Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Does my Computer need attention?


  • This topic is locked This topic is locked
4 replies to this topic

#1 Nephilim1955

Nephilim1955

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:09:48 AM

Posted 21 April 2012 - 03:11 PM

I was instructed to start a new thread.

Here is my previous post.

http://www.bleepingcomputer.com/forums/topic450788.html

There is no odd behavior. But wanted an expert to take a look at my computer to see if it needs any attention. Thanks, in advance!


Here is the DDS Log Report.
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Nephilim1955 at 12:36:40 on 2012-04-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.12031.10034 [GMT -7:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\sysWow64\CtHdaSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_233_ActiveX.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\IPS\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Sound Blaster Recon3D PCIe Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe" /r
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h20364.www2.hp.com/CSMWeb/Customer/cabs/HPISDataManager.CAB
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{23DD9C3C-6F43-405E-8C6B-F05D101F2C53} : DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{2C81811A-8894-4FF9-9849-A4B0CBCD270A} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{2C81811A-8894-4FF9-9849-A4B0CBCD270A}\15559434B44425147523 : DhcpNameServer = 192.168.1.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\coIEPlg.dll
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
mRun-x64: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Sound Blaster Recon3D PCIe Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe" /r
mRun-x64: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]
R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120413.001\BHDrvx64.sys [2012-4-19 1160824]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120420.001\IDSviA64.sys [2012-4-20 488568]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0502000.00D\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0502000.00D\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 CtHdaSvc;SB Recon3D Service;C:\Windows\SysWOW64\CtHdaSvc.exe [2012-2-29 105472]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-8-5 681528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\5.2.0.13\ccsvchst.exe [2012-3-31 130008]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-11-23 1119768]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 cthda;SB Recon3D HDAudio;C:\Windows\system32\drivers\cthda.sys --> C:\Windows\system32\drivers\cthda.sys [?]
R3 CTHDB;SB Recon3D PCIe Audio Bus Filter;C:\Windows\system32\DRIVERS\CtHDb.sys --> C:\Windows\system32\DRIVERS\CtHDb.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-3-31 138360]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-7 253088]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-4-10 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-4-10 79360]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 rcmirror;rcmirror;C:\Windows\system32\DRIVERS\rcmirror.sys --> C:\Windows\system32\DRIVERS\rcmirror.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-04-21 19:31:55 -------- d-----w- C:\Users\Nephilim1955\AppData\Local\Windows Live
2012-04-21 19:31:24 -------- d-----w- C:\Users\Nephilim1955\AppData\Roaming\Windows Live Writer
2012-04-21 19:31:24 -------- d-----w- C:\Users\Nephilim1955\AppData\Local\Windows Live Writer
2012-04-21 16:59:41 -------- d-----w- C:\Users\Nephilim1955\AppData\Roaming\SUPERAntiSpyware.com
2012-04-21 16:58:54 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-04-21 16:58:54 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-04-21 16:28:26 -------- d-----w- C:\Users\Nephilim1955\AppData\Roaming\Malwarebytes
2012-04-21 15:57:11 -------- d-----w- C:\Users\Nephilim1955\AppData\Local\ATI
2012-04-21 15:56:10 -------- d-----w- C:\Users\Nephilim1955\AppData\Local\PDFC
2012-04-20 17:07:46 339320 ----a-w- C:\Windows\SysWow64\HMIPCore.dll
2012-04-19 21:19:32 500552 ----a-w- C:\Windows\System32\EasyRedirect64.dll
2012-04-19 21:19:30 360264 ----a-w- C:\Windows\SysWow64\EasyRedirect.dll
2012-04-19 18:48:09 -------- d-----w- C:\Program Files\Speccy
2012-04-17 22:34:14 -------- d-----w- C:\ProgramData\IncrediMail
2012-04-17 22:34:14 -------- d-----w- C:\ProgramData\IM
2012-04-17 11:17:21 8766112 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-15 16:25:08 -------- d-----w- C:\ProgramData\Premium
2012-04-15 16:23:15 -------- d-----w- C:\ProgramData\InstallMate
2012-04-14 22:40:28 -------- d-----w- C:\ProgramData\Kingsoft
2012-04-14 17:15:07 -------- d-----w- C:\ProgramData\Flood Light Games
2012-04-14 17:13:26 -------- d-----w- C:\Program Files (x86)\WildTangent Games
2012-04-13 13:43:44 -------- d-----w- C:\ProgramData\vsosdk
2012-04-13 13:12:07 -------- d-----w- C:\Program Files (x86)\DVDFab 8 Qt
2012-04-12 02:56:22 -------- d-----w- C:\ProgramData\Creative Labs
2012-04-12 02:21:10 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-04-12 02:21:09 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-04-12 02:21:09 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-04-12 02:21:08 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-04-12 02:21:08 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-04-12 02:21:08 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-04-12 02:21:08 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-04-11 04:38:55 90112 ------w- C:\Windows\Updreg.EXE
2012-04-11 04:38:46 809560 ----a-r- C:\Windows\SysWow64\tmpBD66.tmp
2012-04-11 04:38:46 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-04-11 04:38:46 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-04-11 04:38:46 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2012-04-11 04:38:46 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2012-04-11 04:38:33 2906587 ------w- C:\Windows\SysWow64\Sens_oal.dll
2012-04-11 04:38:33 1943040 ------w- C:\Windows\System32\Sens_oal.dll
2012-04-11 04:37:55 53248 ------w- C:\Windows\Ctregrun.exe
2012-04-11 04:37:49 7062 ----a-w- C:\Windows\SysWow64\audiopid.vxd
2012-04-11 04:37:02 88576 ------w- C:\Windows\System32\CTOPT399.dll
2012-04-11 04:37:02 79360 ------w- C:\Windows\SysWow64\CTOPT399.dll
2012-04-11 04:37:02 61440 ------w- C:\Windows\SysWow64\CTChkAud.dll
2012-04-11 04:37:02 49664 ------w- C:\Windows\System32\CTChkAud.dll
2012-04-11 04:37:02 42496 ------w- C:\Windows\System32\AddCat.exe
2012-04-11 04:36:55 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Labs Shared
2012-04-11 04:36:39 729088 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2012-04-11 04:36:39 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2012-04-11 04:36:39 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2012-04-11 04:36:39 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2012-04-11 04:36:39 192512 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2012-04-11 04:36:38 311428 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2012-04-11 04:36:38 188548 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2012-04-11 04:36:00 -------- d-----w- C:\Program Files\Creative
2012-04-11 04:35:40 3770 ----a-w- C:\Windows\cthdaENG.reg
2012-04-11 04:35:03 -------- d-----w- C:\Program Files (x86)\Creative
2012-04-10 11:04:29 -------- d-----w- C:\Program Files (x86)\Amazon
2012-04-08 06:34:15 -------- d-----w- C:\Windows\SysWow64\spool
2012-04-08 06:33:13 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2012-04-08 03:19:48 -------- d-----w- C:\Windows\Hewlett-Packard
2012-04-08 01:43:21 -------- d-----w- C:\Windows\pss
2012-04-07 21:52:35 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-07 21:52:35 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-06 22:56:59 -------- d-----w- C:\ProgramData\VirtualizedApplications
2012-04-06 12:07:55 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
2012-04-06 12:07:30 -------- d-----w- C:\ProgramData\YTD YouTube Downloader & Converter
2012-04-06 12:04:24 -------- d-----w- C:\ProgramData\Visan
2012-04-06 12:04:24 -------- d-----w- C:\ProgramData\HP Photo Creations
2012-04-06 12:04:24 -------- d-----w- C:\Program Files (x86)\HP Photo Creations
2012-04-06 10:29:40 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-04-06 03:46:29 -------- d-----w- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-04-03 11:10:23 -------- d-----w- C:\Program Files (x86)\AMD APP
2012-04-03 11:10:19 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2012-04-03 11:10:19 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2012-04-03 10:55:56 -------- d-----w- C:\ProgramData\LightScribe
2012-04-03 06:33:44 -------- d-----w- C:\Program Files\CCleaner
2012-04-03 06:22:34 -------- d-----w- C:\ProgramData\dvdfab
2012-04-03 05:53:14 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-04-03 05:53:14 -------- d-----w- C:\ProgramData\Malwarebytes
2012-04-03 05:53:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-02 13:38:48 40960 ----a-w- C:\Windows\SysWow64\ssubtmr6.dll
2012-04-02 13:38:48 36864 ----a-w- C:\Windows\SysWow64\trayicon_handler.ocx
2012-04-02 13:35:11 -------- d-----w- C:\ProgramData\boost_interprocess
2012-03-31 22:33:11 912504 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\symefa64.sys
2012-03-31 22:33:11 450680 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\symds64.sys
2012-03-31 22:33:11 40568 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\srtspx64.sys
2012-03-31 22:33:11 386168 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\symnets.sys
2012-03-31 22:33:10 744568 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\srtsp64.sys
2012-03-31 22:33:10 171128 ----a-r- C:\Windows\System32\drivers\N360x64\0502000.00D\ironx64.sys
2012-03-31 22:33:00 -------- d-----w- C:\Windows\System32\drivers\N360x64\0502000.00D
2012-03-31 15:55:19 -------- d-----w- C:\Downloads
2012-03-31 15:02:11 -------- d-----w- C:\ProgramData\WEBREG
2012-03-31 14:55:36 100352 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\HPZPPLHN.DLL
2012-03-31 14:50:54 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
2012-03-31 14:48:38 861184 ----a-w- C:\Windows\System32\hpowiav1.dll
2012-03-31 14:48:38 642360 ----a-w- C:\Windows\System32\hpzids40.dll
2012-03-31 14:48:38 498176 ----a-w- C:\Windows\System32\hpovst01.dll
2012-03-31 14:48:37 730624 ----a-w- C:\Windows\System32\hpotscl1.dll
2012-03-31 14:23:51 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-03-31 14:23:49 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-03-31 14:23:49 -------- d-----w- C:\Program Files\Symantec
2012-03-31 14:23:49 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2012-03-31 14:23:30 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
2012-03-31 14:23:30 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2012-03-31 14:23:24 -------- d-----w- C:\Windows\System32\drivers\N360x64
2012-03-31 14:23:23 -------- d-----w- C:\Program Files (x86)\Norton Security Suite
2012-03-31 14:21:44 -------- d-----w- C:\ProgramData\PCSettings
2012-03-31 10:08:47 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-03-31 10:08:47 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-03-31 10:08:47 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2012-03-31 09:48:50 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-31 09:48:50 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-31 09:47:06 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2012-03-31 08:51:22 -------- d-----w- C:\Windows\System32\SPReview
2012-03-31 08:51:11 -------- d-----w- C:\Windows\System32\EventProviders
2012-03-31 08:40:59 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2012-03-31 08:39:56 189952 ----a-w- C:\Windows\SysWow64\sqmapi.dll
2012-03-31 08:39:48 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2012-03-31 08:39:48 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2012-03-31 08:39:48 189952 ----a-w- C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll
2012-03-31 08:38:42 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2012-03-31 08:38:42 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2012-03-31 08:38:34 244736 ----a-w- C:\Windows\System32\sqmapi.dll
2012-03-31 08:16:49 2565632 ----a-w- C:\Windows\System32\esent.dll
2012-03-31 08:16:49 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2012-03-31 08:16:49 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-03-31 08:16:48 96768 ----a-w- C:\Windows\System32\fsutil.exe
2012-03-31 08:16:48 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2012-03-31 08:16:48 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2012-03-31 08:16:48 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2012-03-31 08:16:48 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-03-31 08:16:48 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2012-03-31 08:16:48 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2012-03-31 08:16:48 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2012-03-31 08:15:51 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2012-03-31 08:15:51 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2012-03-31 08:15:51 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2012-03-31 08:15:51 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2012-03-31 08:15:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2012-03-31 08:15:51 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2012-03-31 08:15:51 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-03-31 08:02:11 -------- d-----w- C:\Windows\SysWow64\Wat
2012-03-31 08:02:11 -------- d-----w- C:\Windows\System32\Wat
2012-03-31 05:46:38 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-03-31 05:42:46 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-31 05:42:45 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-31 05:42:45 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-31 05:42:45 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-31 05:42:45 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-31 05:14:00 -------- d-----w- C:\ProgramData\Recovery
2012-03-31 05:08:54 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2012-03-31 05:07:57 288640 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-03-31 05:06:57 321024 ----a-w- C:\Windows\System32\d3d10_1core.dll
2012-03-31 05:05:58 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2012-03-31 05:05:58 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2012-03-31 05:05:58 331776 ----a-w- C:\Windows\System32\oleacc.dll
2012-03-31 05:05:58 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2012-03-31 05:05:56 723456 ----a-w- C:\Windows\System32\EncDec.dll
2012-03-31 05:05:56 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2012-03-31 05:05:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-03-31 05:05:53 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-03-31 05:05:48 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-03-31 05:05:48 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-03-31 05:03:24 77312 ----a-w- C:\Windows\System32\packager.dll
2012-03-31 05:03:24 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-03-31 04:57:28 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FE013BE5-C3BD-42F4-9DF9-872068849D8A}\mpengine.dll
2012-03-31 04:57:28 279656 ------w- C:\Windows\System32\MpSigStub.exe
.
==================== Find3M ====================
.
2012-03-31 09:24:38 175616 ----a-w- C:\Windows\System32\msclmd.dll
2012-03-31 09:24:38 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-03-06 06:53:37 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-06 05:59:47 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-06 05:59:41 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-02-29 12:15:40 23640 ----a-w- C:\Windows\System32\drivers\CtHDb.sys
2012-02-29 12:15:18 1271384 ----a-w- C:\Windows\System32\drivers\cthda.sys
2012-02-29 12:10:38 112128 ----a-w- C:\Windows\System32\CtHdaS64.exe
2012-02-29 12:10:28 572928 ----a-w- C:\Windows\System32\CtHdaC64.dll
2012-02-29 12:09:28 105472 ----a-w- C:\Windows\SysWow64\CtHdaSvc.exe
2012-02-29 12:09:20 469504 ----a-w- C:\Windows\SysWow64\CtHdaCtl.dll
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-07 09:27:18 22528 ----a-w- C:\Windows\SysWow64\CtEpDef32.exe
2012-02-03 04:34:34 3145728 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 12:36:55.63 ===============

BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:04:48 PM

Posted 21 April 2012 - 05:20 PM

Good evening. :)

I'm a little confused - you say that your PC isn't demonstrating any odd behaviour but are wondering if it needs any attention. Do you have any reason at all to think that the PC has any issues?

So long, and thanks for all the fish.

 

 


#3 Nephilim1955

Nephilim1955
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:09:48 AM

Posted 21 April 2012 - 06:30 PM

Do you see anything wrong with my PC in the DDS log report? I ran OTL and saw a few odd entries. I asked the other guy if I could post it so someone could take a look at it. I was told to come here instead. Then, the instructions here were to post a DDS log. I did. Did you read my other post? The request was in there.

#4 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:04:48 PM

Posted 22 April 2012 - 02:21 PM

Good evening. :)

There are a number of log creating tools that are available and they differ to some degree or other in the data that they present. If there are entries in an OTL I'd like you someone to have a look at you will need to post that log as those lines may be specific to OTL.

So long, and thanks for all the fish.

 

 


#5 Nephilim1955

Nephilim1955
  • Topic Starter

  • Members
  • 100 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:09:48 AM

Posted 23 April 2012 - 09:14 AM

We ended up doing a system recovery. This computer is 14 months old. So, we decided to clean it out. Afterwards, we ran OTL again and all the strange entries were gone. Start to end, the entire process took about 90 minutes. Thank you, for your fast response.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users