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2011-1-16 5435904]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
=============== Created Last 30 ================
2011-01-19 02:05:10 388096 ----a-r- C:\Users\ssyoda\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-01-19 02:05:09 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-01-18 21:34:45 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-01-18 21:34:40 8199504 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{A9AB3F62-B275-4C01-BA4F-FD10123F1EB1}\mpengine.dll
2011-01-18 05:29:09 -------- d-----w- C:\Users\ssyoda\AppData\Roaming\Malwarebytes
2011-01-18 05:29:03 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-01-18 05:29:02 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-01-18 05:28:59 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-01-18 05:28:59 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-01-17 22:26:50 -------- d-----w- C:\Windows\SysWow64\Wat
2011-01-17 22:26:49 -------- d-----w- C:\Windows\System32\Wat
2011-01-17 22:20:37 311808 ----a-w- C:\Windows\System32\msv1_0.dll
2011-01-17 22:20:37 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2011-01-17 22:16:40 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2011-01-17 22:15:17 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2011-01-17 22:15:17 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2011-01-17 22:15:17 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2011-01-17 22:15:17 444752 ----a-w- C:\Windows\System32\mscoree.dll
2011-01-17 22:15:17 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2011-01-17 22:15:17 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2011-01-17 22:15:17 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2011-01-17 22:15:17 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-01-17 22:15:17 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-01-17 22:15:17 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2011-01-17 02:21:19 -------- d-----w- C:\Users\ssyoda\AppData\Roaming\Intuit
2011-01-17 02:21:02 -------- d-----w- C:\Program Files (x86)\Common Files\AnswerWorks 5.0
2011-01-17 02:18:58 -------- d-----w- C:\Users\ssyoda\AppData\Local\IsolatedStorage
2011-01-17 02:18:57 -------- d-----w- C:\Program Files (x86)\Common Files\Intuit
2011-01-17 02:16:23 -------- d-----w- C:\Program Files (x86)\TurboTax
2011-01-17 02:16:14 -------- d-----w- C:\PROGRA~3\Intuit
2011-01-16 19:44:59 3124224 ----a-w- C:\Windows\System32\win32k.sys
2011-01-16 19:42:45 -------- d-----w- C:\Users\ssyoda\AppData\Local\Adobe
2011-01-16 09:37:16 140066664 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlcE14.tmp
2011-01-16 09:34:13 -------- d-----w- C:\Program Files (x86)\Common Files\Protexis
2011-01-16 09:34:12 -------- d-----w- C:\Program Files (x86)\Common Files\Corel
2011-01-16 09:34:12 -------- d-----w- C:\PROGRA~3\Corel
2011-01-16 09:28:28 -------- d-----w- C:\Program Files (x86)\Common Files\Ulead Systems
2011-01-16 09:28:18 -------- d-----w- C:\Program Files (x86)\Corel
2011-01-16 09:26:37 -------- d-----w- C:\Program Files (x86)\Sling Media
2011-01-16 09:12:48 -------- d-----w- C:\PROGRA~3\Recovery
2011-01-16 09:12:34 -------- d-----w- C:\Windows\Hewlett-Packard
2011-01-16 09:11:37 5435904 ----a-w- C:\Windows\System32\drivers\NETw5v64.sys
2011-01-16 09:11:12 408600 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2011-01-16 09:09:53 487936 ----a-w- C:\Windows\System32\drivers\stwrt64.sys
2011-01-16 09:09:53 431616 ----a-w- C:\Windows\System32\stcplx64.dll
2011-01-16 09:09:53 209920 ----a-w- C:\Windows\System32\staco64.dll
2011-01-16 09:09:52 604672 ------w- C:\Windows\System32\stapi64.dll
2011-01-16 09:09:52 1431552 ----a-w- C:\Windows\System32\stapo64.dll
2011-01-16 09:09:40 -------- d-----w- C:\Program Files\IDT
2011-01-16 09:09:21 -------- d-----w- C:\Program Files\Synaptics
2011-01-16 09:08:03 539680 ----a-w- C:\Windows\System32\NVUNINST.EXE
2011-01-16 09:01:01 -------- d-----w- C:\Windows\ehome
2011-01-16 07:46:13 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2011-01-16 07:45:33 -------- d-----w- C:\Program Files (x86)\DivX
2011-01-16 07:44:50 -------- d-----w- C:\PROGRA~3\DivX
2011-01-16 07:20:17 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-01-16 07:16:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-01-16 07:16:06 472808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2011-01-16 07:15:09 -------- d-----w- C:\Users\ssyoda\AppData\Roaming\HpUpdate
2011-01-16 07:12:57 220672 ----a-w- C:\Windows\System32\wintrust.dll
2011-01-16 07:12:57 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll
2011-01-16 07:12:56 139264 ----a-w- C:\Windows\System32\cabview.dll
2011-01-16 07:12:56 132608 ----a-w- C:\Windows\SysWow64\cabview.dll
2011-01-16 07:10:57 -------- d-----w- C:\Users\ssyoda\AppData\Roaming\Macrovision
2011-01-16 07:09:59 -------- d-----w- C:\Users\ssyoda\AppData\Roaming\DigitalPersona
2011-01-16 07:09:59 -------- d-----w- C:\Users\ssyoda\AppData\Local\DigitalPersona
2011-01-16 07:09:24 -------- d-----w- C:\Users\ssyoda\AppData\Local\VirtualStore
2011-01-16 07:09:16 -------- d-----w- C:\Users\ssyoda\AppData\Local\Hewlett-Packard_Company
2011-01-16 07:09:14 -------- d-----w- C:\Users\ssyoda\AppData\Roaming\hpqlog
2011-01-16 07:06:26 -------- d-----w- C:\Users\ssyoda\AppData\Roaming\HP TCS
2011-01-16 07:05:01 -------- d-----w- C:\Users\ssyoda\AppData\Local\Hewlett-Packard
==================== Find3M ====================
2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll
2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec
2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
============= FINISH: 21:55:01.90 ===============
malware not detected?
in Resolved Malware Removal Logs
Posted
Hey sorry for not getting back to you, but your the F-ing Man! I did everything you said...
I still couldn't get the Gmer scan to work but it's ok.
Tdss killer tool ran and found nothing I believe...
The Combo Fix worked Great! The Scan took like an hour, but well worth it. It Deleted this one file
c:\users\Public\videos\HP MediaSmart Demo.exe
can you explain what this was? The computer is running like normal now
Thank you for your all your time in helping me... I really appreciate it
TDSSKiller.2.4.14.0_21.01.2011_19.43.08_log.txt
ComboFixLog.txt