Results 1 to 2 of 2

Thread: Montera.Toolbar not removed

  1. 2013-06-18, 20:57 #1
    gdog355
    gdog355 is offline
    Junior Member gdog355's Avatar
    Join Date
    Jun 2013
    Location
    Winnetka, IL, US
    Posts
    1

    Default Montera.Toolbar not removed

    I hav run several spybot scans that indicate the spybot removed it, however after reboot it is always back.

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16490
    Run by George at 10:34:27 on 2013-06-18
    Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.8187.5464 [GMT -7:00]
    .
    AV: Windows Intune Endpoint Protection *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
    AV: Spybot - Search and Destroy *Enabled/Updated* {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
    SP: Windows Intune Endpoint Protection *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\System Center Operations Manager 2007\HealthService.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe
    C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
    C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
    C:\Windows\System32\tcpsvcs.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    C:\Windows\system32\nfsclnt.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
    C:\Windows\system32\svchost.exe -k HPService
    C:\Program Files\System Center Operations Manager 2007\MonitoringHost.exe
    C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
    C:\Program Files\Microsoft\OnlineManagement\Common\omsvchost2.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Logitech\SetPointP\SetPoint.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    uWindow Title = George
    mStart Page = about:blank
    uProxyServer = localhost:21320
    uProxyOverride =
    mWinlogon: Userinit = userinit.exe
    BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [cdloader] "C:\Users\George\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
    uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    StartupFolder: C:\Users\George\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
    IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} - hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab
    TCP: NameServer = 192.168.1.254
    TCP: Interfaces\{79C38F1A-9283-4959-ADB2-84ABFA1385EF} : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{79C38F1A-9283-4959-ADB2-84ABFA1385EF}\2375942554139353 : DHCPNameServer = 192.168.1.254
    TCP: Interfaces\{79C38F1A-9283-4959-ADB2-84ABFA1385EF}\76F6563786 : DHCPNameServer = 4.2.2.1
    Notify: SDWinLogon - SDWinLogon.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-mStart Page = hxxp://start.funmoods.com/?f=1&a=adknlg&chnl=adknlg&cd=2XzuyEtN2Y1L1QzutDtDtBtB0F0BtCyCtDtB0FyCtBtByD0EtN0D0Tzu0CtByCyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1524038736
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
    x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
    x64-SSODL: WebCheck - <orphaned>
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-10-24 189440]
    R1 SDHookDriver;Hook Test Driver;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [2013-5-23 63776]
    R2 {73526619-C24F-470B-9BED-53D455FBB5C6};Power Control [2012/09/09 00:18:44];C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [2012-4-17 146928]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203264]
    R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-9-9 90600]
    R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-9-9 78312]
    R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-9-9 299496]
    R2 HealthService;System Center Management;C:\Program Files\System Center Operations Manager 2007\HealthService.exe [2009-5-8 30592]
    R2 NfsClnt;Client for NFS;C:\Windows\System32\nfsclnt.exe [2011-5-28 65536]
    R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-9-9 82928]
    R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-5-23 1817560]
    R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-5-23 1033688]
    R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-5-23 171928]
    R2 SentinelKeysServer;Sentinel Keys Server;C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2007-4-27 316992]
    R2 SignalingAgent;Windows Intune Notification Service;C:\Program Files\Microsoft\OnlineManagement\Common\omsvchost2.exe [2011-9-20 44304]
    R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-6-10 270848]
    R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2011-9-1 76056]
    R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2011-9-1 15128]
    R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-10-24 40832]
    R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
    R3 NfsRdr;Client for NFS Redirector;C:\Windows\System32\drivers\nfsrdr.sys [2011-5-28 246272]
    R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 84864]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
    R3 RpcXdr;Server for NFS Open RPC (ONCRPC);C:\Windows\System32\drivers\rpcxdr.sys [2011-5-28 104960]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 WLMS;Windows Licensing Monitoring Service;C:\Windows\System32\wlms\wlms.exe [2009-7-14 19456]
    S3 ctxva51;Citrix Virtual Adapter;C:\Windows\System32\drivers\ctxva51.sys [2011-12-20 45720]
    S3 HP8207_8307;HP-HP8207_8307;C:\Windows\System32\drivers\HP8207_8307.sys [2010-2-4 15360]
    S3 lpasvc;Microsoft Policy Platform Local Authority;C:\Program Files\Microsoft Policy Platform\policyHost.exe [2011-10-27 53864]
    S3 lppsvc;Microsoft Policy Platform Processor;C:\Program Files\Microsoft Policy Platform\policyHost.exe [2011-10-27 53864]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-20 19456]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-5-20 57856]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-20 1255736]
    S4 AdtAgent;Operations Manager Audit Forwarding Service;C:\Windows\System32\AdtAgent.exe [2009-5-8 343936]
    .
    =============== Created Last 30 ================
    .
    2013-06-17 18:38:56 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A2774F7-CC9B-4984-AA76-DCA41C98D910}\offreg.dll
    2013-06-17 18:37:49 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4A2774F7-CC9B-4984-AA76-DCA41C98D910}\mpengine.dll
    2013-06-12 19:03:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-06-12 19:03:00 751104 ----a-w- C:\Windows\System32\win32spl.dll
    2013-06-12 19:03:00 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
    2013-06-12 19:02:59 1192448 ----a-w- C:\Windows\System32\certutil.exe
    2013-06-12 19:02:58 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
    2013-06-12 19:02:57 52224 ----a-w- C:\Windows\System32\certenc.dll
    2013-06-12 19:02:57 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
    2013-06-12 19:02:57 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
    2013-06-12 19:02:57 1464320 ----a-w- C:\Windows\System32\crypt32.dll
    2013-06-12 19:02:57 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
    2013-06-12 19:02:57 139776 ----a-w- C:\Windows\System32\cryptnet.dll
    2013-06-12 19:02:57 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2013-06-12 19:02:57 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
    2013-06-05 21:17:42 -------- d-----w- C:\Program Files\iPod
    2013-06-05 21:17:40 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-06-05 21:17:40 -------- d-----w- C:\Program Files\iTunes
    2013-06-05 21:17:40 -------- d-----w- C:\Program Files (x86)\iTunes
    2013-05-26 21:02:23 -------- d-----w- C:\SpybotBootCD
    2013-05-24 19:07:06 -------- d-----w- C:\Users\George\Prius
    2013-05-24 05:53:41 17272 ----a-w- C:\Windows\System32\sdnclean64.exe
    2013-05-24 05:53:34 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
    2013-05-24 04:18:42 -------- d-----w- C:\Users\George\AppData\Local\Programs
    2013-05-22 23:48:02 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
    2013-05-22 23:48:02 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
    2013-05-22 23:48:02 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
    2013-05-22 23:48:02 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
    2013-05-22 23:48:02 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
    2013-05-22 20:47:06 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2013-05-21 06:50:35 -------- d-----w- C:\Users\George\admin
    2013-05-21 05:02:54 -------- d-----w- C:\ProgramData\OT4DrvInstall
    2013-05-21 04:25:41 -------- d-----w- C:\Program Files (x86)\Kofax
    2013-05-21 04:24:18 -------- d-----w- C:\ProgramData\Kofax
    2013-05-21 04:13:24 -------- d-----w- C:\Users\George\AppData\Local\ElevatedDiagnostics
    2013-05-20 20:22:51 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
    2013-05-20 20:01:20 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
    2013-05-20 19:51:00 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
    2013-05-20 19:51:00 366592 ----a-w- C:\Windows\System32\qdvd.dll
    2013-05-20 19:50:53 209920 ----a-w- C:\Windows\System32\profsvc.dll
    2013-05-20 19:42:25 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
    2013-05-20 19:42:25 340992 ----a-w- C:\Windows\System32\schannel.dll
    2013-05-20 19:42:25 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
    2013-05-20 19:42:24 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
    2013-05-20 19:42:24 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
    2013-05-20 19:42:24 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2013-05-20 19:42:24 1448448 ----a-w- C:\Windows\System32\lsasrv.dll
    2013-05-20 19:42:21 3216384 ----a-w- C:\Windows\System32\msi.dll
    2013-05-20 19:42:20 2342400 ----a-w- C:\Windows\SysWow64\msi.dll
    2013-05-20 19:42:06 67072 ----a-w- C:\Windows\splwow64.exe
    2013-05-20 19:42:06 559104 ----a-w- C:\Windows\System32\spoolsv.exe
    2013-05-20 19:33:40 9728 ----a-w- C:\Windows\System32\Wdfres.dll
    2013-05-20 19:33:40 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
    2013-05-20 19:33:40 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
    2013-05-20 19:33:40 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
    2013-05-20 19:33:14 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
    2013-05-20 19:33:14 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
    2013-05-20 19:33:13 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
    2013-05-20 19:33:13 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
    2013-05-20 19:33:11 744448 ----a-w- C:\Windows\System32\WUDFx.dll
    2013-05-20 19:33:11 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
    2013-05-20 19:33:11 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
    2013-05-20 19:20:02 -------- d-----w- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
    2013-05-20 07:35:46 -------- d-----w- C:\Program Files (x86)\Visioneer
    .
    ==================== Find3M ====================
    .
    2013-06-11 20:21:00 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-06-11 20:21:00 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-05-17 03:09:56 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2013-05-17 03:02:29 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2013-05-17 03:01:13 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2013-05-17 02:56:09 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2013-05-17 02:56:00 599040 ----a-w- C:\Windows\System32\vbscript.dll
    2013-05-17 02:51:27 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-05-16 22:39:39 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-05-16 22:28:26 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-05-16 22:27:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2013-05-16 22:21:37 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2013-05-16 22:20:30 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2013-05-16 22:16:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
    2013-05-01 10:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
    2013-05-01 10:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
    2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
    2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
    2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
    2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
    2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
    2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
    2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
    2013-04-02 14:09:52 4550656 ----a-w- C:\Windows\SysWow64\GPhotos.scr
    .
    ============= FINISH: 10:38:51.77 ===============

    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-06-18 10:46:18
    -----------------------------
    10:46:18.949 OS Version: Windows x64 6.1.7601 Service Pack 1
    10:46:18.949 Number of processors: 2 586 0x1706
    10:46:18.949 ComputerName: XPSLAPTOP UserName: George
    10:46:20.790 Initialize success
    10:56:42.007 AVAST engine defs: 13061800
    10:57:09.759 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
    10:57:09.759 Disk 0 Vendor: ST9320421ASG DE16 Size: 305245MB BusType: 11
    10:57:09.868 Disk 0 MBR read successfully
    10:57:09.868 Disk 0 MBR scan
    10:57:09.931 Disk 0 Windows 7 default MBR code
    10:57:09.946 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 156 MB offset 63
    10:57:09.962 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 321536
    10:57:09.978 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31778816
    10:57:10.009 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 289627 MB offset 31983616
    10:57:10.087 Disk 0 scanning C:\Windows\system32\drivers
    10:57:24.439 Service scanning
    10:58:30.458 Modules scanning
    10:58:30.458 Disk 0 trace - called modules:
    10:58:30.474 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
    10:58:30.801 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007ccb730]
    10:58:30.801 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007b121f0]
    10:58:34.046 AVAST engine scan C:\Windows
    10:58:35.903 AVAST engine scan C:\Windows\system32
    11:02:26.447 AVAST engine scan C:\Windows\system32\drivers
    11:02:48.100 AVAST engine scan C:\Users\George
    11:07:33.471 AVAST engine scan C:\ProgramData
    11:09:16.981 Scan finished successfully
    11:09:30.772 Disk 0 MBR has been saved successfully to "C:\Users\George\Desktop\MBR.dat"
    11:09:30.772 The log file has been saved successfully to "C:\Users\George\Desktop\aswMBR.txt"
    Attached Files Attached Files
    George deTarnowsky
  2. 2013-07-04, 15:52 #2
    shelf life
    shelf life is offline
    Emeritus
    Join Date
    Nov 2005
    Location
    @localhost
    Posts
    6,066

    Default

    hi gdog355,

    Sorry for the delay. If you still need help simply reply back.
    How Can I Reduce My Risk?
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules