1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Laptop and Desktop Still infected with malware, virus etc after complete restore.

Discussion in 'Virus & Other Malware Removal' started by roxy4130, Nov 29, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. roxy4130

    roxy4130 Thread Starter

    Joined:
    Nov 29, 2011
    Messages:
    1
    Hi all, first i would like to let you know I'm not a native English speaker so I'm sorry about the grammars and spelling errors.

    First I'm a former paramedic in the army and due to an injury i started a new career in the IT as a coder in .net last year. So I'm not a expert but i pass the last week doing research and trying to understand the problem.

    Since I'm a student i was able to got legal Microsoft Development Software such as Visual Studio, Expression, SQL Server etc..

    Desktop 630i Specs

    • Dell XPS 630i (Windows 7 64 Bit Ultimate)
    • Visual Studio 2010
    • SQL Server 2008
    • Office Professional 2010 (Bought from the ultimate-steal student offer)
    • Netbean
    • Adobe CS5 Master Collection (Bought educational license)
    • Aptana Studio
    • Filezilla
    • EasyPHP
    Asus Laptop


    • OS Version: Microsoft Windows 7 Édition Familiale Premium, Service Pack 1, 64 bit
    • Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz, Intel64 Family 6 Model 23 Stepping 10
    • Processor Count: 2
    • RAM: 4095 Mb
    • Graphics Card: NVIDIA GeForce GT 320M, 1024 Mb
    • Hard Drives: C: Total - 28901 MB, Free - 3842 MB; D: Total - 14996 MB, Free - 14902 MB;
    • Motherboard: ASUSTeK Computer Inc., K50ID
    • Antivirus: Norton Internet Security, Updated and Enabled
    Here is the step I've done.

    Everything started when i found my browser Internet Explorer 9 hanging almost all the time and a adobe flash player update each time i reboot my Desktop.


    So i check my Windows Update and i was surprise to see any update installed within the last month. Auto-update is on)

    Windows Firewall ON
    Microsoft Security Essential ON

    I was thinking is an network issue because my girlfriend laptop's (Asus Spec in signature) tell me their browser was slow too.

    I ran a full scan (MSE) and the found nothing but during my research i discover some strange issue with my desktop like, shutdown, restarting, no more password prompt when screensaver and a lot of running process and almost all the time a 99% CPU.

    And i decide to give a try to MSE real time protection using EICAR virus test and MSE did not found treat and same when i scan the file.

    I took a look to my event tracker and i found a lot of error including with MSE, Security issues.
    So i decide to restore my computer with the image and i update everything , i give a try to Avast Internet Security and Secunia Software Inspector.

    The same day my computer show me a lot of errors issues in the event manager.
    So i turn off the desktop, unplug the power cord and the network cable.

    When i took a look to the Asus Laptop i saw similar issue, so i backup the documents to an external Hard disk and i restore the computer with the Hidden Partition Recovery.


    I format the hard disk with two partition C and D and the have 430 gig unallocated.

    I bought a new Cisco Router, new Ethernet cable and Norton Internet Security and update Windows on the Asus.

    I change all my password on a friend computer.

    I run a full Norton scan and he found threat on the fresh restored laptop. So now what should i do to make sure the Asus Laptop is clean and my Desktop.

    I want to clean the Asus laptop before i do the job on the desktop

    You will find all the requested info.

    Thank you for your helps/advices :)


    =================
    Hijackthis Log
    =====================
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 09:56:20, on 2011-11-29
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Users\Marie-Christine\Desktop\HijackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
    O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\IPS\IPSBHO.DLL
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
    O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
    O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe
    O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
    O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: Protection logicielle (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\SysWOW64\nvSCPAPISvr.exe
    O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
    O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
    O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
    O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

    --
    End of file - 18186 bytes


    ======================
    DDS LOG
    =====================

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Marie-Christine at 9:59:34 on 2011-11-29
    Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.2.1036.18.4095.2445 [GMT -5:00]
    .
    AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\FBAgent.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe
    C:\Windows\SysWOW64\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\rundll32.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\AsScrPro.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\system32\mmc.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.ca/
    uDefault_Page_URL = hxxp://asus.msn.com
    mWinlogon: Userinit=userinit.exe,
    BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
    BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\IPS\IPSBHO.DLL
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\coIEPlg.dll
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
    TCP: DhcpNameServer = 24.200.243.189 24.200.210.241 24.200.228.113
    TCP: Interfaces\{8392A8D1-DC58-4B00-88BA-EC3D5EE74549} : DhcpNameServer = 24.200.243.189 24.200.210.241 24.200.228.113
    TCP: Interfaces\{8392A8D1-DC58-4B00-88BA-EC3D5EE74549}\34963736F65393136393 : DhcpNameServer = 24.200.243.189 24.200.241.37 24.201.245.77
    TCP: Interfaces\{8392A8D1-DC58-4B00-88BA-EC3D5EE74549}\3556270756E6472427F6E6A756 : DhcpNameServer = 24.200.243.189 24.200.241.37 24.201.245.77
    TCP: Interfaces\{8392A8D1-DC58-4B00-88BA-EC3D5EE74549}\3556270756E6472427F6E6A756D26796379647565727 : DhcpNameServer = 24.200.243.189 24.200.241.37 24.201.245.77
    TCP: Interfaces\{A0C0823C-1584-4C70-A621-D0D4AED32249} : DhcpNameServer = 24.200.243.189 24.200.241.37 24.201.245.77
    {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
    {6D53EC84-6AAE-4787-AEEE-F4628F01010C}
    {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
    TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Marie-Christine\AppData\Roaming\Mozilla\Firefox\Profiles\5kwfh7qf.default\
    FF - prefs.js: browser.startup.homepage - www.google.ca
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1302000.00A\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1302000.00A\SYMDS64.SYS [?]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1302000.00A\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1302000.00A\SYMEFA64.SYS [?]
    R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20111114.002\BHDrvx64.sys [2011-11-14 1156216]
    R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1302000.00A\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1302000.00A\ccSetx64.sys [?]
    R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20111128.030\IDSviA64.sys [2011-11-28 488568]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1302000.00A\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1302000.00A\Ironx64.SYS [?]
    R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1302000.00A\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1302000.00A\SYMNETS.SYS [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-11-25 366152]
    R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.2.0.10\ccsvchst.exe [2011-11-25 138760]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Windows\SysWOW64\nvSCPAPISvr.exe [2009-12-11 239208]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-26 138360]
    R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2011-11-29 01:35:46 -------- d-----w- C:\Users\Marie-Christine\AppData\Roaming\PeerNetworking
    2011-11-28 20:07:16 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\Mozilla
    2011-11-28 18:40:55 -------- d-----w- C:\Windows\SysWow64\XPSViewer
    2011-11-28 18:27:36 -------- d-----w- C:\inetpub
    2011-11-28 15:30:35 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\Deployment
    2011-11-28 13:52:08 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\Diagnostics
    2011-11-27 01:54:05 -------- d-----w- C:\Program Files\Speccy
    2011-11-27 00:27:14 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\CrashDumps
    2011-11-27 00:06:31 -------- d-----w- C:\Program Files (x86)\My Company Name
    2011-11-27 00:01:56 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\Seven Zip
    2011-11-26 21:57:25 -------- d-----w- C:\Windows\System32\SPReview
    2011-11-26 21:11:50 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\ElevatedDiagnostics
    2011-11-26 21:06:44 -------- d-----w- C:\Windows\pss
    2011-11-26 18:09:46 -------- d-----w- C:\XPCD
    2011-11-26 17:25:54 -------- d-----w- C:\UBCD4Win
    2011-11-26 06:32:15 -------- d-----w- C:\Windows\System32\EventProviders
    2011-11-26 06:01:09 3584 ----a-w- C:\Windows\System32\drivers\pt-PT\tsusbflt.sys.mui
    2011-11-26 06:01:08 3072 ----a-w- C:\Windows\System32\drivers\pt-PT\rdpwd.sys.mui
    2011-11-26 05:59:59 4583424 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe
    2011-11-26 05:58:59 780008 ----a-w- C:\Windows\System32\ci.dll
    2011-11-26 05:57:59 98304 ----a-w- C:\Windows\SysWow64\nslookup.exe
    2011-11-26 05:56:54 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
    2011-11-26 05:56:54 2560 ----a-w- C:\Windows\System32\drivers\en-US\rdpwd.sys.mui
    2011-11-26 05:56:51 6144 ----a-w- C:\Windows\System32\drivers\en-US\IPMIDrv.sys.mui
    2011-11-26 05:56:51 4608 ----a-w- C:\Windows\System32\drivers\en-US\kbdclass.sys.mui
    2011-11-26 05:56:47 3584 ----a-w- C:\Windows\System32\drivers\fr-FR\tsusbflt.sys.mui
    2011-11-26 05:56:41 2560 ----a-w- C:\Windows\System32\drivers\fr-FR\rdpwd.sys.mui
    2011-11-26 05:56:35 3072 ----a-w- C:\Windows\System32\drivers\fr-FR\serscan.sys.mui
    2011-11-26 05:56:33 3584 ----a-w- C:\Windows\System32\drivers\es-ES\tsusbflt.sys.mui
    2011-11-26 05:56:33 2560 ----a-w- C:\Windows\System32\drivers\es-ES\rdpwd.sys.mui
    2011-11-26 05:56:16 25600 ----a-w- C:\Windows\System32\drivers\es-ES\usbport.sys.mui
    2011-11-26 05:56:15 3072 ----a-w- C:\Windows\System32\drivers\es-ES\Dot4usb.sys.mui
    2011-11-26 05:56:01 3072 ----a-w- C:\Windows\System32\drivers\zh-CN\tsusbflt.sys.mui
    2011-11-26 05:55:55 2560 ----a-w- C:\Windows\System32\drivers\zh-CN\rdpwd.sys.mui
    2011-11-26 05:55:50 3584 ----a-w- C:\Windows\System32\drivers\zh-CN\sermouse.sys.mui
    2011-11-26 05:55:50 24064 ----a-w- C:\Windows\System32\drivers\zh-CN\ndis.sys.mui
    2011-11-26 05:55:39 3072 ----a-w- C:\Windows\System32\drivers\zh-TW\tsusbflt.sys.mui
    2011-11-26 05:55:39 2560 ----a-w- C:\Windows\System32\drivers\zh-TW\rdpwd.sys.mui
    2011-11-26 05:55:35 23552 ----a-w- C:\Windows\System32\drivers\zh-TW\usbport.sys.mui
    2011-11-26 05:55:23 399872 ----a-w- C:\Windows\System32\dpx.dll
    2011-11-26 05:55:23 189952 ----a-w- C:\Windows\SysWow64\wdscore.dll
    2011-11-26 05:55:12 189952 ----a-w- C:\Windows\SysWow64\sqmapi.dll
    2011-11-26 05:54:42 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
    2011-11-26 05:54:42 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
    2011-11-26 05:54:42 189952 ----a-w- C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll
    2011-11-26 05:50:01 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
    2011-11-26 05:50:01 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
    2011-11-26 05:49:35 244736 ----a-w- C:\Windows\System32\sqmapi.dll
    2011-11-26 04:03:01 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
    2011-11-26 04:03:01 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
    2011-11-26 04:03:01 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
    2011-11-26 04:03:01 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
    2011-11-26 04:03:01 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
    2011-11-26 04:03:01 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
    2011-11-26 04:03:01 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
    2011-11-26 04:02:44 2565632 ----a-w- C:\Windows\System32\esent.dll
    2011-11-26 04:02:44 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    2011-11-26 04:02:43 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
    2011-11-26 04:02:42 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
    2011-11-26 04:02:42 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
    2011-11-26 04:02:42 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
    2011-11-26 04:02:42 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
    2011-11-26 04:02:41 96768 ----a-w- C:\Windows\System32\fsutil.exe
    2011-11-26 04:02:41 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
    2011-11-26 04:02:41 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
    2011-11-26 04:02:41 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
    2011-11-26 02:58:52 -------- d-----w- C:\ProgramData\ASUS WebStorage
    2011-11-26 02:58:14 -------- d-----w- C:\Users\Marie-Christine\AppData\Roaming\EeeStorageUploader
    2011-11-26 01:47:56 -------- d-----w- C:\Windows\SysWow64\Wat
    2011-11-26 01:47:55 -------- d-----w- C:\Windows\System32\Wat
    2011-11-26 00:15:01 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\Apps
    2011-11-26 00:00:31 142336 ----a-w- C:\Windows\System32\poqexec.exe
    2011-11-26 00:00:31 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
    2011-11-25 23:58:43 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2011-11-25 23:57:49 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
    2011-11-25 23:56:52 1395712 ----a-w- C:\Windows\System32\mfc42.dll
    2011-11-25 23:56:52 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
    2011-11-25 23:56:51 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
    2011-11-25 23:56:51 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
    2011-11-25 23:56:48 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
    2011-11-25 23:56:48 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
    2011-11-25 23:56:48 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
    2011-11-25 23:46:15 642944 ----a-w- C:\Windows\System32\winload.efi
    2011-11-25 23:46:15 605552 ----a-w- C:\Windows\System32\winload.exe
    2011-11-25 23:46:15 566208 ----a-w- C:\Windows\System32\winresume.efi
    2011-11-25 23:46:15 518672 ----a-w- C:\Windows\System32\winresume.exe
    2011-11-25 23:46:14 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
    2011-11-25 23:46:14 20352 ----a-w- C:\Windows\System32\kdusb.dll
    2011-11-25 23:46:14 19328 ----a-w- C:\Windows\System32\kd1394.dll
    2011-11-25 23:46:14 17792 ----a-w- C:\Windows\System32\kdcom.dll
    2011-11-25 23:43:36 321024 ----a-w- C:\Windows\System32\d3d10_1core.dll
    2011-11-25 23:42:58 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
    2011-11-25 23:42:58 207872 ----a-w- C:\Windows\System32\cfgmgr32.dll
    2011-11-25 23:42:58 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
    2011-11-25 23:42:57 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
    2011-11-25 23:42:57 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
    2011-11-25 23:42:57 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
    2011-11-25 23:34:18 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2011-11-25 23:34:16 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2011-11-25 23:34:16 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2011-11-25 23:32:19 861696 ----a-w- C:\Windows\System32\oleaut32.dll
    2011-11-25 23:32:19 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
    2011-11-25 23:32:19 331776 ----a-w- C:\Windows\System32\oleacc.dll
    2011-11-25 23:32:19 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
    2011-11-25 23:32:16 976896 ----a-w- C:\Windows\System32\inetcomm.dll
    2011-11-25 23:32:15 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
    2011-11-25 23:32:13 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
    2011-11-25 23:32:11 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
    2011-11-25 23:32:11 31232 ----a-w- C:\Windows\System32\prevhost.exe
    2011-11-25 22:08:27 -------- d-----w- C:\Users\Marie-Christine\AppData\Roaming\Malwarebytes
    2011-11-25 22:08:20 -------- d-----w- C:\ProgramData\Malwarebytes
    2011-11-25 22:08:16 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-11-25 22:08:15 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-11-25 21:26:06 -------- d-----w- C:\Program Files (x86)\Cisco Systems
    2011-11-25 21:02:10 -------- d-----w- C:\ProgramData\Cisco Systems
    2011-11-25 21:00:15 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\NPE
    2011-11-25 20:11:34 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\Adobe
    2011-11-25 19:26:11 729720 ----a-w- C:\Windows\System32\drivers\NISx64\1302000.00A\srtsp64.sys
    2011-11-25 19:26:11 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1302000.00A\symds64.sys
    2011-11-25 19:26:11 401016 ----a-w- C:\Windows\System32\drivers\NISx64\1302000.00A\symnets.sys
    2011-11-25 19:26:11 37496 ----a-w- C:\Windows\System32\drivers\NISx64\1302000.00A\srtspx64.sys
    2011-11-25 19:26:11 1084024 ----a-w- C:\Windows\System32\drivers\NISx64\1302000.00A\symefa64.sys
    2011-11-25 19:26:10 189560 ----a-w- C:\Windows\System32\drivers\NISx64\1302000.00A\ironx64.sys
    2011-11-25 19:26:10 167048 ----a-w- C:\Windows\System32\drivers\NISx64\1302000.00A\ccsetx64.sys
    2011-11-25 19:26:05 -------- d-----w- C:\Windows\System32\drivers\NISx64\1302000.00A
    2011-11-25 19:14:05 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
    2011-11-25 19:13:15 43640 ----a-r- C:\Windows\System32\drivers\SymIMV.sys
    2011-11-25 19:09:48 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
    2011-11-25 19:09:48 -------- d-----w- C:\Program Files\Symantec
    2011-11-25 19:09:48 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
    2011-11-25 19:09:08 -------- d-----w- C:\Windows\System32\drivers\NISx64
    2011-11-25 19:09:05 -------- d-----w- C:\ProgramData\Norton
    2011-11-25 19:09:05 -------- d-----w- C:\Program Files (x86)\Norton Internet Security
    2011-11-25 19:08:02 -------- d-----w- C:\ProgramData\NortonInstaller
    2011-11-25 19:08:02 -------- d-----w- C:\Program Files (x86)\NortonInstaller
    2011-11-25 18:50:50 -------- d-----w- C:\Users\Marie-Christine\AppData\Roaming\Asus WebStorage
    2011-11-25 18:34:02 -------- d-----w- C:\Windows\System32\log
    2011-11-25 18:33:36 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\SRS Labs
    2011-11-25 18:29:24 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
    2011-11-25 18:29:24 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
    2011-11-25 18:28:20 -------- d-----w- C:\Program Files (x86)\Microsoft
    2011-11-25 18:27:12 4865408 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\d948f2401ccab9f\Silverlight.2.0.exe
    2011-11-25 18:26:56 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cfe4c5801ccab9f\DSETUP.dll
    2011-11-25 18:26:56 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cfe4c5801ccab9f\DXSETUP.exe
    2011-11-25 18:26:56 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\cfe4c5801ccab9f\dsetup32.dll
    2011-11-25 18:26:53 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\Power2Go
    2011-11-25 18:26:50 -------- d-----w- C:\Users\Marie-Christine\AppData\Local\VirtualStore
    2011-11-25 18:26:22 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
    .
    ==================== Find3M ====================
    .
    2011-11-26 22:11:41 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
    2011-11-26 22:11:36 175616 ----a-w- C:\Windows\System32\msclmd.dll
    2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2011-09-29 04:03:32 3144704 ----a-w- C:\Windows\System32\win32k.sys
    .
    ============= FINISH: 10:00:21,18 ===============
     
    roxy4130, Nov 29, 2011
    #1
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue.
View our Welcome Guide to learn how to use this site.
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Laptop Desktop Still
  1. conor75

    In Progress Dell Laptop Locked by 'Trojan Urausy'

    conor75, Sep 26, 2016 at 8:35 AM, in forum: Virus & Other Malware Removal
    Replies:
    24
    Views:
    374
    conor75
    Oct 1, 2016 at 11:49 AM
  2. helpmeplza

    In Progress My HP Pavilion Laptop freezes randomly

    helpmeplza, Sep 5, 2016, in forum: Virus & Other Malware Removal
    Replies:
    1
    Views:
    120
    askey127
    Sep 5, 2016
  3. Dano2

    In Progress Laptop badly infected almost not working

    Dano2, Aug 13, 2016, in forum: Virus & Other Malware Removal
    Replies:
    2
    Views:
    201
    kevinf80
    Aug 16, 2016
  4. Dano2

    Solved Getting hundreds of threats on new Dell Laptop

    Dano2, Aug 13, 2016, in forum: Virus & Other Malware Removal
    Replies:
    0
    Views:
    155
    Dano2
    Aug 13, 2016
  5. peter123abc1

    New My laptop is hacked ?

    peter123abc1, Aug 11, 2016, in forum: Virus & Other Malware Removal
    Replies:
    0
    Views:
    157
    peter123abc1
    Aug 11, 2016
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1028962