Laptop and Desktop Still infected with malware, virus etc after complete restore.

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.
R

roxy4130

Thread Starter
Joined
Nov 29, 2011
Messages
1
Hi all, first i would like to let you know I'm not a native English speaker so I'm sorry about the grammars and spelling errors.

First I'm a former paramedic in the army and due to an injury i started a new career in the IT as a coder in .net last year. So I'm not a expert but i pass the last week doing research and trying to understand the problem.

Since I'm a student i was able to got legal Microsoft Development Software such as Visual Studio, Expression, SQL Server etc..

Desktop 630i Specs

  • Dell XPS 630i (Windows 7 64 Bit Ultimate)
  • Visual Studio 2010
  • SQL Server 2008
  • Office Professional 2010 (Bought from the ultimate-steal student offer)
  • Netbean
  • Adobe CS5 Master Collection (Bought educational license)
  • Aptana Studio
  • Filezilla
  • EasyPHP
Asus Laptop


  • OS Version: Microsoft Windows 7 Édition Familiale Premium, Service Pack 1, 64 bit
  • Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz, Intel64 Family 6 Model 23 Stepping 10
  • Processor Count: 2
  • RAM: 4095 Mb
  • Graphics Card: NVIDIA GeForce GT 320M, 1024 Mb
  • Hard Drives: C: Total - 28901 MB, Free - 3842 MB; D: Total - 14996 MB, Free - 14902 MB;
  • Motherboard: ASUSTeK Computer Inc., K50ID
  • Antivirus: Norton Internet Security, Updated and Enabled
Here is the step I've done.

Everything started when i found my browser Internet Explorer 9 hanging almost all the time and a adobe flash player update each time i reboot my Desktop.


So i check my Windows Update and i was surprise to see any update installed within the last month. Auto-update is on)

Windows Firewall ON
Microsoft Security Essential ON

I was thinking is an network issue because my girlfriend laptop's (Asus Spec in signature) tell me their browser was slow too.

I ran a full scan (MSE) and the found nothing but during my research i discover some strange issue with my desktop like, shutdown, restarting, no more password prompt when screensaver and a lot of running process and almost all the time a 99% CPU.

And i decide to give a try to MSE real time protection using EICAR virus test and MSE did not found treat and same when i scan the file.

I took a look to my event tracker and i found a lot of error including with MSE, Security issues.
So i decide to restore my computer with the image and i update everything , i give a try to Avast Internet Security and Secunia Software Inspector.

The same day my computer show me a lot of errors issues in the event manager.
So i turn off the desktop, unplug the power cord and the network cable.

When i took a look to the Asus Laptop i saw similar issue, so i backup the documents to an external Hard disk and i restore the computer with the Hidden Partition Recovery.


I format the hard disk with two partition C and D and the have 430 gig unallocated.

I bought a new Cisco Router, new Ethernet cable and Norton Internet Security and update Windows on the Asus.

I change all my password on a friend computer.

I run a full Norton scan and he found threat on the fresh restored laptop. So now what should i do to make sure the Asus Laptop is clean and my Desktop.

I want to clean the Asus laptop before i do the job on the desktop

You will find all the requested info.

Thank you for your helps/advices :)


=================
Hijackthis Log
=====================
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:56:20, on 2011-11-29
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Marie-Christine\Desktop\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\IPS\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Protection logicielle (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\SysWOW64\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 18186 bytes


======================
DDS LOG
=====================

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Marie-Christine at 9:59:34 on 2011-11-29
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.2.1036.18.4095.2445 [GMT -5:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe
C:\Windows\SysWOW64\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\AsScrPro.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\mmc.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
uDefault_Page_URL = hxxp://asus.msn.com
mWinlogon: Userinit=userinit.exe,
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\IPS\IPSBHO.DLL
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
TCP: DhcpNameServer = 24.200.243.189 24.200.210.241 24.200.228.113
TCP: Interfaces\{8392A8D1-DC58-4B00-88BA-EC3D5EE74549} : DhcpNameServer = 24.200.243.189 24.200.210.241 24.200.228.113
TCP: Interfaces\{8392A8D1-DC58-4B00-88BA-EC3D5EE74549}\34963736F65393136393 : DhcpNameServer = 24.200.243.189 24.200.241.37 24.201.245.77
TCP: Interfaces\{8392A8D1-DC58-4B00-88BA-EC3D5EE74549}\3556270756E6472427F6E6A756 : DhcpNameServer = 24.200.243.189 24.200.241.37 24.201.245.77
TCP: Interfaces\{8392A8D1-DC58-4B00-88BA-EC3D5EE74549}\3556270756E6472427F6E6A756D26796379647565727 : DhcpNameServer = 24.200.243.189 24.200.241.37 24.201.245.77
TCP: Interfaces\{A0C0823C-1584-4C70-A621-D0D4AED32249} : DhcpNameServer = 24.200.243.189 24.200.241.37 24.201.245.77
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
{6D53EC84-6AAE-4787-AEEE-F4628F01010C}
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Marie-Christine\AppData\Roaming\Mozilla\Firefox\Profiles\5kwfh7qf.default\
FF - prefs.js: browser.startup.homepage - www.google.ca
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1302000.00A\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1302000.00A\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1302000.00A\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1302000.00A\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111114.002\BHDrvx64.sys [2011-11-14 1156216]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1302000.00A\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1302000.00A\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20111128.030\IDSviA64.sys [2011-11-28 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1302000.00A\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1302000.00A\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1302000.00A\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1302000.00A\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-11-25 366152]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\ccsvchst.exe [2011-11-25 138760]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Windows\SysWOW64\nvSCPAPISvr.exe [2009-12-11 239208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-26 138360]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-11-29 01:35:46 -------- d-----w- C:\Users\Marie-Christine\AppData\Roaming\PeerNetworking
2011-11-28 20:07:16 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\Mozilla
2011-11-28 18:40:55 -------- d-----w- C:\Windows\SysWow64\XPSViewer
2011-11-28 18:27:36 -------- d-----w- C:\inetpub
2011-11-28 15:30:35 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\Deployment
2011-11-28 13:52:08 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\Diagnostics
2011-11-27 01:54:05 -------- d-----w- C:\Program Files\Speccy
2011-11-27 00:27:14 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\CrashDumps
2011-11-27 00:06:31 -------- d-----w- C:\Program Files (x86)\My Company Name
2011-11-27 00:01:56 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\Seven Zip
2011-11-26 21:57:25 -------- d-----w- C:\Windows\System32\SPReview
2011-11-26 21:11:50 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\ElevatedDiagnostics
2011-11-26 21:06:44 -------- d-----w- C:\Windows\pss
2011-11-26 18:09:46 -------- d-----w- C:\XPCD
2011-11-26 17:25:54 -------- d-----w- C:\UBCD4Win
2011-11-26 06:32:15 -------- d-----w- C:\Windows\System32\EventProviders
2011-11-26 06:01:09 3584 ----a-w- C:\Windows\System32\drivers\pt-PT\tsusbflt.sys.mui
2011-11-26 06:01:08 3072 ----a-w- C:\Windows\System32\drivers\pt-PT\rdpwd.sys.mui
2011-11-26 05:59:59 4583424 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
2011-11-26 05:58:59 780008 ----a-w- C:\Windows\System32\ci.dll
2011-11-26 05:57:59 98304 ----a-w- C:\Windows\SysWow64\nslookup.exe
2011-11-26 05:56:54 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2011-11-26 05:56:54 2560 ----a-w- C:\Windows\System32\drivers\en-US\rdpwd.sys.mui
2011-11-26 05:56:51 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui
2011-11-26 05:56:51 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
2011-11-26 05:56:47 3584 ----a-w- C:\Windows\System32\drivers\fr-FR\tsusbflt.sys.mui
2011-11-26 05:56:41 2560 ----a-w- C:\Windows\System32\drivers\fr-FR\rdpwd.sys.mui
2011-11-26 05:56:35 3072 ----a-w- C:\Windows\System32\drivers\fr-FR\serscan.sys.mui
2011-11-26 05:56:33 3584 ----a-w- C:\Windows\System32\drivers\es-ES\tsusbflt.sys.mui
2011-11-26 05:56:33 2560 ----a-w- C:\Windows\System32\drivers\es-ES\rdpwd.sys.mui
2011-11-26 05:56:16 25600 ----a-w- C:\Windows\System32\drivers\es-ES\usbport.sys.mui
2011-11-26 05:56:15 3072 ----a-w- C:\Windows\System32\drivers\es-ES\Dot4usb.sys.mui
2011-11-26 05:56:01 3072 ----a-w- C:\Windows\System32\drivers\zh-CN\tsusbflt.sys.mui
2011-11-26 05:55:55 2560 ----a-w- C:\Windows\System32\drivers\zh-CN\rdpwd.sys.mui
2011-11-26 05:55:50 3584 ----a-w- C:\Windows\System32\drivers\zh-CN\sermouse.sys.mui
2011-11-26 05:55:50 24064 ----a-w- C:\Windows\System32\drivers\zh-CN\ndis.sys.mui
2011-11-26 05:55:39 3072 ----a-w- C:\Windows\System32\drivers\zh-TW\tsusbflt.sys.mui
2011-11-26 05:55:39 2560 ----a-w- C:\Windows\System32\drivers\zh-TW\rdpwd.sys.mui
2011-11-26 05:55:35 23552 ----a-w- C:\Windows\System32\drivers\zh-TW\usbport.sys.mui
2011-11-26 05:55:23 399872 ----a-w- C:\Windows\System32\dpx.dll
2011-11-26 05:55:23 189952 ----a-w- C:\Windows\SysWow64\wdscore.dll
2011-11-26 05:55:12 189952 ----a-w- C:\Windows\SysWow64\sqmapi.dll
2011-11-26 05:54:42 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2011-11-26 05:54:42 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2011-11-26 05:54:42 189952 ----a-w- C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll
2011-11-26 05:50:01 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-11-26 05:50:01 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2011-11-26 05:49:35 244736 ----a-w- C:\Windows\System32\sqmapi.dll
2011-11-26 04:03:01 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-11-26 04:03:01 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-11-26 04:03:01 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-11-26 04:03:01 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-11-26 04:03:01 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-11-26 04:03:01 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-11-26 04:03:01 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-11-26 04:02:44 2565632 ----a-w- C:\Windows\System32\esent.dll
2011-11-26 04:02:44 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-11-26 04:02:43 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2011-11-26 04:02:42 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-11-26 04:02:42 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-11-26 04:02:42 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-11-26 04:02:42 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-11-26 04:02:41 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-11-26 04:02:41 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-11-26 04:02:41 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-11-26 04:02:41 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-11-26 02:58:52 -------- d-----w- C:\ProgramData\ASUS WebStorage
2011-11-26 02:58:14 -------- d-----w- C:\Users\Marie-Christine\AppData\Roaming\EeeStorageUploader
2011-11-26 01:47:56 -------- d-----w- C:\Windows\SysWow64\Wat
2011-11-26 01:47:55 -------- d-----w- C:\Windows\System32\Wat
2011-11-26 00:15:01 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\Apps
2011-11-26 00:00:31 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-11-26 00:00:31 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-11-25 23:58:43 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-11-25 23:57:49 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-25 23:56:52 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-11-25 23:56:52 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-11-25 23:56:51 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-11-25 23:56:51 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-11-25 23:56:48 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-11-25 23:56:48 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-11-25 23:56:48 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-11-25 23:46:15 642944 ----a-w- C:\Windows\System32\winload.efi
2011-11-25 23:46:15 605552 ----a-w- C:\Windows\System32\winload.exe
2011-11-25 23:46:15 566208 ----a-w- C:\Windows\System32\winresume.efi
2011-11-25 23:46:15 518672 ----a-w- C:\Windows\System32\winresume.exe
2011-11-25 23:46:14 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2011-11-25 23:46:14 20352 ----a-w- C:\Windows\System32\kdusb.dll
2011-11-25 23:46:14 19328 ----a-w- C:\Windows\System32\kd1394.dll
2011-11-25 23:46:14 17792 ----a-w- C:\Windows\System32\kdcom.dll
2011-11-25 23:43:36 321024 ----a-w- C:\Windows\System32\d3d10_1core.dll
2011-11-25 23:42:58 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-11-25 23:42:58 207872 ----a-w- C:\Windows\System32\cfgmgr32.dll
2011-11-25 23:42:58 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-11-25 23:42:57 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-11-25 23:42:57 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-11-25 23:42:57 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2011-11-25 23:34:18 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-11-25 23:34:16 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-11-25 23:34:16 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-11-25 23:32:19 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-11-25 23:32:19 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-11-25 23:32:19 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-11-25 23:32:19 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-11-25 23:32:16 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-11-25 23:32:15 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-11-25 23:32:13 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-11-25 23:32:11 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-11-25 23:32:11 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-11-25 22:08:27 -------- d-----w- C:\Users\Marie-Christine\AppData\Roaming\Malwarebytes
2011-11-25 22:08:20 -------- d-----w- C:\ProgramData\Malwarebytes
2011-11-25 22:08:16 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-11-25 22:08:15 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-11-25 21:26:06 -------- d-----w- C:\Program Files (x86)\Cisco Systems
2011-11-25 21:02:10 -------- d-----w- C:\ProgramData\Cisco Systems
2011-11-25 21:00:15 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\NPE
2011-11-25 20:11:34 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\Adobe
2011-11-25 19:26:11 729720 ----a-w- C:\Windows\System32\drivers\NISx64\1302000.00A\srtsp64.sys
2011-11-25 19:26:11 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1302000.00A\symds64.sys
2011-11-25 19:26:11 401016 ----a-w- C:\Windows\System32\drivers\NISx64\1302000.00A\symnets.sys
2011-11-25 19:26:11 37496 ----a-w- C:\Windows\System32\drivers\NISx64\1302000.00A\srtspx64.sys
2011-11-25 19:26:11 1084024 ----a-w- C:\Windows\System32\drivers\NISx64\1302000.00A\symefa64.sys
2011-11-25 19:26:10 189560 ----a-w- C:\Windows\System32\drivers\NISx64\1302000.00A\ironx64.sys
2011-11-25 19:26:10 167048 ----a-w- C:\Windows\System32\drivers\NISx64\1302000.00A\ccsetx64.sys
2011-11-25 19:26:05 -------- d-----w- C:\Windows\System32\drivers\NISx64\1302000.00A
2011-11-25 19:14:05 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2011-11-25 19:13:15 43640 ----a-r- C:\Windows\System32\drivers\SymIMV.sys
2011-11-25 19:09:48 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2011-11-25 19:09:48 -------- d-----w- C:\Program Files\Symantec
2011-11-25 19:09:48 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2011-11-25 19:09:08 -------- d-----w- C:\Windows\System32\drivers\NISx64
2011-11-25 19:09:05 -------- d-----w- C:\ProgramData\Norton
2011-11-25 19:09:05 -------- d-----w- C:\Program Files (x86)\Norton Internet Security
2011-11-25 19:08:02 -------- d-----w- C:\ProgramData\NortonInstaller
2011-11-25 19:08:02 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2011-11-25 18:50:50 -------- d-----w- C:\Users\Marie-Christine\AppData\Roaming\Asus WebStorage
2011-11-25 18:34:02 -------- d-----w- C:\Windows\System32\log
2011-11-25 18:33:36 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\SRS Labs
2011-11-25 18:29:24 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2011-11-25 18:29:24 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2011-11-25 18:28:20 -------- d-----w- C:\Program Files (x86)\Microsoft
2011-11-25 18:27:12 4865408 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d948f2401ccab9f\Silverlight.2.0.exe
2011-11-25 18:26:56 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cfe4c5801ccab9f\DSETUP.dll
2011-11-25 18:26:56 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cfe4c5801ccab9f\DXSETUP.exe
2011-11-25 18:26:56 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cfe4c5801ccab9f\dsetup32.dll
2011-11-25 18:26:53 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\Power2Go
2011-11-25 18:26:50 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\VirtualStore
2011-11-25 18:26:22 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
.
==================== Find3M ====================
.
2011-11-26 22:11:41 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-11-26 22:11:36 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-09-29 04:03:32 3144704 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 10:00:21,18 ===============
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Total: 440 (members: 5, guests: 435)
Top