Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

my norton antivirus dosn't detect viruses my files are been damaged


  • This topic is locked This topic is locked
2 replies to this topic

#1 rock benson

rock benson

  • Members
  • 2 posts
  • OFFLINE
  •  

Posted 06 May 2014 - 11:53 PM

my norton antivirus dosn't detect viruses even though i update it regularly .some of my files are damaged .i recently temporally disabled  norton and when i enabled it again , and tried to open it,  it ran autofix saying that (norton antivirus has encountered an error).the problem wasn't resolved until i booted into safemood and opened norton then i rebooted and the issue was resolved.i scanned my memory card (micro sd) and norton reported no threat found but i use the memory card on my phone which has no antivirus and contains many files i downloaded from the internet from unsafe websites .also when i boot the computer ,the screen remains blue and continues loading for about 15 seconds before the normal screen appears and the mouse pointer will never move on the screen no matter how i stroke the touch pad until i pressThanks

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 8.0.7601.17514
Run by USER HP at 1:37:15 on 2014-05-07
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.44.1033.18.1900.507 [GMT 1:00]
.
AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\ccSvcHst.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\MTN F@stLink\AssistantServices.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\MTN F@stLink\UIExec.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit = userinit.exe
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ips\ipsbho.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\CoIEPlg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\CoIEPlg.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.2.0.18\CoIEPlg.dll
mRun: [UIExec] "C:\Program Files (x86)\MTN F@stLink\UIExec.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: Interfaces\{541D29BE-A5ED-4BE8-A423-5436E7B95D97} : NameServer = 10.109.2.97 10.11.12.14
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-5-6 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-5-6 208416]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NAVx64\1404000.028\symds64.sys [2014-5-2 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NAVx64\1404000.028\symefa64.sys [2014-5-2 1139800]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-5-6 1039096]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-5-6 423240]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [2014-4-9 1525976]
R1 ccSet_NAV;Norton AntiVirus Settings Manager;C:\Windows\System32\drivers\NAVx64\1404000.028\ccsetx64.sys [2014-5-2 169048]
R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\Windows\System32\drivers\NSTx64\7DD02000.012\ccSetx64.sys [2014-5-1 168096]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.2.0.19\Definitions\IPSDefs\20140505.001\IDSviA64.sys [2014-5-6 525016]
R1 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2014-5-1 88280]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NAVx64\1404000.028\ironx64.sys [2014-5-2 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NAVx64\1404000.028\symnets.sys [2014-5-2 433752]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2014-5-6 98208]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-6 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-5-6 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-5-6 85328]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-3-1 138400]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-1 76448]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-5-6 50344]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-1 28832]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-2-9 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-5-1 137648]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-5-1 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-5-1 119512]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-5-1 63192]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2014-5-6 335464]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-5-6 436840]
S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-1 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-1 298656]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-1 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-1 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-1 154272]
S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-1 280224]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 massfilter;Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2014-5-1 11776]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
.
=============== Created Last 30 ================
.
2014-05-06 23:39:30 -------- d-----w- C:\Users\USER HP\AppData\Local\Apps
2014-05-06 23:39:29 -------- d-----w- C:\Users\USER HP\AppData\Local\Deployment
2014-05-06 21:32:32 -------- d-----w- C:\Users\USER HP\AppData\Roaming\AVAST Software
2014-05-06 21:22:20 -------- d-----w- C:\Users\USER HP\AppData\Local\Google
2014-05-06 21:21:53 85328 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-05-06 21:21:53 208416 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-05-06 21:21:53 1039096 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-05-06 21:21:52 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-05-06 21:21:52 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-05-06 21:21:51 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-05-06 21:21:50 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-05-06 21:21:24 43152 ----a-w- C:\Windows\avastSS.scr
2014-05-06 21:20:16 -------- d-----w- C:\Program Files\AVAST Software
2014-05-06 20:56:09 169048 ----a-w- C:\Windows\System32\drivers\NSTx64\7DD04000.00A\ccsetx64.sys
2014-05-06 20:56:05 -------- d-----w- C:\Windows\System32\drivers\NSTx64\7DD04000.00A
2014-05-06 01:59:04 168096 ----a-w- C:\Windows\System32\drivers\NSTx64\7DD03030.013\ccsetx64.sys
2014-05-06 01:58:48 -------- d-----w- C:\Windows\System32\drivers\NSTx64\7DD03030.013
2014-05-06 01:31:56 -------- d-----w- C:\Users\USER HP\AppData\Local\CyberLink
2014-05-06 01:23:10 -------- d-----w- C:\Users\USER HP\AppData\Roaming\Intel Corporation
2014-05-06 01:23:00 -------- d-----w- C:\Users\USER HP\AppData\Roaming\Synaptics
2014-05-06 01:07:48 -------- d-----w- C:\Users\USER HP\AppData\Local\PDFC
2014-05-06 00:46:08 2736640 ----a-w- C:\Windows\System32\drivers\athrx.sys
2014-05-06 00:46:08 -------- d-----w- C:\Windows\Options
2014-05-06 00:46:07 63648 ----a-w- C:\Windows\System32\athihvui.dll
2014-05-06 00:46:07 443040 ----a-w- C:\Windows\System32\athihvs.dll
2014-05-06 00:46:07 -------- d-----w- C:\Windows\System32\nn-NO
2014-05-06 00:45:44 -------- d-----w- C:\Program Files (x86)\Cisco
2014-05-06 00:45:43 -------- d-----w- C:\Program Files (x86)\Atheros
2014-05-06 00:45:11 -------- d-----w- C:\ProgramData\Atheros
2014-05-06 00:44:03 -------- d-----w- C:\Program Files\Synaptics
2014-05-06 00:41:41 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll
2014-05-06 00:41:41 436840 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys
2014-05-06 00:41:41 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll
2014-05-06 00:39:28 437272 ----a-w- C:\Windows\System32\drivers\iaStor.sys
2014-05-06 00:33:44 -------- d-----w- C:\Windows\SysWow64\sda
2014-05-06 00:32:44 9888360 ----a-w- C:\Windows\SysWow64\RtsPStorIcon.dll
2014-05-06 00:32:44 335464 ----a-w- C:\Windows\System32\drivers\RtsPStor.sys
2014-05-06 00:30:21 -------- d-----w- C:\Program Files\Realtek
2014-05-06 00:30:20 -------- d-----w- C:\Windows\SysWow64\RTCOM
2014-05-05 22:50:27 -------- d-----w- C:\ProgramData\AVAST Software
2014-05-05 22:34:15 -------- d-----w- C:\Users\USER HP\AppData\Local\BMExplorer
2014-05-05 22:22:50 -------- d-----w- C:\Users\USER HP\AppData\Local\Hewlett-Packard
2014-05-05 01:15:07 19464 ----a-w- C:\Windows\System32\pdfc_port.dll
2014-05-05 01:15:01 -------- d-----w- C:\Program Files (x86)\PDF Complete
2014-05-05 01:11:37 -------- d-----w- C:\ProgramData\PDFC
2014-05-05 00:58:01 878080 ----a-w- C:\Windows\System32\advapi32.dll
2014-05-05 00:58:01 859648 ----a-w- C:\Windows\System32\tdh.dll
2014-05-05 00:58:01 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2014-05-05 00:58:01 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
2014-05-05 00:58:01 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
2014-05-05 00:58:01 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-05-05 00:58:01 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2014-05-05 00:58:01 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2014-05-05 00:58:01 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2014-05-05 00:58:01 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2014-05-05 00:58:01 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2014-05-05 00:58:01 112640 ----a-w- C:\Windows\System32\smss.exe
2014-05-05 00:57:11 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-05-05 00:57:11 327168 ----a-w- C:\Windows\System32\mswsock.dll
2014-05-05 00:57:11 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2014-05-05 00:57:11 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2014-05-05 00:56:56 -------- d-----w- C:\Users\USER HP\AppData\Roaming\hpqLog
2014-05-05 00:56:40 -------- d-----w- C:\ProgramData\{7A89BFAF-D4AA-434A-B652-6F880DD86278}
2014-05-05 00:56:37 68608 ----a-w- C:\Windows\System32\taskhost.exe
2014-05-05 00:50:21 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2014-05-05 00:50:21 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2014-05-05 00:47:38 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2014-05-05 00:47:37 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2014-05-05 00:47:37 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2014-05-05 00:47:37 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2014-05-05 00:43:19 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2014-05-05 00:43:19 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2014-05-05 00:43:19 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2014-05-05 00:42:07 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2014-05-05 00:42:07 1192448 ----a-w- C:\Windows\System32\certutil.exe
2014-05-05 00:42:06 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2014-05-05 00:42:06 52224 ----a-w- C:\Windows\System32\certenc.dll
2014-05-05 00:42:06 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2014-05-05 00:42:06 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2014-05-05 00:42:06 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2014-05-05 00:42:06 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2014-05-05 00:42:06 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2014-05-05 00:42:05 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2014-05-05 00:35:37 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros
2014-05-05 00:35:02 -------- d-----w- C:\Program Files (x86)\Bluetooth Suite
2014-05-05 00:32:22 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2014-05-05 00:31:33 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2014-05-05 00:31:33 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2014-05-05 00:31:33 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2014-05-05 00:31:33 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2014-05-05 00:31:33 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2014-05-05 00:30:40 8192 ----a-w- C:\Windows\System32\drivers\IntelMEFWVer.dll
2014-05-05 00:30:26 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2014-05-05 00:27:20 521448 ----a-w- C:\Windows\System32\deployJava1.dll
2014-05-05 00:25:40 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2014-05-05 00:20:32 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2014-05-05 00:20:32 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2014-05-05 00:20:32 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2014-05-05 00:20:32 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2014-05-05 00:20:32 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2014-05-05 00:20:27 77312 ----a-w- C:\Windows\System32\packager.dll
2014-05-05 00:20:27 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2014-05-05 00:18:50 -------- d-sh--w- C:\Windows\Installer
2014-05-04 23:28:19 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2014-05-04 23:28:08 99840 ----a-w- C:\Windows\System32\wudriver.dll
2014-05-04 23:27:55 36864 ----a-w- C:\Windows\System32\wuapp.exe
2014-05-04 23:27:55 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2014-05-04 23:24:00 168096 ----a-w- C:\Windows\System32\drivers\NSTx64\7DD03000.01A\ccsetx64.sys
2014-05-04 23:23:56 -------- d-----w- C:\Windows\System32\drivers\NSTx64\7DD03000.01A
2014-05-04 23:08:50 -------- d-----w- C:\Users\USER HP\AppData\Local\CrashDumps
2014-05-02 23:01:07 168096 ----a-w- C:\Windows\System32\drivers\NSTx64\7DD02010.021\ccsetx64.sys
2014-05-02 23:01:04 -------- d-----w- C:\Windows\System32\drivers\NSTx64\7DD02010.021
2014-05-02 05:02:31 -------- d-----w- C:\Users\USER HP\AppData\Roaming\WinZip
2014-05-02 05:02:24 -------- d-----w- C:\Program Files (x86)\WinZip Driver Updater
2014-05-02 04:48:25 -------- d-----w- C:\Users\USER HP\AppData\Local\DriverTuner
2014-05-02 04:48:03 -------- d-----w- C:\Program Files (x86)\DriverTuner
2014-05-02 04:33:33 796760 ----a-w- C:\Windows\System32\drivers\NAVx64\1404000.028\srtsp64.sys
2014-05-02 04:33:33 493656 ----a-w- C:\Windows\System32\drivers\NAVx64\1404000.028\symds64.sys
2014-05-02 04:33:33 433752 ----a-w- C:\Windows\System32\drivers\NAVx64\1404000.028\symnets.sys
2014-05-02 04:33:33 36952 ----a-w- C:\Windows\System32\drivers\NAVx64\1404000.028\srtspx64.sys
2014-05-02 04:33:33 23448 ----a-r- C:\Windows\System32\drivers\NAVx64\1404000.028\symelam.sys
2014-05-02 04:33:33 224416 ----a-w- C:\Windows\System32\drivers\NAVx64\1404000.028\ironx64.sys
2014-05-02 04:33:33 1139800 ----a-w- C:\Windows\System32\drivers\NAVx64\1404000.028\symefa64.sys
2014-05-02 04:33:32 169048 ----a-w- C:\Windows\System32\drivers\NAVx64\1404000.028\ccsetx64.sys
2014-05-02 04:33:21 -------- d-----w- C:\Windows\System32\drivers\NAVx64\1404000.028
2014-05-02 03:02:21 -------- d-----w- C:\Windows\Panther
2014-05-01 22:56:37 -------- d-----w- C:\Users\USER HP\AppData\Local\Diagnostics
2014-05-01 21:58:42 -------- d-----w- C:\Users\USER HP\AppData\Local\NPE
2014-05-01 21:58:21 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2014-05-01 21:27:10 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-01 21:26:25 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-01 21:26:25 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-01 21:26:25 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-01 21:26:25 -------- d-----w- C:\ProgramData\Malwarebytes
2014-05-01 21:26:25 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-01 21:25:53 -------- d-----w- C:\Users\USER HP\AppData\Local\Programs
2014-05-01 20:33:46 168096 ----a-r- C:\Windows\System32\drivers\NSTx64\7DD02000.012\ccSetx64.sys
2014-05-01 20:33:43 -------- d-----w- C:\Windows\System32\drivers\NSTx64\7DD02000.012
2014-05-01 20:33:43 -------- d-----w- C:\Windows\System32\drivers\NSTx64
2014-05-01 20:33:43 -------- d-----w- C:\Program Files (x86)\Norton Identity Safe
2014-05-01 20:33:37 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2014-05-01 20:33:37 -------- d-----w- C:\Program Files\Symantec
2014-05-01 20:33:37 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2014-05-01 20:31:16 -------- d-----w- C:\Windows\System32\drivers\NAVx64
2014-05-01 20:31:04 -------- d-----w- C:\Program Files (x86)\Norton AntiVirus
2014-05-01 20:30:59 -------- d-----w- C:\ProgramData\Norton
2014-05-01 19:37:05 123136 ----a-w- C:\Windows\System32\drivers\ZTEusbvoice.sys
2014-05-01 19:37:05 123136 ----a-w- C:\Windows\System32\drivers\ZTEusbser6k.sys
2014-05-01 19:37:05 123136 ----a-w- C:\Windows\System32\drivers\ZTEusbnmeaext2.sys
2014-05-01 19:37:05 123136 ----a-w- C:\Windows\System32\drivers\ZTEusbnmeaext.sys
2014-05-01 19:37:05 123136 ----a-w- C:\Windows\System32\drivers\ZTEusbnmea.sys
2014-05-01 19:37:05 123136 ----a-w- C:\Windows\System32\drivers\ZTEusbmdm6k.sys
2014-05-01 19:37:05 123136 ----a-w- C:\Windows\System32\drivers\ZTEusbgps.sys
2014-05-01 19:37:05 123136 ----a-w- C:\Windows\System32\drivers\ZTEusbdvbh.sys
2014-05-01 19:37:05 11776 ----a-w- C:\Windows\System32\drivers\massfilter.sys
2014-05-01 19:36:44 -------- d-----w- C:\Program Files (x86)\SupportAppCB
2014-05-01 19:36:37 -------- d-----w- C:\Program Files (x86)\MTN F@stLink
2014-05-01 19:30:33 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2014-05-01 18:43:33 -------- d-----w- C:\Users\USER HP\AppData\Local\Microsoft Games
2014-05-01 18:19:34 -------- d-----w- C:\ProgramData\NortonInstaller
2014-05-01 18:08:53 -------- d-sh--w- C:\Recovery
.
==================== Find3M  ====================
.
2014-05-01 18:09:45 419840 ----a-w- C:\Windows\System32\systemcpl.dll
2014-05-01 18:09:45 14848 ----a-w- C:\Windows\System32\slwga.dll
2014-05-01 18:09:45 13824 ----a-w- C:\Windows\SysWow64\slwga.dll
2014-05-01 18:09:44 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2014-05-01 18:09:44 1008640 ----a-w- C:\Windows\System32\user32.dll
2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-03-04 09:17:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-03-04 09:17:05 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe
.
============= FINISH:  1:39:38.76 ===============
 

any botton on the screen



BC AdBot (Login to Remove)

 


#2 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:08:59 PM

Posted 09 May 2014 - 03:40 PM

Hi rock benson

Please take note of the following:

1. Please do not run any other tools unless instructed.
2. Please don't install or uninstall anything unless asked.
3. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean.
4. If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.
5. Please reply to this thread. Do not start a new topic.


Step 1
It is not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either Avast or Norton AntiVirus.

Both of these products may well leave traces in your registry.
After uninstalling one of the AV's..... please run the corresponding Removal Tool to clean out any leftover entries.

If removing Norton:
Go to: Norton Removal Tool

Download it to your 'Desktop'.
Then click on the desktop icon to run the removal tool.

--------------

If removing Avast:
Download avastclear to your desktop
Restart Windows in Safe Mode
Open (execute) the uninstall utility
If you installed avast! in a different folder than the default, browse for it. (Note: Be careful! The content of any folder you choose will be deleted!)
Click REMOVE
Restart your computer.



Step 2
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop.
  • Double-click the downloaded icon to run the tool.

    frsticon_zpsdc3cbdc3.png
  • When the tool opens click Yes to disclaimer.

    frstdis_zps7f598f12.png
  • Make sure that Addition.txt is selected at the bottom
  • Press Scan button.

    frst_zps6548371f.png
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also.
.

In your next reply, please submit:
Both reports from FRST.


Thanks.

BBPP6nz.png


#3 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:08:59 PM

Posted 15 May 2014 - 12:28 PM

Due to the lack of feedback, this Topic will now be closed.

If you need this topic reopened, please request this by sending one of the Moderating team or an Administrator
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.

BBPP6nz.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users