Not found

This is a discussion on Not found within the Resolved HJT Threads forums, part of the Tech Support Forum category. I've been referred here by a fellow member. The original post is located here; http://www.techsupportforum.com/foru...d-1193602.html I'm not convinced I have


 
 
Thread Tools Search this Thread
Old 05-17-2017, 01:25 PM   #1
Registered Member
 
ron-e-g's Avatar
 
Join Date: Jul 2010
Location: Central Coast, CA.
Posts: 216
OS: Win. 7 ultimate SP1



I've been referred here by a fellow member. The original post is located here;Not Found? I'm not convinced I have malware or Trojans as I always use Microsoft security essentials, and keep it updated. But I do seem to have problems completing the tasks Corday asked. I do not have a CD or install disk for my Win 7 Ultimate. I have a Bootable usb drive with it. I would like to restore my IE Explorer if possible without OS re install. Thank You
Ron

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514
Run by Ron at 13:07:39 on 2017-05-17
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.24567.21691 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189}
SP: Microsoft Security Essentials *Enabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\M-Audio\Fast Track C600\AudioDevMon.exe
C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = myyahoo.com
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
uRun: [HP Officejet Pro 8620 (NET)] "C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe" -deviceID "CN465C403H:NW" -scfn "HP Officejet Pro 8620 (NET)" -AutoStart 1
mRun: [Conime] C:\Windows\System32\conime.exe
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\APCUPS~1.LNK - C:\Program Files (x86)\APC\APC PowerChute Personal Edition\Display.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &ieSpell Options - C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
IE: Check &Spelling - C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Lookup on Merriam Webster - C:\Program Files (x86)\ieSpell\Merriam Webster.HTM
IE: Lookup on Wikipedia - C:\Program Files (x86)\ieSpell\wikipedia.HTM
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{1D52BABE-F82C-476C-8E19-10D2A4CEEC83} : NameServer = 172.20.1.1
TCP: Interfaces\{23EFABCA-111D-433B-9B6B-BBA04F546AFE} : DHCPNameServer = 192.168.1.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - LocalServer32 - <no file>
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - LocalServer32 - <no file>
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Ron\AppData\Roaming\Mozilla\Firefox\Profiles\9q6uuus7.default-1494960953674\
FF - prefs.js: browser.startup.homepage - myyahoo.com
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrlui.dll
FF - plugin: C:\Users\Ron\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2016-8-25 295000]
R0 mv91cons;Marvell 91xx Config Device Driver;C:\Windows\System32\drivers\mv91cons.sys [2011-3-14 24880]
R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2009-12-25 297512]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-9-1 26528]
R1 Uim_VIM;UIM Virtual Image Plugin;C:\Windows\System32\drivers\uim_vimx64.sys [2012-6-4 389968]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 FastTrackC600AudioDevMon;Fast Track C600 Audio Device Monitor;C:\Program Files (x86)\M-Audio\Fast Track C600\AudioDevMon.exe [2014-8-18 574184]
R2 PaceLicenseDServices;PACE License Services;C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2016-9-13 47330344]
R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2016-3-1 104976]
R3 GOLDFINGER;Service for M-Audio Fast Track C600;C:\Windows\System32\drivers\MAudioFastTrackC600.sys [2014-8-18 528104]
R3 GOLDFINGERDFU;Service for M-Audio Fast Track C600 DFU;C:\Windows\System32\drivers\MAudioFastTrackC600_DFU.sys [2014-8-18 31464]
R3 L6TPortB;Service - Line 6 TonePort UX2;C:\Windows\System32\drivers\L6TPortB64.sys [2015-8-21 777728]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2015-11-13 135928]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
R3 NIWinCDEmu;ISO Mounter driver;C:\Windows\System32\drivers\NIWinCDEmu.sys [2015-8-24 112408]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-4-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-4-27 184968]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-3-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-3-26 125064]
S3 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-20 203776]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2016-9-5 131712]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe --> C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [?]
S3 grmobileavs;Guitar Rig Mobile I/O WDM Audio;C:\Windows\System32\drivers\grmobileavs.sys [2011-4-11 358480]
S3 grmobileusb_svc;Guitar Rig Mobile I/O;C:\Windows\System32\drivers\grmobileusb.sys [2011-4-11 97360]
S3 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-7-26 26680]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2017-5-17 116224]
S3 InnovativeSolutions_monitor;Innovative Solutions Service Monitor;C:\Program Files (x86)\Common Files\Innovative Solutions\Advanced Uninstaller\InnovativeSolutions_monitor_Svr.exe [2015-4-27 1065312]
S3 KORGUMDS;KORG USB-MIDI Driver for Windows;C:\Windows\System32\drivers\KORGUM64.SYS [2011-3-30 33656]
S3 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-9-1 2909472]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-9-12 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2016-9-5 165504]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 t_mouse.sys;HID-compliand device;C:\Windows\System32\drivers\t_mouse.sys [2012-12-19 6144]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-9-12 29696]
S3 teVirtualMIDI64;teVirtualMIDI - Virtual MIDI Driver x64;C:\Windows\System32\drivers\teVirtualMIDI64.sys [2012-8-15 30208]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-10-19 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-9-12 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-9-7 1255736]
S3 WsDrvInst;Wondershare Driver Install Service; [x]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2015-7-16 26776]
S4 WsAppService;Wondershare Application Framework Service;C:\Program Files (x86)\Wondershare\WAF\2.3.2.219\WsAppService.exe [2017-1-3 440832]
.
=============== File Associations ===============
.
ShellExec: SZBrowser.exe: open="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2017-05-17 16:23:51 -------- d--h--w- C:\Windows\msdownld.tmp
2017-05-16 18:32:43 1167568 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37FD5E11-9C66-415D-9CF1-5CEEF0501384}\gapaengine.dll
2017-05-16 18:32:31 12994104 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6FAFC174-7499-4679-98A1-7F73D4FDE154}\mpengine.dll
2017-05-15 15:17:35 12994104 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2017-05-03 14:07:06 -------- dc-h--w- C:\ProgramData\{00E0164B-B182-4800-96DA-F8D39B3A7189}
2017-04-28 19:29:13 -------- dc-h--w- C:\ProgramData\{F0F3660E-3963-4E9E-B44E-192B34C6DECD}
2017-04-27 16:26:45 -------- dc-h--w- C:\ProgramData\{6765FF4A-D3FF-48F4-8F6F-D61DA603637B}
2017-04-27 00:17:36 -------- dc-h--w- C:\ProgramData\{E71D880F-E3CD-4075-B318-369A8C1E916A}
.
==================== Find3M ====================
.
2017-05-16 19:34:05 803320 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2017-05-16 19:34:05 144888 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2017-05-15 18:22:19 272 ----a-w- C:\Users\Ron\AppData\Roaming\msregsvv.dll
2017-04-28 19:44:12 320 ----a-w- C:\Windows\SysWow64\msvcsv60.dll
2017-04-28 01:14:59 631176 ----a-w- C:\Windows\System32\winresume.efi
2017-04-28 01:14:09 706792 ----a-w- C:\Windows\System32\winload.efi
2017-04-28 01:14:08 5547240 ----a-w- C:\Windows\System32\ntoskrnl.exe
2017-04-28 01:14:05 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2017-04-28 01:14:05 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2017-04-28 01:11:49 1732864 ----a-w- C:\Windows\System32\ntdll.dll
2017-04-28 01:09:59 44032 ----a-w- C:\Windows\System32\csrsrv.dll
2017-04-28 00:36:36 4000488 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2017-04-28 00:36:36 3945192 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2017-04-28 00:34:21 1314112 ----a-w- C:\Windows\SysWow64\ntdll.dll
2017-04-28 00:19:29 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2017-04-28 00:19:26 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2017-04-28 00:19:25 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2017-04-28 00:18:44 64000 ----a-w- C:\Windows\System32\auditpol.exe
2017-04-28 00:15:46 338432 ----a-w- C:\Windows\System32\conhost.exe
2017-04-28 00:14:54 296960 ----a-w- C:\Windows\System32\rstrui.exe
2017-04-28 00:12:14 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2017-04-28 00:11:40 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2017-04-28 00:11:38 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2017-04-28 00:11:35 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2017-04-28 00:10:56 30720 ----a-w- C:\Windows\System32\lsass.exe
2017-04-28 00:10:53 112640 ----a-w- C:\Windows\System32\smss.exe
2017-04-28 00:08:07 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2017-04-28 00:08:06 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2017-04-28 00:08:06 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2017-04-28 00:08:05 2048 ----a-w- C:\Windows\SysWow64\user.exe
2017-04-28 00:07:21 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2017-04-28 00:07:13 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2017-04-28 00:07:13 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-28 00:07:13 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-28 00:07:13 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2017-04-26 14:59:15 3220992 ----a-w- C:\Windows\System32\win32k.sys
2017-04-21 15:34:00 1133568 ----a-w- C:\Windows\System32\cdosys.dll
2017-04-21 15:15:28 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll
2017-04-17 15:37:31 512000 ----a-w- C:\Windows\System32\rpcss.dll
2017-04-17 15:37:29 876544 ----a-w- C:\Windows\System32\oleaut32.dll
2017-04-17 15:37:29 26112 ----a-w- C:\Windows\System32\oleres.dll
2017-04-17 15:37:29 2065408 ----a-w- C:\Windows\System32\ole32.dll
2017-04-17 15:37:20 8704 ----a-w- C:\Windows\System32\comcat.dll
2017-04-17 15:12:24 581632 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2017-04-17 15:12:24 26112 ----a-w- C:\Windows\SysWow64\oleres.dll
2017-04-17 15:12:24 1417728 ----a-w- C:\Windows\SysWow64\ole32.dll
2017-04-17 14:54:48 7168 ----a-w- C:\Windows\SysWow64\comcat.dll
2017-04-16 09:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2017-04-16 09:16:46 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2017-04-16 08:57:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2017-04-16 08:55:41 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2017-04-16 08:55:24 417792 ----a-w- C:\Windows\System32\html.iec
2017-04-16 08:54:52 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2017-04-16 08:54:39 576512 ----a-w- C:\Windows\System32\vbscript.dll
2017-04-16 08:37:33 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2017-04-16 08:37:32 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2017-04-16 08:36:53 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2017-04-16 08:25:51 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2017-04-16 08:19:51 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2017-04-16 08:18:59 5977600 ----a-w- C:\Windows\System32\jscript9.dll
2017-04-16 08:11:22 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2017-04-16 08:10:56 87552 ----a-w- C:\Windows\System32\tdc.ocx
2017-04-16 08:02:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2017-04-16 08:01:42 499200 ----a-w- C:\Windows\SysWow64\vbscript.dll
2017-04-16 08:01:40 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2017-04-16 08:01:20 341504 ----a-w- C:\Windows\SysWow64\html.iec
2017-04-16 08:00:02 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2017-04-16 07:47:30 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2017-04-16 07:46:56 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2017-04-16 07:37:51 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2017-04-16 07:37:40 2132992 ----a-w- C:\Windows\System32\inetcpl.cpl
2017-04-16 07:30:01 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2017-04-16 07:29:28 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2017-04-16 07:08:57 2057216 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2017-04-16 07:08:30 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2017-04-16 07:08:11 4548608 ----a-w- C:\Windows\SysWow64\jscript9.dll
2017-04-16 07:04:52 3241472 ----a-w- C:\Windows\System32\wininet.dll
2017-04-16 06:37:47 2767872 ----a-w- C:\Windows\SysWow64\wininet.dll
2017-04-12 15:32:24 229376 ----a-w- C:\Windows\System32\wintrust.dll
2017-04-12 15:32:10 190976 ----a-w- C:\Windows\System32\cryptsvc.dll
2017-04-12 15:32:10 1483776 ----a-w- C:\Windows\System32\crypt32.dll
2017-04-12 15:32:10 141824 ----a-w- C:\Windows\System32\cryptnet.dll
2017-04-12 15:26:12 179200 ----a-w- C:\Windows\SysWow64\wintrust.dll
2017-04-12 15:25:04 145920 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2017-04-12 15:25:04 1176064 ----a-w- C:\Windows\SysWow64\crypt32.dll
2017-04-12 15:25:04 106496 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2017-04-07 2258 532136 ------w- C:\Windows\System32\MpSigStub.exe
2017-04-07 15:34:43 986856 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2017-04-07 15:34:43 265448 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2017-04-07 15:30:55 405504 ----a-w- C:\Windows\System32\gdi32.dll
2017-04-07 15:30:53 144384 ----a-w- C:\Windows\System32\cdd.dll
2017-04-07 15:22:12 312832 ----a-w- C:\Windows\SysWow64\gdi32.dll
2017-04-05 14:55:36 460800 ----a-w- C:\Windows\System32\drivers\srv.sys
2017-04-05 14:55:28 405504 ----a-w- C:\Windows\System32\drivers\srv2.sys
2017-04-05 14:55:23 168960 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2017-04-04 15:34:38 1895656 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2017-04-04 15:34:36 377576 ----a-w- C:\Windows\System32\drivers\netio.sys
2017-04-04 15:34:36 287976 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2017-04-04 14:53:18 496128 ----a-w- C:\Windows\System32\drivers\afd.sys
2017-04-04 14:53:05 117760 ----a-w- C:\Windows\System32\drivers\tdx.sys
.
============= FINISH: 13:07:58.94 ===============
Attached Files
File Type: txt attach.txt (14.7 KB, 12 views)
ron-e-g is offline  
Sponsored Links
Advertisement
 
Old 05-19-2017, 06:36 PM   #2
Registered Member
 
ron-e-g's Avatar
 
Join Date: Jul 2010
Location: Central Coast, CA.
Posts: 216
OS: Win. 7 ultimate SP1



Bump Please
ron-e-g is offline  
Old 05-21-2017, 08:53 AM   #3
Registered Member
 
ron-e-g's Avatar
 
Join Date: Jul 2010
Location: Central Coast, CA.
Posts: 216
OS: Win. 7 ultimate SP1



Hum..should I be still waiting patiently, or do I need to do something else here?
ron-e-g is offline  
Old 05-22-2017, 08:37 AM   #4
Registered Member
 
ron-e-g's Avatar
 
Join Date: Jul 2010
Location: Central Coast, CA.
Posts: 216
OS: Win. 7 ultimate SP1



Bump..Please?
ron-e-g is offline  
Old 05-22-2017, 07:30 PM   #5
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,236
OS: XP/Win7/Win10



I see no sign of infection in your logs. I suggest you return to your previous thread and let them know.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 05-22-2017, 09:18 PM   #6
Registered Member
 
ron-e-g's Avatar
 
Join Date: Jul 2010
Location: Central Coast, CA.
Posts: 216
OS: Win. 7 ultimate SP1



OK Thanks.
ron-e-g is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
CPU at 100% most of the time.
Hi guys, Lately I have been having a problem with my PC. On several occasions my PC has slowed right down and virtually ground to a halt. When I've checked it with Task Manager, it shows that the processor is running at 100%, and that there are over 40 processes running at once. This can happen...
Hairymartin1966 Resolved HJT Threads 35 08-09-2013 11:33 AM
[SOLVED] VGRABBER
After posting this subject in the main Forum, I followed MasterchiefXX17 instructions which I will attached the results here. Basically I first notice Vgrabber v1.5 Toolbar in my uninstall list which I was unable to remove. When I searched for Vgrabber it cannot be found but I just noticed it is...
loftytopp Virus/Trojan/Spyware Help 6 06-30-2013 05:28 AM
Keyboards Unresponsive
Hi, i was referred to this sub-forum from the 'Microsoft/windows 7 support' forum. Here's a copy an paste of my op; "'I recently installed Bitdeffender and after scanning my computer it found a few malware/viruses. But as it was cleaning/deleting the infected files I got a BSOD. Now ever since...
ScretAgentDan Virus/Trojan/Spyware Help 44 04-22-2013 05:13 AM
[SOLVED] Malware pest
dds and attach as requested I see dds.txt is showing sidekick DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.13.2 Run by norman at 14:12:17 on 2013-02-22 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3838.2410 . AV:...
norman1 Resolved HJT Threads 20 02-27-2013 02:38 PM
possibly spyware, adware or what ever else.
Hi all, when i open a browser, it automatically direct me to some random sites. I tried making my default homepage something else but it still does the same thing. I would believe that it is either spyware or adware. Moreover, I have experienced that sometimes when i idol from my computer, it...
kewin118 Resolved HJT Threads 19 10-30-2012 04:49 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2


All times are GMT -7. The time now is 03:32 AM.


vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2017 DragonByte Technologies Ltd.
Copyright 2001 - 2015, Tech Support Forum

Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts

 

Partially Powered By Products Found At Lampwrights.com