Jump to content

Recommended Posts

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

Chris,

Thank you for taking the time to look into this:

MBAM log:

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Database version: 7166

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

7/16/2011 8:30:37 PM

mbam-log-2011-07-16 (20-30-37).txt

Scan type: Quick scan

Objects scanned: 182906

Time elapsed: 4 minute(s), 52 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS log:

DDS (Ver_2011-07-14.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26

Run by FrankCarol at 20:35:29 on 2011-07-16

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1590 [GMT -4:00]

.

AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\Mamutu\a2service.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\vistasrv.exe

C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\WBVista.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner\ACTHelperService.exe

C:\Program Files (x86)\AGI\core\4.2.0.10754\AGCoreService.exe

C:\Program Files (x86)\Cacheman\CachemanServ.exe

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe

C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\wbem\WmiApSrv.exe

C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Process Lasso\processgovernor.exe

C:\Program Files\Process Lasso\processlasso.exe

C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Cacheman\CachemanTray.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\ClipboardHistory\ClipboardHistory.exe

C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Mamutu\mamutu.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\PROGRA~2\Webshots\315~1.761\webshots.scr

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files (x86)\Microsoft Streets & Trips 2010\StreetsOlkShim.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files\GPSoftware\Directory Opus\dopus.exe

C:\Windows\explorer.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearch Bar = hxxp://www.google.com/ie

uSearch Page = hxxp://www.google.com

uDefault_Search_URL = hxxp://www.google.com/ie

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

uURLSearchHooks: agihelper.AGUtils: {0BC6E3FA-78EF-4886-842C-5A1258C4455A} -

uURLSearchHooks: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - <orphaned>

mWinlogon: Userinit = userinit.exe

BHO: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} -

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll

BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll

BHO: RoboForm BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll

TB: &RoboForm: {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [CachemanTray] C:\Program Files (x86)\Cacheman\CachemanTray.exe

uRun: [ClipboardHistory] C:\Program Files (x86)\ClipboardHistory\ClipboardHistory.exe

uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [Mamutu Guard] "C:\PROGRAM FILES (X86)\MAMUTU\mamutu.exe" /silent

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\Users\FRANKC~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Webshots.lnk - C:\Program Files (x86)\Webshots\3.1.5.7619\Launcher.exe

uPolicies-Explorer: NoThumbnailCache = dword:1

uPolicies-Explorer: NoSMBalloonTip = dword:1

uPolicies-Explorer: NoResolveTrack = dword:1

uPolicies-Explorer: NoCDBurning = dword:1

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: EnableShellExecuteHooks = dword:1

mPolicies-Explorer: NoResolveTrack = dword:0

mPolicies-Explorer: NoFileAssociate = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: EnableLUA = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

mPolicies-System: HideFastUserSwitching = dword:0

mPolicies-System: NoDispSettingsPage = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

IE: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

IE: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

IE: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html

IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html

IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll

TCP: NameServer = 209.18.47.61 209.18.47.62 192.168.1.1

TCP: Interfaces\{7B9E42D8-25BA-4FDF-85DD-8A63CC7208A6} : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.1.1

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll

Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: WBSrv - C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll

SSODL: WebCheck - <orphaned>

SEH: Directory Opus Shell Execute Hook - {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe

x64-Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>

x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-Notify: WB - C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll

x64-SSODL: WebCheck - <orphaned>

x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll

x64-SEH: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\FrankCarol\AppData\Roaming\Mozilla\Firefox\Profiles\oxluying.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.startup.homepage - hxxp://www.feedly.com/home#my

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: browser.blink_allowed - true

FF - user.js: network.prefetch-next - true

FF - user.js: nglayout.initialpaint.delay - 250

FF - user.js: layout.spellcheckDefault - 2

FF - user.js: browser.urlbar.autoFill - true

FF - user.js: browser.search.openintab - true

FF - user.js: browser.tabs.closeButtons - 1

FF - user.js: browser.tabs.opentabfor.middleclick - true

FF - user.js: browser.tabs.tabMinWidth - 100

FF - user.js: browser.urlbar.hideGoButton - false

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1206000.01D\symds64.sys [2011-6-17 450680]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1206000.01D\symefa64.sys [2011-6-17 912504]

R1 a2injectiondriver;a2injectiondriver;C:\Program Files (x86)\Mamutu\a2dix64.sys [2011-7-14 48216]

R1 a2util;a-squared Malware-IDS utility driver;C:\Program Files (x86)\Mamutu\a2util64.sys [2011-7-14 14720]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110701.001\BHDrvx64.sys [2011-7-5 1143416]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20110715.032\IDSviA64.sys [2011-7-16 488056]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]

R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1206000.01D\ironx64.sys [2011-6-17 171128]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1206000.01D\symnets.sys [2011-6-17 382584]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]

R2 acthelper;Ashampoo CoreTuner Helper Service;C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner\ACTHelperService.exe [2011-7-1 902488]

R2 AGCoreService;AG Core Services;C:\Program Files (x86)\AGI\core\4.2.0.10754\AGCoreService.exe [2011-6-17 20480]

R2 CachemanService;Cacheman Service;C:\Program Files (x86)\Cacheman\CachemanServ.exe [2011-3-28 235872]

R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]

R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992]

R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-6-8 13336]

R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-6-8 2375168]

R2 Mamutu;Mamutu Service;C:\Program Files (x86)\Mamutu\a2service.exe [2011-7-14 2978720]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-7-16 366640]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe [2011-6-17 130008]

R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-6-8 2538520]

R3 a2acc;a2acc;C:\Program Files (x86)\Mamutu\a2accx64.sys [2011-7-14 85800]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]

R3 DKRtWrt;DKRtWrt;C:\Windows\System32\drivers\DKRtWrt.sys [2011-6-17 44624]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-6-28 136824]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]

R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-26 158976]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-15 317440]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-7-3 25912]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-6-8 1360960]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-21 452200]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-18 135664]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-18 135664]

S3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160]

S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-6-8 335464]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-6-18 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2011-07-17 00:20:58 709968 ----a-w- C:\Windows\isRS-000.tmp

2011-07-16 00:48:00 295936 ----a-w- C:\Windows\SysWow64\appmgr.dll

2011-07-16 00:48:00 -------- d-----w- C:\Windows\SysWow64\GPBAK

2011-07-16 00:47:57 707354 ----a-w- C:\Windows\unins000.exe

2011-07-15 22:57:50 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\OverDrive

2011-07-15 13:02:37 8873296 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1DEC412D-84BA-4109-AFF9-D9A9D8F2A94E}\mpengine.dll

2011-07-15 01:20:00 -------- d-----w- C:\Users\FrankCarol\Calibre Library

2011-07-15 01:19:59 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\calibre

2011-07-15 00:38:28 -------- d-----w- C:\Program Files (x86)\Calibre2

2011-07-15 00:35:17 -------- d-----w- C:\Program Files (x86)\OverDrive Media Console

2011-07-14 15:31:56 -------- d-----w- C:\Program Files (x86)\Mamutu

2011-07-14 00:22:25 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Stardock_Corporation

2011-07-13 15:17:18 -------- d-----w- C:\ProgramData\Innovative Solutions

2011-07-13 14:08:16 -------- d-----w- C:\Program Files (x86)\Downloaded Installers

2011-07-13 03:51:27 388096 ----a-r- C:\Users\FrankCarol\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-07-13 03:51:27 -------- d-----w- C:\Program Files (x86)\Trend Micro

2011-07-13 00:11:07 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2011-07-13 00:11:07 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys

2011-07-13 00:11:07 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2011-07-13 00:11:07 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2011-07-13 00:11:07 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2011-07-13 00:11:07 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2011-07-13 00:11:07 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2011-07-13 00:10:59 3137536 ----a-w- C:\Windows\System32\win32k.sys

2011-07-12 15:46:19 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\WinZip

2011-07-12 15:46:11 -------- d-----w- C:\Program Files (x86)\WinZip Driver Updater

2011-07-12 15:12:46 -------- d-----w- C:\Users\FrankCarol\AppData\Local\WinZip

2011-07-11 21:08:03 134104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll

2011-07-10 00:57:58 -------- d-----w- C:\Users\FrankCarol\AppData\Local\ClipboardManager

2011-07-10 00:15:48 -------- d-----w- C:\Program Files (x86)\MSXML 4.0

2011-07-10 00:10:34 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Secunia PSI

2011-07-10 00:10:28 -------- d-----w- C:\Program Files (x86)\Secunia

2011-07-08 18:24:15 -------- d-----w- C:\Program Files (x86)\ClipboardHistory

2011-07-08 01:40:49 -------- d-----w- C:\Program Files (x86)\Microsoft Streets & Trips 2010

2011-07-08 01:39:23 -------- d-----w- C:\Program Files (x86)\MSECache

2011-07-07 21:40:45 -------- d-----w- C:\Program Files (x86)\Belarc

2011-07-07 14:06:48 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\Ditto

2011-07-07 14:06:40 -------- d-----w- C:\Program Files (x86)\Ditto

2011-07-07 00:37:24 -------- d-----w- C:\ProgramData\ProcessLasso

2011-07-07 00:37:07 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\ProcessLasso

2011-07-07 00:37:07 -------- d-----w- C:\Program Files\Process Lasso

2011-07-06 01:33:43 -------- d-----w- C:\Program Files\Paint.NET

2011-07-06 01:33:21 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Paint.NET

2011-07-06 01:18:46 2087424 ----a-w- C:\Windows\System32\ole32.dll

2011-07-06 01:18:46 1414656 ----a-w- C:\Windows\SysWow64\ole32.dll

2011-07-05 20:14:13 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Apps

2011-07-05 18:35:47 -------- d-----w- C:\Program Files\Smith Micro

2011-07-03 21:54:27 -------- d-----w- C:\Users\FrankCarol\AppData\Local\DuplicateCleaner

2011-07-03 21:54:19 -------- d-----w- C:\Program Files (x86)\Duplicate Cleaner

2011-07-03 16:49:30 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\Malwarebytes

2011-07-03 16:49:24 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-03 16:49:23 -------- d-----w- C:\ProgramData\Malwarebytes

2011-07-03 16:49:20 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-07-03 16:49:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-07-03 01:41:14 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\CrystalIdea Software

2011-07-02 20:17:17 -------- d-----w- C:\Users\FrankCarol\.gimp-2.6

2011-07-02 20:16:52 -------- d-----w- C:\Program Files (x86)\GIMP-2.0

2011-07-02 20:16:32 -------- d-----w- C:\Program Files (x86)\Switcher

2011-07-01 19:00:29 -------- d-----w- C:\Program Files\EnhanceMySe7en

2011-06-30 03:32:41 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Innovative Solutions

2011-06-30 03:32:39 -------- d-----w- C:\Program Files (x86)\Innovative Solutions

2011-06-29 20:42:24 34304 ----a-w- C:\Windows\System32\DfSdkBt.exe

2011-06-29 20:42:18 -------- d-----w- C:\Program Files (x86)\Ashampoo

2011-06-29 15:18:31 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\SUPERAntiSpyware.com

2011-06-29 15:18:31 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com

2011-06-29 15:18:24 -------- d-----w- C:\ProgramData\!SASCORE

2011-06-29 15:18:21 -------- d-----w- C:\Program Files\SUPERAntiSpyware

2011-06-28 22:24:28 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Hewlett-Packard_Developme

2011-06-28 15:34:05 462848 --sha-w- C:\EUMONBMP.SYS

2011-06-28 15:28:19 36232 ----a-w- C:\Windows\System32\drivers\eubakup.sys

2011-06-28 15:28:19 26504 ----a-w- C:\Windows\System32\drivers\eufs.sys

2011-06-28 15:28:19 193928 ----a-w- C:\Windows\System32\drivers\eudisk.sys

2011-06-28 15:28:19 17800 ----a-w- C:\Windows\System32\drivers\eudskacs.sys

2011-06-28 15:28:18 42888 ----a-w- C:\Windows\System32\drivers\EUBKMON.sys

2011-06-28 15:26:39 -------- d-----w- C:\Program Files (x86)\EASEUS

2011-06-26 23:54:10 -------- d-----w- C:\Windows\tessdata

2011-06-26 16:06:44 32824 ----a-w- C:\Windows\SysWow64\rrMon.sys

2011-06-25 21:12:13 -------- d-----w- C:\Program Files (x86)\SIW

2011-06-25 21:04:52 56496 ----a-w- C:\Windows\SysWow64\wbhelp2.dll

2011-06-25 21:04:52 544768 ----a-w- C:\Windows\SysWow64\wbocx.ocx

2011-06-25 21:04:52 258352 ----a-w- C:\Windows\SysWow64\unicows.dll

2011-06-25 21:04:51 4608 ----a-w- C:\Windows\SysWow64\W95INF32.DLL

2011-06-25 21:04:51 33968 ----a-w- C:\Windows\SysWow64\anim.dll

2011-06-25 21:04:51 2272 ----a-w- C:\Windows\SysWow64\W95INF16.DLL

2011-06-25 21:04:51 1706800 ----a-w- C:\Windows\SysWow64\gdiplus.dll

2011-06-25 20:45:51 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\GlarySoft

2011-06-25 00:56:26 8873296 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2011-06-25 00:56:20 8873296 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll

2011-06-25 00:41:50 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\CBS Interactive

2011-06-24 22:56:57 -------- d-----w- C:\Windows\System32\inf32

2011-06-24 17:57:37 145792 ----a-w- C:\Windows\System32\drivers\E1G6032E.sys

2011-06-24 17:16:02 9728 ----a-w- C:\Windows\System32\Native.exe

2011-06-24 17:16:02 -------- d-----w- C:\ReimageUndo

2011-06-24 14:58:01 0 ----a-w- C:\Windows\SysWow64\ConduitEngine.tmp

2011-06-24 14:26:15 -------- d-----w- C:\rei

2011-06-24 14:26:11 -------- d-----w- C:\Program Files\Reimage

2011-06-24 01:08:13 1397248 ----a-w- C:\Windows\SysWow64\win_utilman.exe

2011-06-24 01:08:11 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\_MDLogs

2011-06-23 23:34:37 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Adobe

2011-06-23 13:09:16 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\TweakNow PowerPack 2011

2011-06-23 13:09:16 -------- d-----w- C:\Program Files (x86)\TweakNow PowerPack 2011

2011-06-22 21:32:29 -------- d-----w- C:\Program Files (x86)\COMODO

2011-06-21 01:38:13 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\SeriousBit

2011-06-20 23:34:13 -------- d-----w- C:\Attachments

2011-06-19 19:51:00 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll

2011-06-19 19:51:00 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll

2011-06-19 19:18:27 -------- d-----w- C:\Program Files (x86)\Cacheman

2011-06-19 15:17:14 -------- d-----w- C:\Program Files (x86)\Hard Disk Sentinel

2011-06-19 14:57:22 1852416 ----a-w- C:\Windows\SysWow64\wisoutlit.dll

2011-06-19 14:32:13 -------- d-----w- C:\ProgramData\Blio

2011-06-19 14:32:09 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\Blio

2011-06-19 14:15:44 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\FixCleaner

2011-06-19 14:15:29 -------- d-----w- C:\Program Files (x86)\FixCleaner

2011-06-19 13:56:11 -------- d-sh--w- C:\Diskeeper

2011-06-19 13:54:30 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Lookeen

2011-06-19 13:54:22 -------- d-----w- C:\Users\FrankCarol\AppData\Local\assembly

2011-06-19 13:54:14 -------- d-----w- C:\Program Files (x86)\Axonic

2011-06-19 02:40:29 -------- d-----w- C:\Windows\SysWow64\Wat

2011-06-19 02:40:29 -------- d-----w- C:\Windows\System32\Wat

2011-06-19 02:16:27 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Wisco

2011-06-19 02:15:59 -------- d-----w- C:\ProgramData\Wisco

2011-06-19 02:15:59 -------- d-----w- C:\Program Files (x86)\Wisco

2011-06-19 01:40:01 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-06-19 01:11:46 -------- d-----w- C:\Program Files (x86)\thinkorswim

2011-06-19 00:34:22 -------- d-----w- C:\Program Files\CCleaner

2011-06-19 00:34:18 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Google

2011-06-19 00:26:31 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Conduit

2011-06-18 23:18:50 142336 ----a-w- C:\Windows\System32\poqexec.exe

2011-06-18 23:18:50 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe

2011-06-18 02:21:25 -------- d-----w- C:\Program Files\Microsoft IntelliPoint

2011-06-18 01:58:41 -------- d-----w- C:\Users\FrankCarol\AppData\Local\CrashDumps

2011-06-18 01:45:46 -------- d-----w- C:\Program Files (x86)\Pure Networks

2011-06-18 01:45:07 33328 ----a-w- C:\Windows\System32\drivers\pnarp.sys

2011-06-18 01:45:04 35376 ----a-w- C:\Windows\System32\drivers\purendis.sys

2011-06-18 01:45:03 -------- d-----w- C:\Program Files (x86)\Common Files\Pure Networks Shared

2011-06-18 01:44:47 -------- d-----w- C:\ProgramData\Pure Networks

2011-06-18 01:37:44 -------- d-----w- C:\Program Files (x86)\Uninstall Tool

2011-06-18 00:42:24 5120 ------w- C:\Windows\SysWow64\chkvdisk.exe

2011-06-18 00:42:24 105928 ------w- C:\Windows\System32\drivers\Shield.sys

2011-06-18 00:42:18 -------- d-----w- C:\Windows\SysWow64\configfix

2011-06-18 00:41:08 -------- d-----w- C:\Program Files (x86)\Shield

2011-06-18 00:35:45 53904 ----a-w- C:\Windows\System32\wbload.dll

2011-06-18 00:35:30 57904 ----a-w- C:\Windows\SysWow64\wbload.dll

2011-06-18 00:32:13 -------- d-----w- C:\Program Files (x86)\Common Files\Stardock

2011-06-18 00:32:12 -------- d-----w- C:\Program Files (x86)\Stardock

2011-06-18 00:29:27 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\Stardock

2011-06-18 00:29:22 -------- d-----w- C:\ProgramData\Gibraltar

2011-06-18 00:29:18 -------- d-----w- C:\Program Files (x86)\Impulse

2011-06-18 00:29:09 -------- dc-h--w- C:\ProgramData\{F17D9C21-2BB9-4DE6-A952-721D90A7029A}

2011-06-18 00:28:53 -------- d-----w- C:\Users\FrankCarol\AppData\Local\PackageAware

2011-06-18 00:27:06 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\RoboForm

2011-06-18 00:14:27 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\Webshots

2011-06-18 00:14:14 -------- d-----w- C:\Program Files (x86)\Webshots

2011-06-18 00:14:02 -------- d-----w- C:\Program Files (x86)\AGI

2011-06-18 00:12:37 -------- d-----w- C:\ProgramData\agi

2011-06-17 23:54:31 -------- d-----w- C:\Program Files (x86)\Siber Systems

2011-06-17 23:45:35 44624 ----a-w- C:\Windows\System32\drivers\DKRtWrt.sys

2011-06-17 23:45:30 -------- d-----w- C:\ProgramData\Diskeeper Corporation

2011-06-17 23:45:30 -------- d-----w- C:\Program Files\Diskeeper Corporation

2011-06-17 23:45:30 -------- d-----w- C:\Program Files\Common Files\Diskeeper Corporation

2011-06-17 23:40:47 83968 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPA1.DLL

2011-06-17 23:40:47 28672 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDA1.DLL

2011-06-17 23:05:11 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe

2011-06-17 23:05:11 31232 ----a-w- C:\Windows\System32\prevhost.exe

2011-06-17 22:57:59 1395712 ----a-w- C:\Windows\System32\mfc42.dll

2011-06-17 22:53:39 -------- d-----w- C:\Users\FrankCarol\AppData\Local\WindowsUpdate

2011-06-17 22:47:37 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8

2011-06-17 22:36:51 -------- d-----w- C:\Windows\SHELLNEW

2011-06-17 22:36:03 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Microsoft Help

2011-06-17 22:29:36 -------- d-----w- C:\Users\FrankCarol\AppData\Local\GPSoftware

2011-06-17 22:29:21 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\GPSoftware

2011-06-17 22:29:10 -------- d-----w- C:\ProgramData\GPSoftware

2011-06-17 22:29:10 -------- d-----w- C:\Program Files\GPSoftware

2011-06-17 22:18:35 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\Tific

2011-06-17 22:18:35 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Symantec

2011-06-17 22:12:47 -------- d-----w- C:\Users\FrankCarol\AppData\Local\ElevatedDiagnostics

2011-06-17 19:16:19 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared

2011-06-17 19:15:07 912504 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\symefa64.sys

2011-06-17 19:15:07 744568 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\srtsp64.sys

2011-06-17 19:15:07 450680 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\symds64.sys

2011-06-17 19:15:07 40568 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\srtspx64.sys

2011-06-17 19:15:07 382584 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\symnets.sys

2011-06-17 19:15:07 171128 ----a-w- C:\Windows\System32\drivers\NISx64\1206000.01D\ironx64.sys

2011-06-17 19:14:58 -------- d-----w- C:\Windows\System32\drivers\NISx64\1206000.01D

2011-06-17 18:14:49 -------- dc----w- C:\Users\FrankCarol\AppData\Local\MigWiz

2011-06-17 18:14:18 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\Intel Corporation

2011-06-17 18:14:14 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\Synaptics

2011-06-17 18:13:12 -------- d-----w- C:\Users\FrankCarol\AppData\Roaming\hpqlog

2011-06-17 18:13:05 -------- d-----w- C:\Users\FrankCarol\AppData\Local\RemEngine

2011-06-17 18:06:44 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Hewlett-Packard

2011-06-17 18:06:32 -------- d-----w- C:\Users\FrankCarol\AppData\Local\Hewlett-Packard_Company

2011-06-17 18:05:29 -------- d-----w- C:\Users\FrankCarol\AppData\Local\VirtualStore

.

==================== Find3M ====================

.

2011-06-30 14:03:59 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2011-06-30 14:03:59 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll

2011-06-30 14:03:57 902144 ----a-w- C:\Windows\System32\d2d1.dll

2011-06-30 14:03:57 1544192 ----a-w- C:\Windows\System32\DWrite.dll

2011-06-30 14:03:57 1137664 ----a-w- C:\Windows\System32\FntCache.dll

2011-06-24 17:39:06 951680 ----a-w- C:\Windows\System32\drivers\ndis.sys

2011-06-17 19:15:08 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

2011-06-03 06:57:45 362496 ----a-w- C:\Windows\System32\wow64win.dll

2011-06-03 06:57:45 243200 ----a-w- C:\Windows\System32\wow64.dll

2011-06-03 06:57:45 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2011-06-03 06:57:44 214528 ----a-w- C:\Windows\System32\winsrv.dll

2011-06-03 06:57:38 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2011-06-03 06:56:38 421888 ----a-w- C:\Windows\System32\KernelBase.dll

2011-06-03 06:53:33 338944 ----a-w- C:\Windows\System32\conhost.exe

2011-06-03 06:00:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2011-06-03 05:57:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2011-06-03 05:57:33 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2011-06-03 05:56:12 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2011-06-03 05:56:11 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2011-06-03 03:53:31 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2011-06-03 03:53:31 2048 ----a-w- C:\Windows\SysWow64\user.exe

2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2011-05-24 23:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe

2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll

2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll

2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll

2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll

2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe

2011-05-04 08:52:22 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-05-04 05:25:03 2315776 ----a-w- C:\Windows\System32\tquery.dll

2011-05-04 05:22:25 778752 ----a-w- C:\Windows\System32\mssvp.dll

2011-05-04 05:22:25 2223616 ----a-w- C:\Windows\System32\mssrch.dll

2011-05-04 05:22:24 75264 ----a-w- C:\Windows\System32\msscntrs.dll

2011-05-04 05:22:24 491520 ----a-w- C:\Windows\System32\mssph.dll

2011-05-04 05:22:24 288256 ----a-w- C:\Windows\System32\mssphtb.dll

2011-05-04 05:19:28 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe

2011-05-04 05:19:28 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe

2011-05-04 05:19:28 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe

2011-05-04 04:34:43 1549312 ----a-w- C:\Windows\SysWow64\tquery.dll

2011-05-04 04:32:02 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll

2011-05-04 04:32:01 337408 ----a-w- C:\Windows\SysWow64\mssph.dll

2011-05-04 04:32:01 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll

2011-05-04 04:32:01 1401344 ----a-w- C:\Windows\SysWow64\mssrch.dll

2011-05-04 04:32:00 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll

2011-05-04 04:28:31 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe

2011-05-04 04:28:31 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe

2011-05-04 04:28:31 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe

2011-05-03 05:29:29 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2011-05-03 04:30:02 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll

2011-05-01 20:29:17 331805736 ----a-w- C:\xpsp3.exe

2011-04-29 03:06:10 467456 ----a-w- C:\Windows\System32\drivers\srv.sys

2011-04-29 03:05:49 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys

2011-04-29 03:05:37 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2011-04-27 02:40:40 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2011-04-27 02:39:40 289280 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

2011-04-27 02:39:37 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2011-04-25 05:33:51 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2011-04-25 02:34:03 499200 ----a-w- C:\Windows\System32\drivers\afd.sys

2011-04-22 22:15:29 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys

2011-04-21 21:46:54 1360960 ----a-w- C:\Windows\System32\drivers\netr28x.sys

2011-04-18 19:47:29 521448 ----a-w- C:\Windows\System32\deployJava1.dll

2011-04-18 19:45:37 97792 ----a-w- C:\Windows\SysWow64\vcljpg70.bpl

2011-04-18 19:45:37 778240 ----a-w- C:\Windows\SysWow64\rtl70.bpl

2011-04-18 19:45:37 64512 ----a-w- C:\Windows\SysWow64\vclsmp70.bpl

2011-04-18 19:45:37 52920 ----a-w- C:\Windows\SysWow64\ezUPBHook.dll

2011-04-18 19:45:37 319872 ----a-w- C:\Windows\SysWow64\ezseng.exe

2011-04-18 19:45:37 215040 ----a-w- C:\Windows\SysWow64\vclx70.bpl

2011-04-18 19:45:37 19640 ----a-w- C:\Windows\SysWow64\ezMAPIHelper.exe

2011-04-18 19:45:37 145592 ----a-w- C:\Windows\SysWow64\ezShellStart.exe

2011-04-18 19:45:37 1381376 ----a-w- C:\Windows\SysWow64\vcl70.bpl

2011-04-18 19:45:37 121016 ----a-w- C:\Windows\SysWow64\ezUninst.exe

2011-04-18 19:15:59 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2011-04-18 19:15:59 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2011-04-18 19:15:46 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll

2011-04-18 19:15:46 100864 ----a-w- C:\Windows\System32\fontsub.dll

2011-04-18 19:14:53 715776 ----a-w- C:\Windows\System32\kerberos.dll

2011-04-18 19:14:53 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll

.

============= FINISH: 20:36:28.71 ===============

Thanks again. Windows Explorer also stops responding and I have to restart explorer frequently. Anything in the logs that would apply to that problem?

Frank Turkovich

Link to post
Share on other sites

  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.