Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible unknown Virus infection or hardware malfunction


  • This topic is locked This topic is locked
2 replies to this topic

#1 AnasAlex

AnasAlex

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:10:38 PM

Posted 21 February 2011 - 03:39 AM

I have windows 7 my laptop freezes a lot after running for long time or after hibernation. when i click on a program it'll stop responding right away. and then i have to reboot and it'll take forever to reboot sometimes it'll just freeze with the shutting down logo which forces to power shut it (using the power button)
also sometimes the screen like turns off an back on in like a blink of an eye shutting the internet off right away for like 30 seconds or more and then it does the same thing bringing the internet back on again.At one point it stopped booting completely. it just froze with the "starting windows" logo and i ran a hard drive test that an HP operator asked me to run and it failed. so they told me ur hard drive is failing. but then two days later i tried booting it again and it worked .. but the same problems are there. im not sure if its a software or hardware problem. it would be very much appreciated if u can guide me through a fix to this mess. Thanks a million!
========================================================================================================================================================

DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by Anas at 0:23:08.66 on Mon 02/21/2011
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.5942.3838 [GMT -8:00]

AV: Sunbelt VIPRE *Enabled/Outdated* {BE5DD172-7F42-7948-1A60-E6A720288F81}
AV: Ad-Aware Total Security *Enabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Ad-Aware Total Security *Enabled/Updated* {EFCD2318-A544-E9EB-4022-6820AEE79F52}
SP: Sunbelt VIPRE *Enabled/Outdated* {053C3096-5978-76C6-20D0-DDD55BAFC53C}
FW: Sunbelt VIPRE *Enabled* {86665057-352D-7810-313F-4F92DEFBC8FA}
FW: Ad-Aware Personal Firewall *Enabled* {6C9743D9-C911-E73D-51CD-FA672BB39294}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVK\AVKWCtlX64.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVK\AVKService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVKTray\AVKTray.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Firewall\GDFirewallTray.exe
C:\Program Files (x86)\Sunbelt Software\VIPRE\SBPIMSvc.exe
C:\Program Files\DigitalPersona\Bin\DPAgent.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Users\Anas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Anas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Anas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Users\Anas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Anas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Anas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Anas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Anas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Anas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Firewall\GDFwSvcx64.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Users\Anas\Downloads\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Anas\Downloads\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Ad-Aware WebFilter: {0124123d-61b4-456f-af86-78c53a0790c5} - C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\WebFilter\AvkWebIE.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: @c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll
TB: Ad-Aware WebFilter: {0124123d-61b4-456f-af86-78c53a0790c5} - C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\WebFilter\AvkWebIE.dll
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\Anas\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [G Data AntiVirus Tray Application] C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVKTray\AVKTray.exe
mRun: [GDFirewallTray] C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Firewall\GDFirewallTray.exe
mRun: [SBAMTray] "C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
LSA: Notification Packages = DPPassFilter scecli
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Ad-Aware WebFilter: {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Webfilter\AVKWebIEx64.dll
BHO-X64: Ad-Aware WebFilter Class - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
TB-X64: Ad-Aware WebFilter: {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Webfilter\AVKWebIEx64.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
mRun-x64: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe

============= SERVICES / DRIVERS ===============

R0 GDBehave;GDBehave;C:\Windows\System32\drivers\GDBehave.sys [2011-2-6 40392]
R1 GDMnIcpt;GDMnIcpt;C:\Windows\System32\drivers\MiniIcpt.sys [2011-2-6 85960]
R1 gdwfpcd;G DATA WFP CD;C:\Windows\System32\drivers\gdwfpcd64.sys [2011-2-6 48584]
R1 GRD;G Data Rootkit Detector Driver;C:\Windows\System32\drivers\GRD.sys [2011-2-6 106224]
R1 HookCentre;HookCentre;C:\Windows\System32\drivers\HookCentre.sys [2011-2-6 49096]
R1 SbFw;SbFw;C:\Windows\System32\drivers\SbFw.sys [2011-2-8 243800]
R1 SbTis;SbTis;C:\Windows\System32\drivers\sbtis.sys [2011-2-9 84056]
R2 sbapifs;sbapifs;C:\Windows\System32\drivers\sbapifs.sys [2010-1-4 64088]
R3 clwvd;HP Webcam Splitter;C:\Windows\System32\drivers\clwvd.sys [2010-6-24 32880]
R3 GDPkIcpt;GDPkIcpt;C:\Windows\System32\drivers\PktIcpt.sys [2011-2-6 57288]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-4-30 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-9-16 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-9-16 271872]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;C:\Windows\System32\drivers\SbFwIm.sys [2011-2-8 83032]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2010-4-24 721768]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2010-4-24 269672]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2010-4-24 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2010-4-24 22376]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-9-16 232992]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-9-16 346144]
S3 sbhips;sbhips;C:\Windows\System32\drivers\sbhips.sys [2011-2-9 50776]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712]

=============== Created Last 30 ================

2011-02-21 00:33:04 -------- d-----w- C:\Users\Anas\AppData\Local\{577DFFDE-0BE6-4864-A5F7-FED52D80B94B}
2011-02-20 12:32:26 -------- d-----w- C:\Users\Anas\AppData\Local\{ECEFDD22-F01C-412B-AA0F-7E25FEFC1784}
2011-02-20 00:16:25 -------- d-----w- C:\Users\Anas\AppData\Local\{CD0A61ED-240A-469A-994F-446AF6363B33}
2011-02-19 10:09:10 -------- d-----w- C:\Users\Anas\AppData\Local\{495572B6-FB23-4FC4-9F70-8B780DF35B21}
2011-02-17 17:52:36 -------- d-----w- C:\Users\Anas\AppData\Local\{68C6B046-7E29-45A7-94C8-377EDD7E57AB}
2011-02-16 21:25:18 -------- d-----w- C:\Users\Anas\AppData\Local\{DC7C6729-3E1B-4982-A0D4-C824A4938CE2}
2011-02-16 09:07:12 7844688 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{6A58A223-9C1B-4AE6-8040-667578C05FC4}\mpengine.dll
2011-02-16 08:35:17 -------- d-----w- C:\Users\Anas\AppData\Local\{B5DA6457-22AA-4608-8659-B6ACECD0FFA2}
2011-02-16 02:06:54 106224 ----a-w- C:\Windows\SysWow64\drivers\GRD.sys
2011-02-10 21:26:06 -------- d-----w- C:\Users\Anas\AppData\Local\{B07290C3-5644-45F2-A87C-2102EAED08C8}
2011-02-10 09:10:04 -------- d-----w- C:\Users\Anas\AppData\Local\{B669D83B-0780-4C09-B486-C3D24744FAE0}
2011-02-09 20:04:57 -------- d-----w- C:\Users\Anas\AppData\Local\{F938874B-2829-4184-AB4D-F8F4EA09DD8B}
2011-02-09 08:03:40 -------- d-----w- C:\Users\Anas\AppData\Local\{3806E783-2507-444D-A199-4D12029607D5}
2011-02-09 08:02:19 -------- d-----w- C:\Users\Anas\AppData\Roaming\Sunbelt
2011-02-09 08:02:05 -------- d-----w- C:\PROGRA~3\Sunbelt
2011-02-09 08:00:34 50776 ----a-w- C:\Windows\System32\drivers\sbhips.sys
2011-02-09 08:00:32 84056 ----a-w- C:\Windows\System32\drivers\sbtis.sys
2011-02-09 07:59:52 83032 ----a-w- C:\Windows\System32\drivers\SbFwIm.sys
2011-02-09 07:59:51 243800 ----a-w- C:\Windows\System32\drivers\SbFw.sys
2011-02-09 07:59:48 45656 ----a-w- C:\Windows\System32\drivers\sbredrv.sys
2011-02-09 07:59:48 27472 ----a-w- C:\Windows\System32\sbbd.exe
2011-02-09 07:59:40 -------- d-----w- C:\Program Files (x86)\Sunbelt Software
2011-02-09 01:55:36 -------- d-----w- C:\Users\Anas\AppData\Local\{18E32D0B-F822-455F-8694-8C22CC28AE43}
2011-02-08 07:09:48 7844688 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-02-08 07:06:16 -------- d-----w- C:\Users\Anas\AppData\Local\{98FFAB5C-3372-4925-AC35-C5F38E4AD759}
2011-02-07 06:09:00 -------- d-----w- C:\Users\Anas\AppData\Local\{3AACACCD-525F-4A8C-8E0F-8E092B4AA7D4}
2011-02-06 21:15:27 106224 ----a-w- C:\Windows\System32\drivers\GRD.sys
2011-02-06 21:05:32 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-02-06 20:51:27 40392 ----a-w- C:\Windows\System32\drivers\GDBehave.sys
2011-02-06 20:51:14 57288 ----a-w- C:\Windows\System32\drivers\PktIcpt.sys
2011-02-06 20:50:58 15880 ----a-w- C:\Windows\SysWow64\lsdelete.exe
2011-02-06 20:50:49 85960 ----a-w- C:\Windows\System32\drivers\MiniIcpt.sys
2011-02-06 20:50:49 49096 ----a-w- C:\Windows\System32\drivers\HookCentre.sys
2011-02-06 20:50:48 48584 ----a-w- C:\Windows\System32\drivers\gdwfpcd64.sys
2011-02-06 20:50:03 -------- d-----w- C:\Program Files (x86)\Lavasoft
2011-02-06 20:50:03 -------- d-----w- C:\Program Files (x86)\Common Files\G Data
2011-02-06 20:50:03 -------- d-----w- C:\PROGRA~3\G DATA
2011-02-06 20:43:59 -------- d-----w- C:\Users\Anas\AppData\Local\Downloaded Installations
2011-02-06 20:02:48 -------- d-----w- C:\HP_TOOLS_mountHPSF
2011-02-06 10:09:54 -------- d-----w- C:\Users\Anas\AppData\Local\{82ECA0A9-3EFB-4B13-9174-2CF780E4DD0C}
2011-02-05 21:02:38 -------- d-----w- C:\Users\Anas\AppData\Local\{D3B9AEC0-749C-4ECD-BFFB-5B62786440A0}
2011-02-05 01:55:54 -------- d-----w- C:\Users\Anas\AppData\Local\{C74F5390-3518-4E4D-993F-98C784F054C4}
2011-02-04 08:08:45 -------- d-----w- C:\Users\Anas\AppData\Local\{53A99DC3-B21B-48CE-8479-603C44D9BB42}
2011-02-04 05:39:05 -------- d-----w- C:\Program Files\iTunes
2011-02-04 05:39:05 -------- d-----w- C:\Program Files\iPod
2011-02-04 05:39:05 -------- d-----w- C:\Program Files (x86)\iTunes
2011-02-03 19:08:32 -------- d-----w- C:\Users\Anas\AppData\Local\{8D8DAC42-BE50-403A-AD9A-312A2D6F206B}
2011-02-03 07:07:58 -------- d-----w- C:\Users\Anas\AppData\Local\{195714FD-0A56-4F5E-A5ED-9B897325EEB3}
2011-02-02 19:07:24 -------- d-----w- C:\Users\Anas\AppData\Local\{7E15D2AE-D21F-4381-8317-077ABD8B68D2}
2011-02-02 07:06:50 -------- d-----w- C:\Users\Anas\AppData\Local\{0774A34C-1B0A-44BC-80C6-012BE4C2AE4C}
2011-02-01 19:06:40 -------- d-----w- C:\Users\Anas\AppData\Local\{208B6FAA-B379-4E4E-AD84-8A4EDC6433AD}
2011-01-31 18:41:51 -------- d-----w- C:\Users\Anas\AppData\Local\{4E1C223D-304B-4683-A761-4F5C74BB554E}
2011-01-30 23:38:35 -------- d-----w- C:\Users\Anas\AppData\Local\{70A6DE19-C640-4B9E-BA0F-C7514457A573}
2011-01-30 15:45:12 135568 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-01-30 11:38:02 -------- d-----w- C:\Users\Anas\AppData\Local\{3D05792E-3725-49F7-A894-DF0151F13B74}
2011-01-29 18:41:00 -------- d-----w- C:\Users\Anas\AppData\Local\{75139662-F402-4CA4-A246-4F64D29DC65D}
2011-01-29 01:32:32 -------- d-----w- C:\Users\Anas\AppData\Local\{97159CF1-84D6-46F0-BA5C-5C84A3130B8D}
2011-01-28 06:51:57 -------- d-----w- C:\Users\Anas\AppData\Local\{5B94CC6D-7160-4752-89CA-F88BCFC68B0E}
2011-01-27 18:51:34 -------- d-----w- C:\Users\Anas\AppData\Local\{71FBEC53-E5B1-4995-8925-C66329A3AC4E}
2011-01-26 19:29:51 -------- d-----w- C:\Users\Anas\AppData\Local\{08C2E6A9-C3D1-40C0-AE01-D52714C6F7B0}
2011-01-26 08:12:43 -------- d-----w- C:\Program Files\DivX
2011-01-26 08:12:28 -------- d-----w- C:\Program Files (x86)\Common Files\DivX Shared
2011-01-26 08:12:07 -------- d-----w- C:\Program Files (x86)\DivX
2011-01-26 08:11:35 -------- d-----w- C:\PROGRA~3\DivX
2011-01-26 06:46:38 -------- d-----w- C:\Users\Anas\AppData\Local\{FC63AF1A-BE7A-4C63-A917-FC1420E788CE}
2011-01-25 18:46:03 -------- d-----w- C:\Users\Anas\AppData\Local\{FC5C5859-36B8-4D3F-A15F-A8D60CFF6B04}
2011-01-24 05:37:45 -------- d-----w- C:\Users\Anas\AppData\Local\{32913E69-6DE4-43A8-AB0E-5E6171F170FE}

==================== Find3M ====================

2011-01-26 06:53:10 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-01-26 06:53:10 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2011-01-26 06:31:20 144384 ----a-w- C:\Windows\System32\cdd.dll
2011-01-07 08:06:50 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-01-07 07:27:11 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-07 05:49:20 366080 ----a-w- C:\Windows\System32\atmfd.dll
2011-01-07 05:33:11 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-01-05 06:20:30 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 05:37:33 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-01-05 04:00:16 3127808 ----a-w- C:\Windows\System32\win32k.sys
2010-12-21 06:16:27 97280 ----a-w- C:\Windows\System32\wscsvc.dll
2010-12-21 06:16:27 62976 ----a-w- C:\Windows\System32\wscapi.dll
2010-12-21 06:16:16 214016 ----a-w- C:\Windows\System32\winsrv.dll
2010-12-21 06:16:14 442880 ----a-w- C:\Windows\System32\winhttp.dll
2010-12-21 06:16:14 1197056 ----a-w- C:\Windows\System32\wininet.dll
2010-12-21 06:16:09 258048 ----a-w- C:\Windows\System32\WebClnt.dll
2010-12-21 06:15:55 264192 ----a-w- C:\Windows\System32\upnp.dll
2010-12-21 06:15:31 15360 ----a-w- C:\Windows\System32\slwga.dll
2010-12-21 06:13:03 2003968 ----a-w- C:\Windows\System32\msxml6.dll
2010-12-21 06:13:03 1880576 ----a-w- C:\Windows\System32\msxml3.dll
2010-12-21 06:10:22 100864 ----a-w- C:\Windows\System32\davclnt.dll
2010-12-21 05:38:24 51200 ----a-w- C:\Windows\SysWow64\wscapi.dll
2010-12-21 05:38:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-12-21 05:38:22 350720 ----a-w- C:\Windows\SysWow64\winhttp.dll
2010-12-21 05:38:21 204800 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2010-12-21 05:38:19 204288 ----a-w- C:\Windows\SysWow64\upnp.dll
2010-12-21 05:38:16 14336 ----a-w- C:\Windows\SysWow64\slwga.dll
2010-12-21 05:36:17 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2010-12-21 05:36:16 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2010-12-21 05:34:12 80384 ----a-w- C:\Windows\SysWow64\davclnt.dll
2010-12-18 06:11:41 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-12-18 06:11:34 714752 ----a-w- C:\Windows\System32\kerberos.dll
2010-12-18 05:29:40 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-12-18 05:29:31 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
2010-12-18 04:55:03 482816 ----a-w- C:\Windows\System32\html.iec
2010-12-18 04:20:55 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-12-18 04:13:40 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-12-18 03:47:59 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-11-30 01:38:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2010-11-30 01:38:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

============= FINISH: 0:25:54.63 ===============
Attached File  Attach.txt   20.52KB   1 downloads

BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:38 AM

Posted 26 February 2011 - 05:01 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:06:38 AM

Posted 03 March 2011 - 04:38 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users