-
Computer #2 / Spybot can't remove files found.
Hello,
My name is Mike, I had help with another pc we had good results. Iwas told to run these.
I ran the TFC cleaner, Spybot, Updated Windows, Ran DDS and aswMBR.
I have Norton that I want to remove and install MS Anti .
Search results from Spybot - Search & Destroy
4/28/2013 6:10:18 PM
Scan took 00:48:27.
17 items found.
Yontoo.Pagerage: [SBI $71FBD431] Uninstall settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Yontoo.Pagerage: [SBI $71FBD431] Uninstall settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
SweetIM: [SBI $3C0145EF] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\SweetIM\simapp_id
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name
MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.17.2
Run by Mike at 18:57:20 on 2013-04-28
Microsoft Windows 7 Starter 6.1.7601.1.1252.1.1033.18.2036.1073 [GMT -4:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\aestsrv.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe
C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
C:\Users\Mike\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe
C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
C:\Program Files\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Norton Management\Engine\3.2.0.19\ccSvcHst.exe
C:\Program Files\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Users\Mike\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Mike\AppData\Local\DIRECTV Player\NDSPCShowServer.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Norton Zone\Engine\1.0.6.8\ccSvcHst.exe
C:\Program Files\Norton Zone\Engine\1.0.6.8\ccSvcHst.exe
C:\Windows\explorer.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.mycentraljersey.com/
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\norton internet security\engine\20.3.1.22\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton internet security\engine\20.3.1.22\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - c:\users\mike\appdata\roaming\defaulttab\defaulttab\DefaultTabBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\20.3.1.22\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\program files\norton internet security\engine\20.3.1.22\coieplg.dll
uRun: [] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [PCShowServer] "c:\users\mike\appdata\local\directv player\PCShowServerPMWrapper.exe"
uRun: [Spybot-S&D Cleaning] "c:\program files\spybot - search & destroy 2\SDCleaner.exe" /autoclean
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [BingDesktop] c:\program files\microsoft\bingdesktop\BingDesktop.exe /fromkey
mRun: [SDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"
mRunOnce: [SpybotDeletingE2730] "c:\program files\spybot - search & destroy 2\sddelfile.exe" "c:\program files\oapps\dler.exe"
StartupFolder: c:\users\mike\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect125.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{89A9C40B-DE3B-40DE-B565-C0AB56A950DB} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{89A9C40B-DE3B-40DE-B565-C0AB56A950DB}\07F6C697A6739313 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{89A9C40B-DE3B-40DE-B565-C0AB56A950DB}\07F6C697A67393F5568747 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{89A9C40B-DE3B-40DE-B565-C0AB56A950DB}\84F445D24555E414 : DHCPNameServer = 68.87.64.150 68.87.75.198
TCP: Interfaces\{89A9C40B-DE3B-40DE-B565-C0AB56A950DB}\E4544574541425F5548545 : DHCPNameServer = 192.168.1.250
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - c:\windows\system32\SSCbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - c:\windows\system32\SSCbFsMntNtf3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1403010.016\symds.sys [2013-4-16 367704]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1403010.016\symefa.sys [2013-4-16 934488]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.0.19\definitions\bashdefs\20130412.001\BHDrvx86.sys [2013-4-12 1000024]
R1 ccSet_MCLIENT;Norton Management Settings Manager;c:\windows\system32\drivers\mclient\0302000.013\ccSetx86.sys [2013-1-10 134304]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1403010.016\ccsetx86.sys [2013-4-16 134304]
R1 ccSet_NZ;Norton Zone Settings Manager;c:\windows\system32\drivers\nz\0100060.008\ccsetx86.sys [2013-4-28 134304]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.0.19\definitions\ipsdefs\20130426.001\IDSvix86.sys [2013-4-28 386720]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1403010.016\ironx86.sys [2013-4-16 175264]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\nis\1403010.016\symnets.sys [2013-4-16 338592]
R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2012-11-7 81920]
R2 AllShare Framework DMS;AllShare Framework DMS;c:\program files\samsung\allshare framework dms\1.3.06\AllShareFrameworkManagerDMS.exe [2012-10-23 406648]
R2 AllShare Play Service;AllShare Play Service;c:\program files\samsung\allshare play\AllShare Play Service.exe [2013-2-20 631368]
R2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\microsoft\bingdesktop\BingDesktopUpdater.exe [2013-3-22 168536]
R2 DefaultTabUpdate;DefaultTabUpdate;c:\users\mike\appdata\roaming\defaulttab\defaulttab\DTUpdate.exe [2013-3-8 107520]
R2 HPClientSvc;HP Client Services;c:\program files\hewlett-packard\hp client services\HPClientServices.exe [2010-10-11 246840]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\hewlett-packard\shared\HPDrvMntSvc.exe [2011-2-28 92216]
R2 HPWMISVC;HPWMISVC;c:\program files\hewlett-packard\hp quick launch\HPWMISVC.exe [2011-7-11 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2012-11-7 13336]
R2 MCLIENT;Norton Management;c:\program files\norton management\engine\3.2.0.19\ccSvcHst.exe [2013-1-10 143928]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\20.3.1.22\ccsvchst.exe [2013-4-16 144520]
R2 NZ;Norton Zone;c:\program files\norton zone\engine\1.0.6.8\ccsvchst.exe [2013-4-28 144520]
R2 RoxioNow Service;RoxioNow Service;c:\program files\roxio\roxionow player\RNowSvc.exe [2010-11-26 399344]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-4-28 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-4-28 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-4-28 168384]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-11-8 106656]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\drivers\rtl8192ce.sys [2012-11-7 1037416]
R3 SSCBFS3;SugarSync CallBack File System driver v3;c:\windows\system32\drivers\sscbfs3.sys [2013-2-22 295936]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 GamesAppService;GamesAppService;c:\program files\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
S3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files\hewlett-packard\hp connection manager\hpCMSrv.exe [2011-2-15 1071160]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-3-3 14848]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-3-3 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-3-3 27136]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2013-04-28 21:36:36 134304 ----a-r- c:\windows\system32\drivers\nz\0100060.008\ccsetx86.sys
2013-04-28 21:36:32 -------- d-----w- c:\windows\system32\drivers\nz\0100060.008
2013-04-28 20:16:32 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-04-28 20:16:03 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-04-28 20:15:53 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2013-04-28 20:14:55 -------- d-----w- c:\users\mike\appdata\local\Programs
2013-04-23 20:40:43 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-19 17:01:15 -------- d-----w- C:\8f443fa7ca8cb7044e86801e71c91ec6
2013-04-17 02:56:32 934488 ----a-w- c:\windows\system32\drivers\nis\1403010.016\symefa.sys
2013-04-17 02:56:32 367704 ----a-w- c:\windows\system32\drivers\nis\1403010.016\symds.sys
2013-04-17 02:56:32 338592 ----a-w- c:\windows\system32\drivers\nis\1403010.016\symnets.sys
2013-04-17 02:56:32 32344 ----a-w- c:\windows\system32\drivers\nis\1403010.016\srtspx.sys
2013-04-17 02:56:32 21400 ----a-r- c:\windows\system32\drivers\nis\1403010.016\symelam.sys
2013-04-17 02:56:31 602712 ----a-w- c:\windows\system32\drivers\nis\1403010.016\srtsp.sys
2013-04-17 02:56:31 175264 ----a-w- c:\windows\system32\drivers\nis\1403010.016\ironx86.sys
2013-04-17 02:56:31 134304 ----a-w- c:\windows\system32\drivers\nis\1403010.016\ccsetx86.sys
2013-04-17 02:56:06 14818 ----a-w- c:\windows\system32\drivers\nis\1403010.016\symvtcer.dat
2013-04-17 02:56:06 -------- d-----w- c:\windows\system32\drivers\nis\1403010.016
2013-04-17 02:54:24 -------- d-----w- c:\users\mike\Policastro's Zone
2013-04-10 18:45:00 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 18:44:59 196328 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 18:44:55 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 18:44:54 69632 ----a-w- c:\windows\system32\smss.exe
2013-04-10 18:44:54 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 18:44:54 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-03 17:25:11 92184 ----a-w- c:\programdata\microsoft\bingdesktop\updater\BingDesktopRestarter.exe
.
==================== Find3M ====================
.
2013-03-25 18:32:16 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-25 18:32:15 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-09 06:32:10 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-09 06:32:08 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-09 06:32:08 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-08 18:16:00 1037416 ----a-w- c:\windows\system32\drivers\rtl8192ce.sys
2013-03-06 10:38:36 421200 ----a-w- c:\windows\system32\msvcp100.dll
2013-02-21 10:30:16 1766912 ----a-w- c:\windows\system32\wininet.dll
2013-02-21 10:29:39 2877440 ----a-w- c:\windows\system32\jscript9.dll
2013-02-21 10:29:37 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-02-21 10:29:37 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-02-19 12:01:03 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-19 11:10:53 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-02-12 04:48:31 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-12 03:32:45 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-06 01:53:34 4659712 ----a-w- c:\windows\system32\Redemption.dll
2013-01-30 21:12:20 225024 ----a-w- c:\windows\system32\SSCbFsNetRdr3.dll
2013-01-30 21:12:06 159488 ----a-w- c:\windows\system32\SSCbFsMntNtf3.dll
2013-01-30 21:11:50 295936 ----a-w- c:\windows\system32\drivers\sscbfs3.sys
.
============= FINISH: 18:58:25.46 ===============
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-28 19:25:35
-----------------------------
19:25:35.748 OS Version: Windows 6.1.7601 Service Pack 1
19:25:35.748 Number of processors: 2 586 0x1C0A
19:25:35.748 ComputerName: MIKE-HP UserName: Mike
19:25:37.402 Initialize success
19:26:17.790 AVAST engine defs: 13042801
19:26:24.514 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
19:26:24.529 Disk 0 Vendor: Hitachi_ ESBO Size: 238475MB BusType: 3
19:26:24.701 Disk 0 MBR read successfully
19:26:24.701 Disk 0 MBR scan
19:26:24.717 Disk 0 Windows 7 default MBR code
19:26:24.732 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
19:26:24.763 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 220076 MB offset 409600
19:26:24.795 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 14135 MB offset 451125248
19:26:24.810 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 4063 MB offset 480073728
19:26:24.857 Disk 0 scanning sectors +488395120
19:26:25.060 Disk 0 scanning C:\Windows\system32\drivers
19:26:45.745 Service scanning
19:27:48.473 Modules scanning
19:28:01.047 Disk 0 trace - called modules:
19:28:01.093 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
19:28:01.109 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85e20860]
19:28:01.125 3 CLASSPNP.SYS[8883459e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x8472b028]
19:28:02.451 AVAST engine scan C:\Windows
19:28:06.678 AVAST engine scan C:\Windows\system32
19:33:49.068 AVAST engine scan C:\Windows\system32\drivers
19:34:11.563 AVAST engine scan C:\Users\Mike
19:37:29.683 AVAST engine scan C:\ProgramData
19:39:27.557 Scan finished successfully
19:39:46.402 Disk 0 MBR has been saved successfully to "C:\Users\Mike\Desktop\MBR.dat"
19:39:46.418 The log file has been saved successfully to "C:\Users\Mike\Desktop\aswMBR.txt"
Thanks
Mike
Last edited by ken545; 2013-05-04 at 15:04.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
