Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer very slow, even slower on battery


  • This topic is locked This topic is locked
No replies to this topic

#1 lazarro

lazarro

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:18 AM

Posted 18 March 2012 - 03:57 PM

Hello, I have a problem. I am having some issues with my laptop which is not 1 year old. The system is very slow. On battery, the computer is almost unusable. I really feel the computer is infected somehow with some kind of malware/spyware software. I want a professional to read my logs. I did all the scan required (GMER and DDS). I really hope to have an answer asap.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by HP at 17:17:16 on 2012-03-18
Microsoft Windows 7 Home Basic 6.1.7601.1.1252.1.1033.18.1910.1007 [GMT -3:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\aestsrv.exe
C:\Program Files\Anti-keylogger\akl_svc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Skype\Updater\Updater.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Anti-keylogger\Anti-keylogger.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [AmIcoSinglun] c:\program files\amicosinglun\AmIcoSinglun.exe
mRun: [IAStorIcon] c:\program files\intel\intel® rapid storage technology\IAStorIcon.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [COMODO] c:\program files\comodo\comodo geekbuddy\CLPSLA.exe
mRun: [CPA] c:\program files\comodo\comodo geekbuddy\VALA.exe
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [Anti-keylogger] c:\program files\anti-keylogger\Anti-keylogger.exe /autorun
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
Trusted Zone: qq.com\cache.tv
Trusted Zone: qq.com\qqlivecaption
Trusted Zone: qq.com\qqlivehabit
Trusted Zone: qq.com\qqlivesearch
Trusted Zone: qq.com\video_1
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{84E7E99E-58FE-4F38-95A6-B488465ED8D3} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{84E7E99E-58FE-4F38-95A6-B488465ED8D3} : DhcpNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{84E7E99E-58FE-4F38-95A6-B488465ED8D3}\2454C4C414C49414E445632323 : DhcpNameServer = 192.168.2.1 142.166.145.137
TCP: Interfaces\{84E7E99E-58FE-4F38-95A6-B488465ED8D3}\2454C4C414C49414E445731373 : DhcpNameServer = 192.168.2.1 142.166.145.137
TCP: Interfaces\{84E7E99E-58FE-4F38-95A6-B488465ED8D3}\57D636D6D26796379647565727 : DhcpNameServer = 139.103.8.130 139.103.8.133
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\windows\system32\guard32.dll c:\windows\system32\guard32.dll c:\windows\system32\guard32.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-3-4 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-3-4 337880]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-1-17 491816]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-12-19 39640]
R1 krnl_akl;Anti-keylogger Kernel Service;c:\windows\system32\drivers\krnl_akl.sys [2012-2-11 367824]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2012-2-25 81920]
R2 akl_svc;Anti-keylogger Service;c:\program files\anti-keylogger\akl_svc.exe [2012-2-11 66768]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-9-9 176128]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-3-4 20696]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-3-4 57688]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-3-7 44768]
R2 CLPSLS;COMODO livePCsupport Service;c:\program files\comodo\comodo geekbuddy\CLPSLS.exe [2011-11-23 1052472]
R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2012-1-4 822624]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\hewlett-packard\shared\HPDrvMntSvc.exe [2011-3-28 94264]
R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2011-5-13 26168]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2012-2-25 95200]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-2-25 1153368]
R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2011-10-1 508776]
R2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-15 158856]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-9-9 6380544]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-9-9 222208]
R3 clwvd;HP Webcam Splitter;c:\windows\system32\drivers\clwvd.sys [2010-7-14 29168]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-2-27 132480]
R3 intelkmd;intelkmd;c:\windows\system32\drivers\igdpmd32.sys [2010-7-19 9018368]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2011-10-1 579944]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2011-10-1 194408]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2011-10-1 21864]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2011-10-1 19304]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\hewlett-packard\hp support framework\HPSA_Service.exe [2011-9-9 86072]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2012-2-25 13336]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2012-2-25 279656]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
.
=============== Created Last 30 ================
.
2012-03-18 15:57:36 -------- d-----w- c:\users\hp\appdata\local\{77B8B5E2-8826-4755-83E6-5B90ECF43210}
2012-03-18 15:57:14 -------- d-----w- c:\users\hp\appdata\local\{5ECA3EA3-4BF5-440F-8F12-DCB3DA4DA769}
2012-03-18 03:56:48 -------- d-----w- c:\users\hp\appdata\local\{08A6F37D-4F39-4AB8-AD2C-5C0D0E619455}
2012-03-18 03:56:29 -------- d-----w- c:\users\hp\appdata\local\{AAFD40DE-528C-4182-B207-5B1C3D031265}
2012-03-17 22:49:42 -------- d-----w- c:\program files\Anti-keylogger
2012-03-17 15:45:26 -------- d-----w- c:\users\hp\appdata\local\{B6A3712A-E5D8-4395-8A25-8C36A5EF53A8}
2012-03-17 15:44:54 -------- d-----w- c:\users\hp\appdata\local\{97BB8B90-39B0-4BFE-B39E-A88236D3DB42}
2012-03-17 03:44:29 -------- d-----w- c:\users\hp\appdata\local\{824FD255-EAE1-466D-9F35-3228D1D56662}
2012-03-17 03:44:12 -------- d-----w- c:\users\hp\appdata\local\{A1AFD9BF-4CC2-4555-8008-CC86AF0787EF}
2012-03-16 21:55:08 -------- d-----w- c:\users\hp\appdata\roaming\Hard Disk Sentinel
2012-03-16 21:54:35 -------- d-----w- c:\program files\Hard Disk Sentinel
2012-03-16 16:19:59 -------- d-----w- c:\users\hp\appdata\roaming\hpqLog
2012-03-16 16:19:19 -------- d-----w- c:\programdata\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
2012-03-16 15:01:52 -------- d-----w- c:\users\hp\appdata\local\{9BBF8255-3A29-4373-A6E4-49389F58D96A}
2012-03-16 15:01:31 -------- d-----w- c:\users\hp\appdata\local\{166753E6-33BF-4211-91A4-30DBAAE08399}
2012-03-16 10:21:03 6552120 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0757f9a1-fd8c-44f3-8f13-096cb296d58a}\mpengine.dll
2012-03-16 03:01:04 -------- d-----w- c:\users\hp\appdata\local\{BB356A6F-77CB-45C7-83C3-20771800D512}
2012-03-16 03:00:55 -------- d-----w- c:\users\hp\appdata\local\{2961E63A-C184-4D50-9444-C2E0D0D6F9A2}
2012-03-15 20:15:01 -------- d-sh--w- C:\$RECYCLE.BIN
2012-03-15 20:04:51 -------- d-----w- c:\users\hp\appdata\local\temp
2012-03-15 15:00:30 -------- d-----w- c:\users\hp\appdata\local\{BE44F931-B076-42F4-9B55-83227F71966B}
2012-03-15 15:00:17 -------- d-----w- c:\users\hp\appdata\local\{3A9E7A46-E87B-4120-B388-4FE25EE3F620}
2012-03-15 01:34:13 -------- d-----w- c:\users\hp\appdata\local\{7FBEC8D6-E3D2-4C61-B79F-F104CCC71F49}
2012-03-15 01:33:45 -------- d-----w- c:\users\hp\appdata\local\{D598CDAC-AB79-4AD6-9EF9-E731044BFC1A}
2012-03-14 15:21:02 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-14 15:21:00 3913584 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-14 13:25:22 2343424 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 13:25:19 1077248 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 13:24:21 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-14 13:24:21 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 13:24:21 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 13:24:19 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 13:24:19 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-14 13:24:19 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 13:21:45 -------- d-----w- c:\users\hp\appdata\local\{112F2525-570C-4ED2-A241-815FFCEF4F2D}
2012-03-14 13:21:24 -------- d-----w- c:\users\hp\appdata\local\{2EE69B38-65A1-4B8E-9D21-EB361AAD1326}
2012-03-14 01:08:19 -------- d-----w- c:\users\hp\appdata\local\{339DFBCD-F740-4607-B8C9-EF98133FAB8C}
2012-03-14 01:07:59 -------- d-----w- c:\users\hp\appdata\local\{15C7B48A-538A-4721-AA73-37F30269D3A6}
2012-03-14 00:27:32 -------- d-----w- c:\users\hp\appdata\local\{F6676FCB-2B23-4B28-996F-3D5046474511}
2012-03-14 00:27:22 -------- d-----w- c:\users\hp\appdata\local\{E222B164-F8B9-4EEA-BA7D-3BF791E65C14}
2012-03-13 11:19:45 -------- d-----w- c:\users\hp\appdata\local\{1ACEBC02-8195-4727-B8FB-140F5ACB6B4C}
2012-03-13 11:19:18 -------- d-----w- c:\users\hp\appdata\local\{5D4B8373-88DF-43B5-A14F-63CE434E6EAD}
2012-03-12 23:18:54 -------- d-----w- c:\users\hp\appdata\local\{BE2FE5D9-6C15-478F-8376-453085B91977}
2012-03-12 23:18:34 -------- d-----w- c:\users\hp\appdata\local\{BC7B5FE2-A10A-43F9-9536-C05C976970ED}
2012-03-12 11:18:03 -------- d-----w- c:\users\hp\appdata\local\{4A2538A5-E029-4552-9D80-AD64199435FF}
2012-03-12 11:17:48 -------- d-----w- c:\users\hp\appdata\local\{9CE0CC8D-853E-41EE-AEB9-95A9F9B3F3D0}
2012-03-11 16:25:13 -------- d-----w- c:\users\hp\appdata\local\{10CBC133-27A0-4C2B-9312-3D01459A1C71}
2012-03-11 16:25:03 -------- d-----w- c:\users\hp\appdata\local\{2911E378-626A-42B9-A77E-DBF769567315}
2012-03-11 04:24:36 -------- d-----w- c:\users\hp\appdata\local\{7483DD95-FE5E-403E-9691-2D9570A67F9E}
2012-03-11 04:24:14 -------- d-----w- c:\users\hp\appdata\local\{A943B15B-DD33-48ED-B8A5-00194698A974}
2012-03-10 22:37:01 -------- d-----w- C:\VritualRoot
2012-03-10 21:42:32 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2012-03-10 13:40:13 -------- d-----w- c:\users\hp\appdata\local\{BCB8403E-E125-45DA-B70E-D0E5AB229616}
2012-03-10 13:39:54 -------- d-----w- c:\users\hp\appdata\local\{91ECDC8A-866F-4A6E-861D-904F83140EB6}
2012-03-09 14:11:26 -------- d-----w- c:\users\hp\appdata\local\{032B643E-5E4A-4EF8-B48E-7FC3AA07A57F}
2012-03-09 14:11:16 -------- d-----w- c:\users\hp\appdata\local\{3C3E82F8-0E05-4182-84A4-518963F8AA49}
2012-03-09 00:35:23 -------- d-----w- c:\users\hp\appdata\roaming\OpenCandy
2012-03-09 00:34:21 -------- d-----w- c:\users\hp\appdata\roaming\BitTorrent
2012-03-09 00:13:24 333176 ----a-w- c:\windows\system32\MMInstaller.dll
2012-03-09 00:13:20 -------- d-----w- c:\program files\common files\Tencent
2012-03-09 00:13:19 -------- d-----w- c:\program files\Tencent
2012-03-09 00:13:13 -------- d-----w- c:\programdata\Tencent
2012-03-09 00:13:12 -------- d-----w- c:\users\hp\appdata\roaming\Tencent
2012-03-08 23:35:32 -------- d-----w- C:\FavoriteVideo
2012-03-08 23:34:33 -------- d-----w- c:\programdata\PPLive
2012-03-08 14:37:53 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2012-03-08 14:37:53 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2012-03-08 14:37:53 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2012-03-08 14:37:53 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2012-03-08 14:37:53 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2012-03-08 14:37:52 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2012-03-08 14:37:52 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2012-03-08 14:36:07 -------- d-----w- c:\users\hp\appdata\local\Apple
2012-03-08 14:18:34 -------- d-----w- c:\users\hp\appdata\local\{370C60B9-D41D-4EED-B98E-793FB6DFEAC8}
2012-03-08 14:18:19 -------- d-----w- c:\users\hp\appdata\local\{2E1D123C-AA76-45A5-9BCC-E153EA03D85A}
2012-03-07 15:00:51 -------- d-----w- c:\users\hp\appdata\local\{A268B29C-E3B2-4A83-8BA2-8BB8B062B0E1}
2012-03-07 15:00:40 -------- d-----w- c:\users\hp\appdata\local\{5067C80A-C355-4E58-9048-57FEF05A0F43}
2012-03-06 14:01:33 -------- d-----w- c:\users\hp\appdata\local\{9441DC85-99ED-4B16-97A0-198363595598}
2012-03-06 14:01:23 -------- d-----w- c:\users\hp\appdata\local\{2A024703-4C8E-4628-9041-A06A34AE8468}
2012-03-05 20:16:41 6552120 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2012-03-05 13:57:07 -------- d-----w- c:\users\hp\appdata\local\{D3FFEBD7-8D84-41CA-B7CA-24AF3B8393A5}
2012-03-05 13:56:55 -------- d-----w- c:\users\hp\appdata\local\{3D1452C5-B33F-42AC-A1EC-FA077ED51D70}
2012-03-04 23:12:43 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-04 23:12:43 44376 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-04 23:12:42 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-04 23:12:08 41184 ----a-w- c:\windows\avastSS.scr
2012-03-04 23:11:55 -------- d-----w- c:\programdata\AVAST Software
2012-03-04 23:11:55 -------- d-----w- c:\program files\AVAST Software
2012-03-04 15:11:06 -------- d-----w- c:\users\hp\appdata\local\{C8DA2A6C-A835-46B4-986B-C61EA78EA205}
2012-03-04 15:10:42 -------- d-----w- c:\users\hp\appdata\local\{EA47F593-E1D7-4500-9726-8F15E1B6070B}
2012-03-04 13:31:51 -------- d-----w- c:\users\hp\appdata\local\Amazon
2012-03-04 03:10:16 -------- d-----w- c:\users\hp\appdata\local\{8CCE098F-48DF-42DB-B217-833EE79A7F75}
2012-03-04 03:10:05 -------- d-----w- c:\users\hp\appdata\local\{5D185CD6-9541-4CC3-BFFA-37D1910A76E4}
2012-03-03 13:43:44 -------- d-----w- c:\users\hp\appdata\local\{5D69A275-566F-4560-B173-8D4A857DC88E}
2012-03-03 13:43:33 -------- d-----w- c:\users\hp\appdata\local\{EEDCA06E-2711-45CA-B9D1-45693BDF5C35}
2012-03-03 02:24:27 -------- d-----w- c:\users\hp\funshion
2012-03-03 02:24:27 -------- d-----w- c:\program files\Funshion Online
2012-03-03 01:43:07 -------- d-----w- c:\users\hp\appdata\local\{588E4883-8123-4CCC-A3DC-8C386A594BA0}
2012-03-03 01:42:55 -------- d-----w- c:\users\hp\appdata\local\{027A26C9-9BE5-4764-831D-A9817C67A1D7}
2012-03-02 18:57:36 -------- d-----w- c:\users\hp\appdata\local\{8AA9C0BF-3529-4516-B204-3696BF62C5E8}
2012-03-02 18:49:02 -------- d-----w- c:\users\hp\appdata\roaming\Malwarebytes
2012-03-02 18:47:47 -------- d-----w- c:\programdata\Malwarebytes
2012-03-02 18:47:46 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-02 18:47:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-03-02 17:54:46 -------- d-----w- c:\users\hp\appdata\roaming\SUPERAntiSpyware.com
2012-03-02 17:54:31 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-03-02 17:54:31 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-03-02 17:51:47 -------- d-----w- c:\users\hp\appdata\local\{EE4D62AD-BDE8-4863-880C-800E290DE8B5}
2012-03-02 16:50:40 -------- d-----w- c:\users\hp\appdata\local\{D46F9ED6-8357-489A-963F-F2D829AAA67A}
2012-03-02 04:43:45 -------- d-----w- c:\users\hp\appdata\local\{6361BBC7-11FB-4160-92EA-89B00B80A4B4}
2012-03-02 04:43:34 -------- d-----w- c:\users\hp\appdata\local\{B890A72B-DCCE-4081-A7C6-7DDEB0FFEE08}
2012-03-01 18:21:01 -------- d-----w- c:\users\hp\appdata\local\{19E092B8-C665-430D-9810-7BDDAD3EDAAC}
2012-03-01 13:49:18 202112 ----a-w- c:\windows\system32\PPTVLauncher.exe
2012-03-01 06:20:34 -------- d-----w- c:\users\hp\appdata\local\{C8DA8466-3278-4CF8-99CE-AF416C59E087}
2012-03-01 06:20:22 -------- d-----w- c:\users\hp\appdata\local\{B91907E3-A57C-4256-9E00-728EB40CB926}
2012-02-29 17:02:00 -------- d-----w- c:\users\hp\appdata\local\{D4F67F1F-B291-4EE9-9A45-8441B7F02763}
2012-02-29 17:01:44 -------- d-----w- c:\users\hp\appdata\local\{5036582B-F019-4B9E-8627-AF796F70D582}
2012-02-29 05:01:18 -------- d-----w- c:\users\hp\appdata\local\{1A5CC70A-AFD5-4291-BAA4-CA65CEC64F79}
2012-02-29 05:01:07 -------- d-----w- c:\users\hp\appdata\local\{50954320-44C5-4DF9-9E01-F97EB20928F0}
2012-02-28 17:00:40 -------- d-----w- c:\users\hp\appdata\local\{AABDD0F3-287A-4C93-9A8C-B7528560DD0E}
2012-02-28 17:00:29 -------- d-----w- c:\users\hp\appdata\local\{197647EE-AF65-4642-85FD-444494733387}
2012-02-28 15:37:29 -------- d-----w- c:\users\hp\appdata\local\{3B02161A-2F0A-4BB3-9A20-C77557DA1A0C}
2012-02-28 03:25:13 -------- d-----w- c:\users\hp\appdata\local\{B88FAED5-F3E2-470D-8D26-E0A69B6CF493}
2012-02-28 03:25:02 -------- d-----w- c:\users\hp\appdata\local\{D7DC15C6-1CC9-4150-BAC3-ED772F2E8382}
2012-02-28 03:25:02 -------- d-----w- c:\users\hp\appdata\local\{5D56CA6C-520B-419E-B782-F1776B3F7486}
2012-02-27 15:24:36 -------- d-----w- c:\users\hp\appdata\local\{636EECE3-9CA0-47A0-BA58-D90A4796DF53}
2012-02-27 15:24:25 -------- d-----w- c:\users\hp\appdata\local\{AA44F6E6-20C2-4A60-8215-BEEBF14FE673}
2012-02-27 03:23:59 -------- d-----w- c:\users\hp\appdata\local\{DDE3B909-7114-40CF-9FE9-E77981621E32}
2012-02-27 03:23:48 -------- d-----w- c:\users\hp\appdata\local\{FD526730-85B9-47AA-9250-27B43CF1DA81}
2012-02-26 23:38:13 -------- d-----w- c:\users\hp\appdata\local\Comodo
2012-02-26 23:35:06 -------- d-----w- c:\users\hp\appdata\local\Research In Motion
2012-02-26 23:34:37 35328 ----a-w- c:\windows\system32\drivers\RimSerial.sys
2012-02-26 23:34:20 -------- d-----w- c:\programdata\Research In Motion
2012-02-26 23:33:38 -------- d-----w- c:\program files\Research In Motion
2012-02-26 22:07:39 413696 ----a-r- c:\users\hp\appdata\roaming\microsoft\installer\{f3ee237a-7f47-4639-962f-7208536a7837}\BlackBerry.exe
2012-02-26 22:07:14 -------- d-----w- c:\program files\common files\Research In Motion
2012-02-26 21:30:43 -------- d-----w- c:\users\hp\appdata\roaming\Research In Motion
2012-02-26 20:47:58 -------- d-----w- c:\programdata\Comodo
2012-02-26 20:47:46 -------- d-----w- c:\program files\Comodo
2012-02-26 20:22:57 -------- d-----w- c:\programdata\VirtualizedApplications
2012-02-26 18:39:46 -------- d-----w- c:\users\hp\appdata\local\Microsoft Games
2012-02-26 17:20:06 -------- d-----w- c:\users\hp\appdata\local\Diagnostics
2012-02-26 15:37:04 -------- d-----w- c:\users\hp\appdata\roaming\SoftGrid Client
2012-02-26 15:37:04 -------- d-----w- c:\users\hp\appdata\local\SoftGrid Client
2012-02-26 15:35:49 -------- d-----w- c:\program files\Microsoft Application Virtualization Client
2012-02-26 15:35:31 -------- d-----w- c:\users\hp\appdata\roaming\TP
2012-02-26 15:23:22 -------- d-----w- c:\users\hp\appdata\local\{72DAAF8A-E744-4AB7-9D7E-79D50CF093FC}
2012-02-26 15:23:10 -------- d-----w- c:\users\hp\appdata\local\{45A3381C-7D92-4D78-9091-36E0A6071AC4}
2012-02-26 12:12:07 -------- d-----w- c:\users\hp\appdata\local\{D9563FA2-A2FA-4C29-93DD-F9BD9E7FDAB9}
2012-02-26 12:00:34 -------- d-----w- c:\users\hp\appdata\local\{6AEE963E-FDD3-40F4-8A74-04C6492B6C5C}
2012-02-26 01:47:24 -------- d-----w- c:\programdata\CPA_VA
2012-02-26 01:42:43 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-02-26 01:42:43 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-02-26 00:29:37 -------- d-----w- c:\users\hp\appdata\local\ElevatedDiagnostics
2012-02-26 00:14:42 -------- d-----w- c:\program files\ATI Technologies
2012-02-26 00:14:38 -------- d-----w- c:\program files\ATI
2012-02-26 00:07:07 -------- d-----w- c:\users\hp\appdata\local\Hewlett-Packard
2012-02-26 00:03:00 -------- d-----r- c:\program files\Skype
2012-02-25 23:59:55 -------- d-----w- c:\users\hp\appdata\local\{DF06865C-5733-4C3B-8048-FB7DA5596870}
2012-02-25 23:59:45 -------- d-----w- c:\users\hp\appdata\local\{277DEACA-D437-4E6A-95FD-613373BBDBDD}
2012-02-25 23:59:32 -------- d-----w- c:\users\hp\Tracing
2012-02-25 23:55:25 -------- d-----w- c:\windows\PCHEALTH
2012-02-25 23:54:16 -------- d-----w- c:\users\hp\appdata\local\Windows Live
2012-02-25 23:54:15 -------- d-----w- c:\program files\common files\Windows Live
2012-02-25 23:51:17 -------- d-----w- c:\program files\Yahoo!
2012-02-25 20:10:35 -------- d-----w- c:\windows\Panther
2012-02-25 19:48:12 -------- d-----w- c:\users\hp\appdata\roaming\Auslogics
2012-02-25 19:43:50 -------- d-----w- c:\program files\common files\McAfee
2012-02-25 19:43:47 -------- d-----w- c:\program files\McAfee
2012-02-25 19:14:05 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-02-25 19:14:05 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-02-25 19:12:50 -------- d-----w- c:\windows\ShellNew
2012-02-25 19:10:32 -------- d-----w- c:\program files\LibreOffice 3.5
2012-02-25 19:08:35 -------- d-----w- c:\program files\Auslogics
2012-02-25 19:08:13 -------- d-----w- c:\program files\InfraRecorder
2012-02-25 19:07:48 -------- d-----w- c:\windows\system32\Adobe
2012-02-25 19:07:41 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-25 19:07:22 -------- d-----w- c:\users\hp\appdata\local\Adobe
2012-02-25 19:06:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-25 18:12:15 -------- d-----w- c:\program files\VideoLAN
2012-02-25 17:40:59 0 ----a-w- c:\windows\ativpsrm.bin
2012-02-25 17:38:05 86016 ----a-w- c:\windows\system32\AESTCom.dll
2012-02-25 17:38:05 61440 ----a-w- c:\windows\system32\aestaren.dll
2012-02-25 17:38:05 536668 ----a-w- c:\windows\sttray.exe
2012-02-25 17:38:05 536576 ----a-w- c:\windows\system32\idtmini1.exe
2012-02-25 17:38:05 4644864 ----a-w- c:\windows\system32\stlang.dll
2012-02-25 17:38:05 380928 ----a-w- c:\windows\system32\aestecap.dll
2012-02-25 17:38:05 139776 ----a-w- c:\windows\system32\aestacap.dll
2012-02-25 17:38:05 12734556 ----a-w- c:\windows\system32\idtcpl.cpl
2012-02-25 17:38:04 -------- d-----w- c:\windows\system32\SRSLabs
2012-02-25 17:38:02 179712 ----a-w- c:\windows\system32\staco.dll
2012-02-25 17:37:25 949760 ----a-w- c:\windows\system32\stapo.dll
2012-02-25 17:37:25 532480 ------w- c:\windows\system32\stapi32.dll
2012-02-25 17:37:25 435200 ----a-w- c:\windows\system32\drivers\stwrt.sys
2012-02-25 17:37:25 405504 ----a-w- c:\windows\system32\stcplx.dll
2012-02-25 17:37:18 -------- d-----w- c:\program files\IDT
2012-02-25 17:36:20 80416 ----a-w- c:\windows\system32\RtNicProp32.dll
2012-02-25 17:36:20 279656 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
2012-02-25 17:36:20 100896 ----a-w- c:\windows\system32\RTNUninst32.dll
2012-02-25 17:36:17 -------- d-----w- c:\program files\Realtek
2012-02-25 17:35:12 -------- d-----w- c:\users\hp\appdata\roaming\Intel Corporation
2012-02-25 17:33:46 435736 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-02-25 17:33:45 -------- d-----w- C:\SP50859
2012-02-25 17:32:12 -------- d-----w- c:\programdata\AmUStor
2012-02-25 17:32:12 -------- d-----w- c:\program files\AmIcoSingLun
2012-02-25 17:29:55 -------- d-----w- c:\program files\Synaptics
2012-02-25 17:29:07 61440 ----a-w- c:\windows\system32\athihvui.dll
2012-02-25 17:29:07 397312 ----a-w- c:\windows\system32\athihvs.dll
2012-02-25 17:29:07 1882624 ----a-w- c:\windows\system32\drivers\athr.sys
2012-02-25 17:29:07 -------- d-----w- c:\windows\system32\nn-NO
2012-02-25 17:29:07 -------- d-----w- c:\windows\Options
2012-02-25 17:29:00 -------- d-----w- c:\program files\Cisco
2012-02-25 17:29:00 -------- d-----w- c:\program files\Atheros
2012-02-25 17:28:41 -------- d-----w- c:\programdata\Atheros
2012-02-25 17:25:41 -------- d-sh--w- c:\windows\Installer
2012-02-25 17:25:39 -------- d-----w- C:\System.sav
2012-02-25 17:24:04 -------- d-----w- c:\program files\common files\Intel
2012-02-25 17:16:20 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2012-02-25 17:16:20 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2012-02-25 17:13:27 870912 ----a-w- c:\windows\system32\XpsPrint.dll
2012-02-25 17:13:24 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-25 17:13:11 571904 ----a-w- c:\windows\system32\oleaut32.dll
2012-02-25 17:13:11 38912 ----a-w- c:\windows\system32\csrsrv.dll
2012-02-25 17:13:11 233472 ----a-w- c:\windows\system32\oleacc.dll
2012-02-25 17:13:10 2616320 ----a-w- c:\windows\explorer.exe
2012-02-25 17:11:43 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2012-02-25 17:06:26 53248 ----a-w- c:\windows\system32\CSVer.dll
2012-02-25 17:06:16 -------- d-----w- C:\SwSetup
2012-02-25 16:38:27 -------- d-----w- c:\users\hp\appdata\local\Google
2012-02-25 16:38:15 -------- d-----w- c:\users\hp\appdata\local\Deployment
2012-02-25 16:38:15 -------- d-----w- c:\users\hp\appdata\local\Apps
2012-02-25 16:32:46 -------- d-----w- C:\Intel
2012-02-25 16:03:41 -------- d-----w- C:\Boot
.
==================== Find3M ====================
.
2012-03-11 21:13:36 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-03-11 21:13:35 491816 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2012-03-11 21:13:34 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-03-11 21:13:19 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2012-03-11 21:13:18 301224 ----a-w- c:\windows\system32\guard32.dll
2012-02-11 18:05:32 367824 ----a-w- c:\windows\system32\drivers\krnl_akl.sys
2012-01-04 23:01:54 32768 ----a-w- c:\windows\system32\drivers\taphss.sys
2012-01-04 08:58:41 442880 ----a-w- c:\windows\system32\ntshrui.dll
2011-12-30 05:27:56 478720 ----a-w- c:\windows\system32\timedate.cpl
.
============= FINISH: 17:18:01.85 ===============

Attached Files


Edited by nasdaq, 19 March 2012 - 10:32 AM.
Duplicate post.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users