Jump to content

computer is taken over. reinstalled os three times now


Recommended Posts

Hi I sure hope you can help me out. I am about to give up all together.

here is the list dds copied and pasted.

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16421

Run by Jason at 6:19:46 on 2011-01-01

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7607.5105 [GMT -5:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\system32\atiesrxx.exe

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\system32\WLANExt.exe

C:\windows\system32\atieclxx.exe

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\windows\system32\svchost.exe -k bthsvcs

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe

C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe

C:\Program Files\IDT\WDM\Beats64.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\SysWOW64\RunDll32.exe

C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\windows\system32\taskeng.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\windows\system32\vssvc.exe

C:\windows\System32\svchost.exe -k swprv

C:\windows\SysWOW64\NOTEPAD.EXE

C:\windows\SysWOW64\NOTEPAD.EXE

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\windows\system32\wbem\wmiprvse.exe

C:\windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://xfinity.com/

mWinlogon: Userinit = userinit.exe

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll

BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\CoIEPlg.dll

uRun: [Driver Manager] C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe /applicationMode:systemTray /showWelcome:false

mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

mRunOnce: [Z1] C:\Users\Jason\Documents\mbar-1.01.0.1011\mbar\mbar.exe /cleanup /s

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: NameServer = 10.0.0.1

TCP: Interfaces\{8B6AD7E1-182C-4CA1-85E4-6C30B5352920} : DHCPNameServer = 10.0.0.1

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn

x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - c:\Program Files\AMD\SteadyVideo\SteadyVideo.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll

x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - c:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

x64-mASetup: {B34A07DD-C6F7-414A-AE63-01019482EAF0} - msiexec /fu {B34A07DD-C6F7-414A-AE63-01019482EAF0} /qn

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2011-1-1 82048]

R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2011-1-1 42624]

R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2012-8-30 228768]

R0 SymDS;Symantec Data Store;C:\windows\System32\drivers\NISx64\1301000.01C\SymDS64.sys [2011-1-1 451192]

R0 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\NISx64\1301000.01C\SymEFA64.sys [2011-1-1 1084536]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110819.004\BHDrvx64.sys [2011-1-1 1151096]

R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\windows\System32\drivers\NISx64\1301000.01C\ccSetx64.sys [2011-1-1 167048]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSviA64.sys [2011-1-1 488568]

R1 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\NISx64\1301000.01C\Ironx64.sys [2011-1-1 189560]

R1 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\NISx64\1301000.01C\symnets.sys [2011-1-1 401016]

R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-1-1 235520]

R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-7-20 249648]

R2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2011-8-16 16384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]

R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2011-1-1 399432]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-1-1 676936]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [2011-1-1 138760]

R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2012-8-30 128456]

R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-1-1 1128952]

R3 amdhub30;AMD USB 3.0 Hub Driver;C:\windows\System32\drivers\amdhub30.sys [2011-1-1 102528]

R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\windows\System32\drivers\amdxhc.sys [2011-1-1 219776]

R3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2011-1-1 349736]

R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2011-1-1 39464]

R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-1-1 104048]

R3 mbamchameleon;mbamchameleon;C:\windows\System32\drivers\mbamchameleon.sys [2011-1-1 36680]

R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2011-1-1 25928]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]

R3 usbfilter;AMD USB Filter Driver;C:\windows\System32\drivers\usbfilter.sys [2011-1-1 54400]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-8-1 195320]

S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-08-31 03:03:48 228768 ----a-w- C:\windows\System32\drivers\MpFilter.sys

2012-08-31 03:03:48 128456 ----a-w- C:\windows\System32\drivers\NisDrvWFP.sys

2012-06-08 09:37:59 -------- d-sh--r- C:\hp

2012-01-21 06:04:58 68096 ----a-w- C:\windows\System32\OpenVideo64.dll

2012-01-21 06:04:54 58368 ----a-w- C:\windows\SysWow64\OpenVideo.dll

2012-01-21 06:04:48 61952 ----a-w- C:\windows\System32\OVDecode64.dll

2012-01-21 06:04:44 54784 ----a-w- C:\windows\SysWow64\OVDecode.dll

2012-01-21 06:04:36 16209920 ----a-w- C:\windows\System32\amdocl64.dll

2012-01-21 06:03:56 12991488 ----a-w- C:\windows\SysWow64\amdocl.dll

2012-01-21 06:03:14 54784 ----a-w- C:\windows\System32\OpenCL.dll

2012-01-21 06:03:10 48640 ----a-w- C:\windows\SysWow64\OpenCL.dll

2012-01-09 23:25:32 -------- d-----w- C:\SWSETUP

2011-12-14 05:44:22 27648 ----a-w- C:\windows\System32\kdbsdk64.dll

2011-12-14 05:44:10 23040 ----a-w- C:\windows\SysWow64\kdbsdk32.dll

2011-11-16 01:58:56 146432 ----a-w- C:\windows\System32\SlotMaximizerAg.dll

2011-11-16 01:58:54 3507712 ----a-w- C:\windows\System32\SlotMaximizerBe.dll

2011-11-16 01:57:06 2463744 ----a-w- C:\windows\SysWow64\SlotMaximizerBe.dll

2011-11-16 01:57:02 122880 ----a-w- C:\windows\SysWow64\SlotMaximizerAg.dll

2011-10-12 23:33:22 7736 ----a-w- C:\windows\hpDSTRES.DLL

2011-08-16 17:04:56 773968 ----a-w- C:\windows\SysWow64\msvcr100.dll

2011-08-16 17:04:56 421200 ----a-w- C:\windows\SysWow64\msvcp100.dll

2011-08-03 16:40:10 253952 ----a-w- C:\windows\SysWow64\cPC_DMIRD.dll

2011-05-14 00:03:34 49016 ----a-w- C:\windows\SysWow64\sirenacm.dll

2011-05-13 23:42:24 302448 ----a-w- C:\windows\WLXPGSS.SCR

2011-03-29 05:18:42 1568168 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDRES.DLL

2011-03-29 05:14:36 529280 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

2011-03-29 05:12:42 55704 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll

2011-03-29 05:12:42 1134488 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll

2011-03-29 05:11:06 420224 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL

2011-03-29 05:11:06 290176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL

2011-03-29 05:11:06 252800 ----a-w- C:\windows\System32\LIVESSP.DLL

2011-03-29 05:11:06 2292096 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

2011-03-29 05:11:06 223104 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

2011-03-29 05:11:06 171392 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

2011-03-29 04:39:16 1568168 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDRES.DLL

2011-03-29 04:35:06 441216 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

2011-03-29 04:33:28 856984 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\wlidcli.dll

2011-03-29 04:33:28 57752 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll

2011-03-29 04:31:14 332672 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL

2011-03-29 04:31:14 238464 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL

2011-03-29 04:31:14 209280 ----a-w- C:\windows\SysWow64\LIVESSP.DLL

2011-03-29 04:31:14 145280 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

2011-03-29 02:36:46 241984 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL

2011-03-29 02:36:46 17816 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-02-11 17:07:57 -------- d-sh--w- C:\windows\Installer

2011-02-11 17:07:22 -------- d-sh--w- C:\Recovery

2011-02-11 17:00:54 -------- d-----w- C:\windows\Panther

2011-02-11 17:00:40 -------- d-sh--w- C:\Boot

2011-02-11 17:00:20 -------- d-----w- C:\windows\System32\OEM

2011-01-01 11:08:44 -------- d-----w- C:\Users\Jason\AppData\Local\Apps

2011-01-01 10:56:47 36680 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys

2011-01-01 10:56:20 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{251F5B30-CE10-44A2-A613-1A32B2F0DDC3}\offreg.dll

2011-01-01 10:51:38 -------- d-----w- C:\ProgramData\UAB

2011-01-01 10:51:37 -------- d-----w- C:\Users\Jason\AppData\Local\PC_Drivers_Headquarters

2011-01-01 10:51:15 972264 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1D748746-BA1F-492A-BF03-8E9CD721FEB3}\gapaengine.dll

2011-01-01 10:51:03 9125352 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{251F5B30-CE10-44A2-A613-1A32B2F0DDC3}\mpengine.dll

2011-01-01 10:50:17 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2011-01-01 10:50:15 -------- d-----w- C:\Program Files\Microsoft Security Client

2011-01-01 10:48:38 -------- d-----w- C:\ProgramData\Driver Manager

2011-01-01 10:48:37 -------- d-----w- C:\Users\Jason\AppData\Roaming\PCCUStubInstaller

2011-01-01 10:48:13 -------- d-----w- C:\Program Files (x86)\Driver Manager

2011-01-01 10:45:57 -------- d-sh--w- C:\$RECYCLE.BIN

2011-01-01 10:42:17 -------- d-----r- C:\Program Files\Online Services

2011-01-01 10:41:58 -------- d-----w- C:\Program Files (x86)\Microsoft

2011-01-01 10:41:42 -------- d-----w- C:\windows\en

2011-01-01 10:41:17 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2011-01-01 10:39:17 5425496 ----a-w- C:\windows\System32\D3DX9_41.dll

2011-01-01 10:39:17 4178264 ----a-w- C:\windows\SysWow64\D3DX9_41.dll

2011-01-01 10:38:16 22056 ----a-w- C:\windows\System32\btwcoins.dll

2011-01-01 10:38:15 39464 ----a-w- C:\windows\System32\drivers\btwl2cap.sys

2011-01-01 10:38:15 349736 ----a-w- C:\windows\System32\drivers\btwampfl.sys

2011-01-01 10:38:15 21416 ----a-w- C:\windows\System32\drivers\btwrchid.sys

2011-01-01 10:38:15 138280 ----a-w- C:\windows\System32\drivers\btwavdt.sys

2011-01-01 10:38:15 107560 ----a-w- C:\windows\System32\drivers\btwaudio.sys

2011-01-01 10:37:34 -------- d-----w- C:\Program Files\WIDCOMM

2011-01-01 10:37:25 -------- d-----w- C:\ProgramData\TouchSmartData

2011-01-01 10:37:19 -------- d-----w- C:\Program Files (x86)\K-NFB Reading Technology Inc

2011-01-01 10:37:18 -------- d-----w- C:\Program Files (x86)\PlayReady

2011-01-01 10:37:13 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared

2011-01-01 10:37:11 -------- d-----w- C:\Program Files (x86)\Kobo

2011-01-01 10:37:03 -------- d-----w- C:\windows\PRIndex

2011-01-01 10:37:00 -------- d-----w- C:\Program Files (x86)\NewspaperDirect

2011-01-01 10:36:57 -------- d-----w- C:\Program Files (x86)\Zinio Reader 4

2011-01-01 10:36:52 -------- d-----w- C:\Program Files\ZinioReader4

2011-01-01 10:35:44 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-01-01 10:35:40 -------- d-----w- C:\Program Files\PlayReady

2011-01-01 10:35:34 -------- d-----w- C:\ProgramData\Symantec

2011-01-01 10:35:34 -------- d-----w- C:\Program Files (x86)\Symantec

2011-01-01 10:35:28 -------- d-----r- C:\Program Files (x86)\Skype

2011-01-01 10:35:25 379784 ----a-w- C:\Program Files (x86)\Online Services\Skype\SkypeLauncher.exe

2011-01-01 10:35:25 18386568 ----a-w- C:\Program Files (x86)\Online Services\Skype\SkypeSetup.exe

2011-01-01 10:35:25 -------- d-----r- C:\Program Files (x86)\Online Services

2011-01-01 10:34:02 -------- d-----w- C:\ProgramData\Uninstall

2011-01-01 10:32:59 5336456 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\OStarter\en-us\Office.exe

2011-01-01 10:32:59 18336 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\OStarter\en-us\launchofficeintl.dll

2011-01-01 10:32:57 33000960 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\OStarter\en-us\click2run64.msi

2011-01-01 10:32:56 26051072 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\OStarter\en-us\click2run.msi

2011-01-01 10:32:55 2376704 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\OOBE\oobe.msi

2011-01-01 10:32:55 101888 ----a-w- C:\ProgramData\Microsoft\OEMOffice14\OOBE\oobe-x-none.msp

2011-01-01 10:31:09 -------- d-----w- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}

2011-01-01 10:30:10 -------- d-----w- C:\Program Files (x86)\Hp

2011-01-01 10:29:54 -------- d-----w- C:\windows\kdb

2011-01-01 10:29:53 -------- d-----w- C:\Program Files\AMD

2011-01-01 10:29:53 -------- d-----w- C:\Program Files (x86)\AMD

2011-01-01 10:29:52 -------- d-----w- C:\Program Files (x86)\AMD APP

2011-01-01 10:29:50 -------- d-----w- C:\Program Files\Common Files\ATI Technologies

2011-01-01 10:29:50 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies

2011-01-01 10:29:21 -------- d-----w- C:\Program Files\ATI

2011-01-01 10:29:21 -------- d-----w- C:\Program Files (x86)\ATI Technologies

2011-01-01 10:28:53 -------- d-----w- C:\Program Files\IDT

2011-01-01 10:27:52 -------- d-----w- C:\Program Files\hp

2011-01-01 10:27:46 117248 ----a-w- C:\windows\System32\HPMUIDir.exe

2011-01-01 10:21:06 223744 ----a-w- C:\windows\System32\HPToneCtrls64.dll

2011-01-01 10:21:05 6341632 ----a-w- C:\windows\System32\IDTNGUI.exe

2011-01-01 10:21:05 5125632 ----a-w- C:\windows\System32\IDTNHP.dll

2011-01-01 10:21:05 4441600 ----a-w- C:\windows\System32\stlang64.dll

2011-01-01 10:21:05 37888 ----a-w- C:\windows\System32\Beats64.exe

2011-01-01 10:21:05 249344 ----a-w- C:\windows\System32\IDTNJ.exe

2011-01-01 10:21:05 1819136 ----a-w- C:\windows\System32\IDTNC64.cpl

2011-01-01 10:21:05 1425408 ----a-w- C:\windows\sttray64.exe

2011-01-01 10:21:05 1070592 ----a-w- C:\windows\System32\IDTNX.dll

2011-01-01 10:21:05 -------- d-----w- C:\ProgramData\SonicFocus

2011-01-01 10:21:03 0 ----a-w- C:\windows\ativpsrm.bin

2011-01-01 10:19:18 8794192 ----a-w- C:\ProgramData\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE

2011-01-01 10:13:18 -------- d-----w- C:\Users\Jason\AppData\Roaming\Malwarebytes

2011-01-01 10:13:17 -------- d-----w- C:\ProgramData\Malwarebytes

2011-01-01 10:13:16 25928 ----a-w- C:\windows\System32\drivers\mbam.sys

2011-01-01 10:13:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-01-01 10:11:00 5561216 ----a-w- C:\windows\System32\ntoskrnl.exe

2011-01-01 10:11:00 3967872 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe

2011-01-01 10:11:00 3912576 ----a-w- C:\windows\SysWow64\ntoskrnl.exe

2011-01-01 10:09:26 -------- d-----w- C:\Users\Jason\AppData\Local\Broadcom

2011-01-01 10:08:45 -------- d-----w- C:\Users\Jason\AppData\Local\PDFC

2011-01-01 10:08:45 -------- d-----w- C:\Users\Jason\AppData\Local\ATI

2011-01-01 10:08:12 296320 ----a-w- C:\windows\System32\drivers\volsnap.sys

2011-01-01 10:08:11 -------- d-----w- C:\Users\Jason\AppData\Local\VirtualStore

2011-01-01 10:05:50 96768 ----a-w- C:\windows\System32\fsutil.exe

2011-01-01 10:04:51 -------- d-----w- C:\Users\Jason\AppData\Local\RemEngine

2011-01-01 10:02:57 7680 ----a-w- C:\windows\SysWow64\instnm.exe

2011-01-01 10:01:56 976896 ----a-w- C:\windows\System32\inetcomm.dll

2011-01-01 09:59:46 267776 ----a-w- C:\windows\System32\FXSCOVER.exe

2011-01-01 09:57:51 995328 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll

2011-01-01 09:51:45 -------- d--h--r- C:\SYSTEM.SAV

.

==================== Find3M ====================

.

2012-02-10 08:05:55 58880 ----a-w- C:\windows\System32\coinst.dll

2012-02-10 08:05:49 33280 ----a-w- C:\windows\SysWow64\atiuxpag.dll

2012-02-10 08:05:47 43008 ----a-w- C:\windows\System32\atiuxp64.dll

2012-02-10 08:05:45 5159424 ----a-w- C:\windows\SysWow64\atiumdva.dll

2012-02-10 08:05:30 1828864 ----a-w- C:\windows\SysWow64\atiumdmv.dll

2012-02-10 08:05:25 5935104 ----a-w- C:\windows\SysWow64\atiumdag.dll

2012-02-10 08:05:17 1113088 ----a-w- C:\windows\System32\atiumd6v.dll

2012-02-10 08:05:13 5052416 ----a-w- C:\windows\System32\atiumd6a.dll

2012-02-10 08:05:00 7534592 ----a-w- C:\windows\System32\atiumd64.dll

2012-02-10 08:04:51 30208 ----a-w- C:\windows\SysWow64\atiu9pag.dll

2012-02-10 08:04:50 39936 ----a-w- C:\windows\System32\atiu9p64.dll

2012-02-10 08:04:48 120320 ----a-w- C:\windows\System32\atitmm64.dll

2012-02-10 08:04:46 360448 ----a-w- C:\windows\SysWow64\atipdlxx.dll

2012-02-10 08:04:43 426496 ----a-w- C:\windows\System32\atipdl64.dll

2012-02-10 08:04:38 19366912 ----a-w- C:\windows\SysWow64\atioglxx.dll

2012-02-10 08:04:20 332800 ----a-w- C:\windows\System32\ATIODE.exe

2012-02-10 08:04:18 51200 ----a-w- C:\windows\System32\ATIODCLI.exe

2012-02-10 08:04:15 25610240 ----a-w- C:\windows\System32\atio6axx.dll

2012-02-10 08:02:57 784384 ----a-w- C:\windows\SysWow64\aticfx32.dll

2012-01-30 01:42:29 104048 ----a-w- C:\windows\System32\drivers\L1C62x64.sys

2012-01-16 10:08:01 42624 ----a-w- C:\windows\System32\drivers\amd_xata.sys

2012-01-16 10:07:59 82048 ----a-w- C:\windows\System32\drivers\amd_sata.sys

2012-01-11 06:32:40 219776 ----a-w- C:\windows\System32\drivers\amdxhc.sys

2012-01-11 06:32:38 102528 ----a-w- C:\windows\System32\drivers\amdhub30.sys

2011-12-28 02:04:10 54400 ----a-w- C:\windows\System32\drivers\usbfilter.sys

2011-12-13 09:38:48 535040 ----a-w- C:\windows\System32\drivers\stwrt64.sys

2011-12-13 09:38:22 1987072 ----a-w- C:\windows\System32\stapo64.dll

2011-12-13 09:38:18 654336 ------w- C:\windows\System32\stapi64.dll

2011-12-13 09:38:11 251904 ----a-w- C:\windows\System32\staco64.dll

2011-12-13 09:38:09 220512 ----a-w- C:\windows\System32\SFNHK64.DLL

2011-12-13 09:38:07 81248 ----a-w- C:\windows\System32\SFCOM64.DLL

2011-12-13 09:38:05 74080 ----a-w- C:\windows\SysWow64\sfcom.dll

2011-12-13 09:38:03 78176 ----a-w- C:\windows\System32\SFAPO64.DLL

2011-08-12 17:54:26 20968 ----a-w- C:\windows\System32\pdfc_port.dll

2011-08-08 15:38:06 167048 ----a-r- C:\windows\System32\drivers\NISx64\1301000.01C\ccSetx64.sys

2011-08-02 18:22:10 729720 ----a-r- C:\windows\System32\drivers\NISx64\1301000.01C\srtsp64.sys

2011-08-02 18:22:10 37496 ----a-r- C:\windows\System32\drivers\NISx64\1301000.01C\srtspx64.sys

2011-07-28 19:20:02 1084536 ----a-r- C:\windows\System32\drivers\NISx64\1301000.01C\SymEFA64.sys

2011-07-25 18:18:40 401016 ----a-r- C:\windows\System32\drivers\NISx64\1301000.01C\symnets.sys

2011-07-25 18:18:36 451192 ----a-r- C:\windows\System32\drivers\NISx64\1301000.01C\SymDS64.sys

2011-07-25 18:15:52 189560 ----a-r- C:\windows\System32\drivers\NISx64\1301000.01C\Ironx64.sys

2011-04-27 18:36:34 21048 ----a-w- C:\windows\help\OEM\Scripts\checkMui.dll

2011-01-01 10:43:32 174200 ----a-w- C:\windows\System32\drivers\SYMEVENT64x86.SYS

2011-01-01 10:05:50 74240 ----a-w- C:\windows\SysWow64\fsutil.exe

2011-01-01 10:04:50 514560 ----a-w- C:\windows\SysWow64\qdvd.dll

2011-01-01 10:04:50 366592 ----a-w- C:\windows\System32\qdvd.dll

2011-01-01 10:04:50 1572864 ----a-w- C:\windows\System32\quartz.dll

2011-01-01 10:04:50 1328128 ----a-w- C:\windows\SysWow64\quartz.dll

2011-01-01 10:04:41 43520 ----a-w- C:\windows\System32\csrsrv.dll

2011-01-01 10:04:34 723456 ----a-w- C:\windows\System32\EncDec.dll

2011-01-01 10:04:34 534528 ----a-w- C:\windows\SysWow64\EncDec.dll

2011-01-01 10:02:57 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2011-01-01 10:01:56 741376 ----a-w- C:\windows\SysWow64\inetcomm.dll

2011-01-01 10:00:48 30208 ----a-w- C:\windows\System32\dnscacheugc.exe

2011-01-01 09:59:56 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll

2011-01-01 09:58:40 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2011-01-01 09:58:40 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2011-01-01 09:58:40 2309120 ----a-w- C:\windows\System32\jscript9.dll

2011-01-01 09:58:40 1798144 ----a-w- C:\windows\SysWow64\jscript9.dll

2011-01-01 09:58:40 1493504 ----a-w- C:\windows\System32\inetcpl.cpl

2011-01-01 09:58:40 1427456 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2011-01-01 09:58:40 1390080 ----a-w- C:\windows\System32\wininet.dll

2011-01-01 09:58:40 1127424 ----a-w- C:\windows\SysWow64\wininet.dll

2010-11-21 07:06:23 2560 ----a-w- C:\windows\SysWow64\drivers\en-US\qwavedrv.sys.mui

2010-11-21 07:06:21 25600 ----a-w- C:\windows\SysWow64\drivers\en-US\bfe.dll.mui

2010-11-21 07:06:21 15360 ----a-w- C:\windows\SysWow64\drivers\en-US\pacer.sys.mui

2010-11-21 07:06:17 5632 ----a-w- C:\windows\SysWow64\drivers\en-US\ndiscap.sys.mui

2010-11-21 07:06:17 2560 ----a-w- C:\windows\SysWow64\drivers\en-US\scfilter.sys.mui

2010-11-21 07:06:15 44032 ----a-w- C:\windows\SysWow64\drivers\en-US\tcpip.sys.mui

2010-11-21 03:26:54 175616 ----a-w- C:\windows\System32\msclmd.dll

2010-11-21 03:26:54 152576 ----a-w- C:\windows\SysWow64\msclmd.dll

2010-11-21 03:24:52 9728 ----a-w- C:\windows\System32\spwmp.dll

2010-11-21 03:23:59 61440 ----a-w- C:\windows\SysWow64\tcpmonui.dll

2010-10-27 21:28:46 11320 ----a-w- C:\windows\help\OEM\Scripts\HPSARedirectorLauncher.exe

2010-10-19 18:41:44 270720 ----a-w- C:\windows\System32\MpSigStub.exe

.

============= FINISH: 6:20:41.29 ===============</orphaned></orphaned></orphaned>

attach.txt

Link to post
Share on other sites

Hello,

You have 2 (two) active Antivirus programs. That will lead to conflicts, deadlocks, and less protection.

AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

Remove 1 or the other, then Logoff and restart the pc.

IF you do not have a current license for Norton, then certainly Uninstall that.

If you have had a long-time saga of issues after doing an o.s. re-install, it is likely time to do it 1 more time, the right way/sequence.

How did you "install" Windows last ? a repair install or a wipe the HDD, delete all partition & then install new setup ??

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.

For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:


    • Startup Repair
    • System Restore
    • Windows Complete PC Restore
    • Windows Memory Diagnostic Tool
    • Command Prompt i_arrow-l.gif

[*]Select Command Prompt

[*]In the command window type in notepad and press Enter.

[*]The notepad opens. Under File menu select Open.

[*]Select "Computer" and find your flash drive letter and close the notepad.

[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter

Note: Replace letter e with the drive letter of your flash drive.

[*]The tool will start to run.

[*]When the tool opens click Yes to disclaimer.

[*]Press Scan button.

[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.