Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I don't see an infection, but the system takes 5-6 minutes to boot up


  • This topic is locked This topic is locked
3 replies to this topic

#1 TinkTheHustler2

TinkTheHustler2

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:09 PM

Posted 12 October 2011 - 02:01 PM

Referred from here: http://www.bleepingcomputer.com/forums/topic422240.html ~ OB

I have attached 3 documents to this post. Thank your for helping me with this.


DDS (Ver_2011-08-26.01) - NTFSx86 MINIMAL
Internet Explorer: 9.0.8112.16421
Run by Owner at 5:41:16 on 2011-10-12
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.1790.1420 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
C:\Windows\system32\NOTEPAD.EXE
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vb32&d=0609&m=lt31
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vb32&d=0609&m=lt31
mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&s=2&o=vb32&d=0609&m=lt31
BHO: MRI_DISABLED - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: GamesBarBHO Class: {cb0d163c-e9f4-4236-9496-0597e24b23a5} - c:\program files\gamesbar\oberontb.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: GamesBar: {6f282b65-56bf-4bd1-a8b2-a4449a05863d} - c:\program files\gamesbar\oberontb.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10b.exe
mRun: [Acer ePower Management] "c:\program files\gateway\gateway power management\ePowerTray.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
StartupFolder: c:\users\owner\appdata\roaming\microsoft\windows\start menu\programs\startup\OneNote Table Of Contents.onetoc2
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {1A93C934-025B-4c3a-B38E-9654A7003239} - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - c:\program files\gamesbar\oberontb.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{892C1328-B7C8-4A0E-AA99-7CCE186D813E} : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\a9qy473m.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-7-11 229840]
S1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-9-12 5265248]
S2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 ePowerSvc;Acer ePower Service;c:\program files\gateway\gateway power management\ePowerSvc.exe [2009-5-8 723488]
S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S3 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-7-18 116608]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-7-11 16720]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-2-10 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 Ndisrd;WinpkFilter Service;c:\windows\system32\drivers\Ndisrd.sys [2009-7-5 22016]
S3 NdisrdMP;NdisrdMP;c:\windows\system32\drivers\Ndisrd.sys [2009-7-5 22016]
S3 PTDUBus;PANTECH UM175 Composite Device Driver ;c:\windows\system32\drivers\PTDUBus.sys [2010-3-2 54416]
S3 PTDUMdm;PANTECH UM175 Drivers;c:\windows\system32\drivers\PTDUMdm.sys [2010-3-2 160272]
S3 PTDUVsp;PANTECH UM175 Diagnostic Port;c:\windows\system32\drivers\PTDUVsp.sys [2010-3-2 160272]
S3 PTDUWFLT;PTDUWWAN Filter Driver;c:\windows\system32\drivers\PTDUWFLT.sys [2010-3-2 11920]
S3 PTDUWWAN;PANTECH UM175 WWAN Driver;c:\windows\system32\drivers\PTDUWWAN.sys [2010-3-2 113680]
S3 SMSIVZAM5;SMSIVZAM5 NDIS Protocol Driver;c:\progra~1\verizo~1\vzacce~1\SMSIVZAM5.SYS [2009-5-25 32408]
S3 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-9-30 2358656]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-1-20 16896]
.
=============== Created Last 30 ================
.
2011-10-08 00:51:57 -------- d-----w- c:\program files\ESET
2011-10-01 07:00:46 -------- d-----w- c:\users\owner\appdata\roaming\TeamViewer
2011-10-01 01:35:50 -------- d-----w- c:\program files\TeamViewer
2011-09-30 23:27:35 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE
2011-09-30 14:11:41 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-09-30 08:09:28 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-09-30 08:08:11 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-09-30 08:07:55 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-09-30 01:48:30 -------- d-----w- c:\program files\Windows Portable Devices
2011-09-29 18:49:35 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2011-09-29 18:48:01 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-09-29 18:47:57 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-09-29 18:47:56 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2011-09-29 18:47:54 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-09-29 18:47:53 252928 ----a-w- c:\windows\system32\dxdiag.exe
2011-09-29 18:47:23 519680 ----a-w- c:\windows\system32\d3d11.dll
2011-09-29 18:17:54 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2011-09-29 18:17:48 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2011-09-29 18:17:45 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2011-09-29 18:16:01 134144 ----a-w- c:\program files\windows portable devices\sqmapi.dll
2011-09-29 18:15:34 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2011-09-29 18:13:34 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2011-09-29 18:13:30 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2011-09-29 18:13:28 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2011-09-29 18:13:23 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2011-09-29 18:13:20 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-09-29 18:13:19 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2011-09-29 18:13:16 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2011-09-29 18:13:11 350208 ----a-w- c:\windows\system32\WPDSp.dll
2011-09-29 18:13:07 227840 ----a-w- c:\windows\system32\drivers\umdf\WpdFs.dll
2011-09-29 17:29:28 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-29 17:29:02 234496 ----a-w- c:\windows\system32\oleacc.dll
2011-09-29 17:28:59 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-09-29 17:04:37 -------- d-----w- c:\users\owner\appdata\roaming\AVG2012
2011-09-29 11:23:05 -------- d-----w- c:\windows\system32\drivers\AVG
2011-09-29 11:23:05 -------- d-----w- c:\programdata\AVG2012
2011-09-29 11:02:40 -------- d-----w- c:\program files\AVG
2011-09-29 10:29:12 -------- d--h--w- c:\programdata\Common Files
2011-09-29 10:27:24 -------- d-----w- c:\programdata\MFAData
2011-09-29 10:07:14 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-28 20:36:55 -------- d-----w- c:\users\owner\appdata\local\Mozilla
2011-09-28 19:46:59 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-28 11:57:30 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-09-28 11:57:30 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-09-28 11:57:27 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-09-28 11:57:26 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-09-28 11:57:22 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-09-28 11:57:22 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-09-28 11:57:18 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-09-28 11:57:16 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-09-28 11:57:16 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-09-28 11:56:57 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-09-28 11:56:56 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-09-28 11:56:56 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-09-28 11:54:00 3602832 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-09-28 11:53:55 3550096 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-09-28 11:36:35 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-09-28 11:35:41 2048 ----a-w- c:\windows\system32\tzres.dll
2011-09-28 11:12:12 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-09-28 10:56:23 905104 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-09-28 10:47:34 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-09-28 04:35:02 -------- d-----w- c:\windows\system32\ca-ES
2011-09-28 04:35:01 -------- d-----w- c:\windows\system32\eu-ES
2011-09-28 04:34:56 -------- d-----w- c:\windows\system32\vi-VN
2011-09-27 20:52:41 928768 ----a-w- c:\windows\system32\scavenge.dll
2011-09-27 20:48:27 57856 ----a-w- c:\windows\system32\compcln.exe
2011-09-27 20:21:54 124928 ----a-w- c:\windows\system32\phon.ime
2011-09-27 20:20:59 723968 ----a-w- c:\windows\system32\powercpl.dll
2011-09-27 20:20:52 293376 ----a-w- c:\windows\system32\photowiz.dll
2011-09-27 20:20:47 1107968 ----a-w- c:\windows\system32\pidgenx.dll
2011-09-27 20:20:43 704512 ----a-w- c:\windows\system32\PhotoScreensaver.scr
2011-09-27 20:20:41 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2011-09-27 20:20:39 89088 ----a-w- c:\windows\system32\pintlgnt.ime
2011-09-27 20:20:32 82944 ----a-w- c:\windows\system32\nslookup.exe
2011-09-27 20:20:31 35328 ----a-w- c:\windows\system32\drivers\npfs.sys
2011-09-27 20:20:18 1083880 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-09-27 20:20:13 172544 ----a-w- c:\windows\system32\wbem\ntevt.dll
2011-09-27 20:18:57 825856 ----a-w- c:\windows\system32\rasdlg.dll
2011-09-27 20:17:59 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-09-27 20:17:54 107008 ----a-w- c:\windows\system32\rdpwsx.dll
2011-09-27 20:17:52 779136 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2011-09-27 20:17:40 869888 ----a-w- c:\windows\system32\printui.dll
2011-09-27 20:17:39 551936 ----a-w- c:\windows\system32\prnntfy.dll
2011-09-27 20:17:17 102816 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-09-27 20:17:12 98816 ----a-w- c:\windows\system32\powrprof.dll
2011-09-27 20:16:25 166400 ----a-w- c:\windows\system32\puiapi.dll
2011-09-27 20:16:19 302592 ----a-w- c:\windows\system32\QAGENTRT.DLL
2011-09-27 20:16:18 497152 ----a-w- c:\windows\system32\qdvd.dll
2011-09-27 20:16:15 1081856 ----a-w- c:\program files\microsoft games\purble place\PurblePlace.exe
2011-09-27 20:16:10 71680 ----a-w- c:\windows\system32\propdefs.dll
2011-09-27 20:16:10 153088 ----a-w- c:\windows\system32\profsvc.dll
2011-09-27 20:16:08 754688 ----a-w- c:\windows\system32\propsys.dll
2011-09-27 20:16:03 217088 ----a-w- c:\windows\system32\psisrndr.ax
2011-09-27 20:15:57 293376 ----a-w- c:\windows\system32\psisdecd.dll
2011-09-27 20:15:56 50664 ----a-w- c:\windows\system32\PSHED.DLL
2011-09-27 20:15:26 69632 ----a-w- c:\windows\system32\sendmail.dll
2011-09-27 20:14:53 279552 ----a-w- c:\windows\system32\services.exe
2011-09-27 20:14:52 627200 ----a-w- c:\windows\system32\sethc.exe
2011-09-27 20:14:41 1591296 ----a-w- c:\windows\system32\setupapi.dll
2011-09-27 20:13:28 183808 ----a-w- c:\windows\system32\eapphost.dll
2011-09-27 20:13:27 141288 ----a-w- c:\windows\system32\drivers\ecache.sys
2011-09-27 20:13:26 93696 ----a-w- c:\windows\system32\eappgnui.dll
2011-09-27 20:13:18 187904 ----a-w- c:\windows\system32\eapp3hst.dll
2011-09-27 20:13:18 135680 ----a-w- c:\windows\system32\eappcfg.dll
2011-09-27 20:13:03 120320 ----a-w- c:\windows\system32\EhStorAPI.dll
2011-09-27 20:11:58 1078784 ----a-w- c:\windows\system32\diagperf.dll
2011-09-27 20:10:57 101888 ----a-w- c:\windows\system32\dmusic.dll
2011-09-27 20:09:59 60928 ----a-w- c:\windows\system32\findstr.exe
2011-09-27 20:08:59 1985024 ----a-w- c:\windows\system32\authui.dll
2011-09-27 20:08:58 115712 ----a-w- c:\windows\system32\AudioSes.dll
2011-09-27 20:08:57 643072 ----a-w- c:\windows\system32\autochk.exe
2011-09-27 20:08:56 79872 ----a-w- c:\windows\system32\authz.dll
2011-09-27 20:08:54 109032 ----a-w- c:\windows\system32\drivers\ataport.sys
2011-09-27 20:08:53 88576 ----a-w- c:\windows\system32\audiodg.exe
2011-09-27 20:08:48 636416 ----a-w- c:\windows\system32\autofmt.exe
2011-09-27 20:08:47 656896 ----a-w- c:\windows\system32\autoconv.exe
2011-09-27 20:08:43 516608 ----a-w- c:\windows\system32\autoplay.dll
2011-09-27 20:08:26 19944 ----a-w- c:\windows\system32\drivers\atapi.sys
2011-09-27 20:08:10 1342464 ----a-w- c:\windows\system32\brcpl.dll
2011-09-27 20:08:01 45568 ----a-w- c:\windows\system32\bthci.dll
2011-09-27 20:07:58 93696 ----a-w- c:\windows\system32\drivers\bridge.sys
2011-09-27 20:07:55 130024 ----a-w- c:\windows\system32\basecsp.dll
2011-09-27 20:07:52 757248 ----a-w- c:\windows\system32\azroles.dll
2011-09-27 20:07:48 542720 ----a-w- c:\windows\system32\blackbox.dll
2011-09-27 20:07:48 31744 ----a-w- c:\windows\system32\bitsigd.dll
2011-09-27 20:07:44 274432 ----a-w- c:\windows\system32\bcrypt.dll
2011-09-27 20:07:43 334848 ----a-w- c:\windows\system32\BFE.DLL
2011-09-27 20:07:40 265688 ----a-w- c:\windows\system32\drivers\acpi.sys
2011-09-27 20:07:28 2515968 ----a-w- c:\windows\system32\accessibilitycpl.dll
2011-09-27 20:07:08 171008 ----a-w- c:\windows\system32\apphelp.dll
2011-09-27 20:07:03 1730560 ----a-w- c:\windows\system32\apds.dll
2011-09-27 20:07:00 1122304 ----a-w- c:\windows\system32\appwiz.cpl
2011-09-27 20:06:52 75264 ----a-w- c:\windows\system32\adsmsext.dll
2011-09-27 20:06:51 199168 ----a-w- c:\windows\system32\adsldpc.dll
2011-09-27 20:06:43 617984 ----a-w- c:\windows\system32\adtschema.dll
2011-09-27 20:06:39 800768 ----a-w- c:\windows\system32\advapi32.dll
2011-09-27 20:06:35 1209856 ----a-w- c:\windows\system32\comsvcs.dll
2011-09-27 20:06:34 69120 ----a-w- c:\windows\system32\conime.exe
2011-09-27 20:06:33 593408 ----a-w- c:\windows\system32\comuid.dll
2011-09-27 20:06:30 35304 ----a-w- c:\windows\system32\drivers\crashdmp.sys
2011-09-27 20:06:27 978944 ----a-w- c:\windows\system32\crypt32.dll
2011-09-27 20:06:27 178176 ----a-w- c:\windows\system32\credui.dll
2011-09-27 20:06:22 1645568 ----a-w- c:\windows\system32\connect.dll
2011-09-27 20:06:04 481792 ----a-w- c:\windows\system32\cmdial32.dll
2011-09-27 20:04:59 633856 ----a-w- c:\windows\system32\CertEnrollUI.dll
2011-09-27 20:03:59 339968 ----a-w- c:\windows\system32\msexcl40.dll
2011-09-27 20:03:58 409600 ----a-w- c:\windows\system32\msexch40.dll
2011-09-27 20:03:57 332800 ----a-w- c:\windows\system32\msihnd.dll
2011-09-27 20:03:56 73216 ----a-w- c:\windows\system32\msiexec.exe
2011-09-27 20:03:47 2241536 ----a-w- c:\windows\system32\msi.dll
2011-09-27 20:03:09 560640 ----a-w- c:\windows\system32\msdtcprx.dll
2011-09-27 20:03:08 19456 ----a-w- c:\windows\system32\MsCtfMonitor.dll
2011-09-27 20:03:06 85504 ----a-w- c:\windows\system32\msctfui.dll
2011-09-27 20:03:06 807424 ----a-w- c:\windows\system32\msctf.dll
2011-09-27 20:03:04 84992 ----a-w- c:\windows\system32\msctfp.dll
2011-09-27 20:02:45 2560 ----a-w- c:\windows\system32\msimsg.dll
2011-09-27 20:02:31 407552 ----a-w- c:\windows\system32\MPSSVC.dll
2011-09-27 20:02:29 97792 ----a-w- c:\windows\system32\mprapi.dll
2011-09-27 20:02:28 68608 ----a-w- c:\windows\system32\mpr.dll
2011-09-27 20:02:26 513000 ----a-w- c:\program files\windows defender\MpSoftEx.dll
2011-09-27 20:02:15 189440 ----a-w- c:\windows\system32\wbem\mofd.dll
2011-09-27 20:02:14 150528 ----a-w- c:\windows\system32\MMDevAPI.dll
2011-09-27 20:02:13 288256 ----a-w- c:\windows\system32\modemui.dll
2011-09-27 20:02:11 1102848 ----a-w- c:\windows\system32\mmsys.cpl
2011-09-27 20:00:43 19968 ----a-w- c:\windows\system32\NcdProp.dll
2011-09-27 20:00:42 57856 ----a-w- c:\windows\system32\wbem\NCProv.dll
2011-09-27 20:00:40 805376 ----a-w- c:\windows\system32\NaturalLanguage6.dll
2011-09-27 20:00:15 3174400 ----a-w- c:\windows\system32\netshell.dll
2011-09-27 20:00:11 74752 ----a-w- c:\windows\system32\newdev.exe
2011-09-27 20:00:08 469504 ----a-w- c:\windows\system32\newdev.dll
2011-09-27 20:00:04 2226688 ----a-w- c:\windows\system32\networkexplorer.dll
2011-09-27 20:00:00 3072000 ----a-w- c:\windows\system32\networkmap.dll
2011-09-27 19:58:55 1544704 ----a-w- c:\windows\system32\MSVidCtl.dll
2011-09-27 19:57:51 114688 ----a-w- c:\windows\system32\imm32.dll
2011-09-27 19:57:46 16384 ----a-w- c:\windows\system32\iscsilog.dll
2011-09-27 19:57:43 364032 ----a-w- c:\windows\system32\IPSECSVC.DLL
2011-09-27 19:57:41 396288 ----a-w- c:\windows\system32\ipsmsnap.dll
2011-09-27 19:57:31 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2011-09-27 19:57:25 200704 ----a-w- c:\windows\system32\input.dll
2011-09-27 19:57:20 759296 ----a-w- c:\windows\system32\ipsecsnp.dll
2011-09-27 19:57:18 26624 ----a-w- c:\windows\system32\ipconfig.exe
2011-09-27 19:55:38 507904 ----a-w- c:\program files\common files\microsoft shared\ink\Microsoft.Ink.dll
2011-09-27 19:54:29 2012160 ----a-w- c:\windows\system32\milcore.dll
2011-09-27 19:54:20 958464 ----a-w- c:\program files\microsoft games\minesweeper\MineSweeper.exe
2011-09-27 19:54:19 41984 ----a-w- c:\windows\system32\mimefilt.dll
2011-09-27 19:54:06 17408 ----a-w- c:\windows\system32\midimap.dll
2011-09-27 19:54:05 12800 ----a-w- c:\windows\system32\mmcico.dll
2011-09-27 19:54:04 52224 ----a-w- c:\windows\system32\mmci.dll
2011-09-27 19:54:01 2167808 ----a-w- c:\windows\system32\mmcndmgr.dll
2011-09-27 19:53:47 1792512 ----a-w- c:\windows\system32\mmc.exe
2011-09-27 19:53:08 149504 ----a-w- c:\windows\system32\drivers\ks.sys
2011-09-27 19:53:06 93696 ----a-w- c:\windows\system32\Kswdmcap.ax
2011-09-27 19:53:05 143872 ----a-w- c:\windows\system32\korwbrkr.dll
2011-09-27 19:53:04 35840 ----a-w- c:\windows\system32\wbem\KrnlProv.dll
2011-09-27 19:52:56 48128 ----a-w- c:\windows\system32\l2nacp.dll
2011-09-27 19:52:54 17408 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2011-09-27 19:52:53 17896 ----a-w- c:\windows\system32\kd1394.dll
2011-09-27 19:52:38 17384 ----a-w- c:\windows\system32\kdcom.dll
2011-09-27 19:52:37 19944 ----a-w- c:\windows\system32\kdusb.dll
2011-09-27 19:52:32 438744 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2011-09-27 19:52:30 950272 ----a-w- c:\windows\system32\mblctr.exe
2011-09-27 19:52:25 356864 ----a-w- c:\windows\system32\MediaMetadataHandler.dll
2011-09-27 19:52:11 94720 ----a-w- c:\windows\system32\logagent.exe
2011-09-27 19:52:09 57344 ----a-w- c:\windows\system32\logman.exe
2011-09-27 19:51:59 710144 ----a-w- c:\windows\system32\Magnify.exe
2011-09-27 19:51:54 101376 ----a-w- c:\windows\system32\shsetup.dll
2011-09-27 19:51:47 199680 ----a-w- c:\windows\system32\WebClnt.dll
2011-09-27 19:51:43 1143296 ----a-w- c:\windows\system32\wercon.exe
2011-09-27 19:51:41 876032 ----a-w- c:\windows\system32\wer.dll
2011-09-27 19:51:38 218624 ----a-w- c:\windows\system32\wdscore.dll
2011-09-27 19:51:33 1020928 ----a-w- c:\windows\system32\wdc.dll
2011-09-27 19:51:32 167424 ----a-w- c:\windows\system32\wdmaud.drv
2011-09-27 19:51:12 1555456 ----a-w- c:\windows\system32\WindowsAnytimeUpgradeCPL.dll
2011-09-27 19:51:00 163840 ----a-w- c:\windows\system32\wevtutil.exe
2011-09-27 19:49:59 49152 ----a-w- c:\windows\system32\wbem\wbemsvc.dll
2011-09-27 19:48:56 56320 ----a-w- c:\windows\system32\xmlfilter.dll
2011-09-27 19:47:59 115712 ----a-w- c:\windows\system32\WinSCard.dll
2011-09-27 19:47:54 3217408 ----a-w- c:\windows\system32\WinSAT.exe
2011-09-27 19:47:45 986600 ----a-w- c:\windows\system32\winload.exe
2011-09-27 19:47:31 189952 ----a-w- c:\windows\system32\winmm.dll
2011-09-27 19:47:30 314368 ----a-w- c:\windows\system32\winlogon.exe
2011-09-27 19:47:19 243712 ----a-w- c:\program files\movie maker\WMM2CLIP.dll
2011-09-27 19:47:16 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2011-09-27 19:47:15 322560 ----a-w- c:\program files\movie maker\WMM2FILT.dll
2011-09-27 19:47:13 162304 ----a-w- c:\windows\system32\wbem\WMIsvc.dll
2011-09-27 19:47:12 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe
2011-09-27 19:47:10 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2011-09-27 19:47:05 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2011-09-27 19:44:59 558080 ----a-w- c:\windows\system32\sysmain.dll
2011-09-27 19:43:59 185856 ----a-w- c:\windows\system32\SLLUA.exe
2011-09-27 19:42:53 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2011-09-27 19:42:51 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys
2011-09-27 19:42:49 324096 ----a-w- c:\windows\system32\untfs.dll
2011-09-27 19:42:48 37888 ----a-w- c:\windows\system32\wbem\unsecapp.exe
2011-09-27 19:42:48 342528 ----a-w- c:\windows\system32\zipfldr.dll
2011-09-27 19:42:43 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-09-27 19:42:42 196096 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-09-27 19:42:39 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys
2011-09-27 19:42:32 203264 ----a-w- c:\windows\system32\uDWM.dll
2011-09-27 19:42:24 99840 ----a-w- c:\windows\system32\ulib.dll
2011-09-27 19:42:24 280064 ----a-w- c:\windows\system32\unimdm.tsp
2011-09-27 19:42:21 222720 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-09-27 19:42:09 842240 ----a-w- c:\windows\system32\systemcpl.dll
2011-09-27 19:41:33 324608 ----a-w- c:\program files\windows nt\tabletextservice\TableTextService.dll
2011-09-27 19:40:04 125952 ----a-w- c:\windows\system32\tintlgnt.ime
2011-09-27 19:39:54 1576960 ----a-w- c:\windows\system32\tquery.dll
2011-09-27 19:39:50 170496 ----a-w- c:\windows\system32\tcpipcfg.dll
2011-09-27 19:39:49 135168 ----a-w- c:\windows\system32\tcpmon.dll
2011-09-27 19:39:47 242688 ----a-w- c:\windows\system32\tapisrv.dll
2011-09-27 19:39:43 449024 ----a-w- c:\windows\system32\termsrv.dll
2011-09-27 19:39:42 313344 ----a-w- c:\windows\system32\thawbrkr.dll
2011-09-27 19:39:40 615424 ----a-w- c:\windows\system32\themeui.dll
2011-09-27 19:39:38 72192 ----a-w- c:\windows\system32\drivers\tdx.sys
2011-09-27 19:39:38 1152000 ----a-w- c:\windows\system32\themecpl.dll
2011-09-27 19:39:36 53224 ----a-w- c:\windows\system32\drivers\termdd.sys
2011-09-27 10:25:36 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{97f9d770-d3df-4eff-bf8f-5049acfa0f6c}\mpengine.dll
2011-09-27 09:56:11 -------- d-----w- c:\users\owner\appdata\roaming\SUPERAntiSpyware.com
2011-09-27 09:55:40 -------- d-----w- c:\programdata\!SASCORE
2011-09-27 09:55:31 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-09-27 09:55:30 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-09-26 10:18:05 -------- d-----w- c:\users\owner\appdata\roaming\Malwarebytes
2011-09-26 10:17:43 -------- d-----w- c:\programdata\Malwarebytes
2011-09-26 10:17:39 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-26 10:17:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-26 10:09:55 -------- d-----w- c:\program files\CCleaner
2011-09-25 23:08:35 -------- d-----w- c:\windows\pss
2011-09-13 11:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
.
==================== Find3M ====================
.
2011-09-30 22:28:04 161792 ----a-w- c:\windows\system32\msls31.dll
2011-09-30 22:28:03 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-09-30 22:28:02 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-09-30 22:28:02 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-09-30 22:28:02 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-09-30 22:28:02 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-09-30 22:28:02 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-09-30 22:28:01 367104 ----a-w- c:\windows\system32\html.iec
2011-09-30 22:28:00 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-09-30 22:28:00 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-09-30 22:28:00 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-09-30 22:27:59 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-09-30 22:27:59 152064 ----a-w- c:\windows\system32\wextract.exe
2011-09-30 22:27:59 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-09-30 22:27:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-30 22:27:58 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-09-30 22:27:58 11776 ----a-w- c:\windows\system32\mshta.exe
2011-09-30 22:27:58 101888 ----a-w- c:\windows\system32\admparse.dll
2011-09-30 22:27:57 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-09-30 22:27:57 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-09-30 22:27:56 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
.
============= FINISH: 5:41:35.93 ===============

Attached Files


Edited by Orange Blossom, 13 October 2011 - 12:31 PM.


BC AdBot (Login to Remove)

 


#2 TinkTheHustler2

TinkTheHustler2
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:09 PM

Posted 13 October 2011 - 01:19 PM

I see that "this message has been edited by Orangeblossom" but I don't see any replies to it. Is there something wrong with my post? Did I post my results incorrectly?

The laptop is REMARKABLY slow; it takes 45 seconds to launch a web browser, WELL over 5 minutes to boot up and generally moves like syrup in December. I have run Superantispyware, Malwarebytes, Ccleaner, sfc scannow, AVG scan, and all of the pre-requisite scans to come here, per "boopme".

#3 TinkTheHustler2

TinkTheHustler2
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:03:09 PM

Posted 15 October 2011 - 05:06 AM

okey dokey. go ahead and close this topic....I've given the computer back to the owner. thanks.

#4 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:12:09 AM

Posted 16 October 2011 - 06:31 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users