Jump to content

GPK1

Honorary Members
 View Profile  See their activity

  • Posts

    42

  • Joined

  • Last visited

Reputation

0 Neutral
  1. GPK1
    ok thanks for your time and assistance. Ill contact HP
  2. GPK1
    The fix in post 20 didn't work out. I muted the internal mic but the noise persisted. I disabled the sound drivers when I heard the noise return . The sound is heard at the same volume/ frequency when the sound drivers are disabled.
  3. GPK1
    I've tried the fix in post 20 and I'll confirm the outcome in a couple of hours. The sound isn't related to USB port use and can be heard on both battery power and when fully charged. If the fix in post 20 is unsuccessful, I'll uninstall the sound drivers and post again. Thanks
  4. GPK1
    HP ENVY m6- 1178sa
  5. GPK1
    The notebook is only a few months old. The sound card drivers are up to date.
  6. GPK1
    IDT High Definition Audio Codec
  7. GPK1
    I've not experienced any problems' until 15.40 today. I rebooted into safe mode and the 'water chugging' type sound is heard at the exact same volume and frequency. It lasts from maybe 10 mins to 2 hours....then stops...and of course starts again.
  8. GPK1
    Obvious question...what causes my 127.0.01 entries in host files?
  9. GPK1
    No change with my sound problem. Could you advise on how to change sound card value in BIOS? (you never know) RogueKiller Logs RogueKiller V8.6.1 _x64_ [Jun 19 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 8 (6.2.9200 ) 64 bits version Started in : Normal mode User : gary [Admin rights] Mode : Scan -- Date : 06/21/2013 16:01:20 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : Mal.Hosts ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 www.download-winmx-free.com --> Potentially malicious! 127.0.0.1 download-winmx-free.com --> Potentially malicious! 127.0.0.1 www.facebook.com.img335.tk --> Potentially malicious! 127.0.0.1 www.free-winmx-downloads.com --> Potentially malicious! 127.0.0.1 free-winmx-downloads.com --> Potentially malicious! 127.0.0.1 www.google.dospop.com --> Potentially malicious! 127.0.0.1 www.mp3winmx.com --> Potentially malicious! 127.0.0.1 mp3winmx.com --> Potentially malicious! 127.0.0.1 winmx.click-new-download.com --> Potentially malicious! 127.0.0.1 www.winmx.click-new-download.com --> Potentially malicious! 127.0.0.1 www.winmx-d0wnload.com --> Potentially malicious! 127.0.0.1 winmx-d0wnload.com --> Potentially malicious! 127.0.0.1 winmxfrance.com --> Potentially malicious! 127.0.0.1 www.winmxfrance.com --> Potentially malicious! 127.0.0.1 www.winmx-freebie.com --> Potentially malicious! 127.0.0.1 winmx-freebie.com --> Potentially malicious! 127.0.0.1 www.winmx-music-download.com --> Potentially malicious! 127.0.0.1 winmx-music-download.com --> Potentially malicious! 127.0.0.1 winmx-usa.com --> Potentially malicious! 127.0.0.1 www.winmx-usa.com --> Potentially malicious! 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Hitachi HTS541010A9E680 +++++ --- User --- [MBR] b2feecec400489dc35042c607a5cf9ba [bSP] 0bdc0d4c7796a879c62fd2e90aea6c35 : Empty MBR Code Partition table: 0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 953869 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_06212013_160120.txt >>
  10. GPK1
    I've run the fixes and posted logs below. Ill need to post again in a couple of hours, to update regarding sound problem, as it comes and goes at random. Many Thanks. All processes killed ========== OTL ========== File delete failed. C:\Windows\SysNative\WPRO_41_2001woem.tmp scheduled to be deleted on reboot. C:\Windows\assembly\Desktop.ini moved successfully. File EY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found. File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found. File EY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 not found. File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] not found. File EY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found. File EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found. Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64\ not found. Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]\ not found. Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64\ not found. Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]\ not found. ADS C:\ProgramData\Temp:5C321E34 deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: gary ->Temp folder emptied: 31600688 bytes ->Temporary Internet Files folder emptied: 59251683 bytes ->FireFox cache emptied: 138405198 bytes ->Flash cache emptied: 45316 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 94656 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 8972464 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 227.00 mb [EMPTYJAVA] User: All Users User: Default User: Default User User: gary User: Public Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Default User: Default User User: gary ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 06212013_064818 Files\Folders moved on Reboot... C:\Windows\SysNative\WPRO_41_2001woem.tmp moved successfully. File move failed. C:\Users\gary\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot. File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot... # AdwCleaner v2.303 - Logfile created 06/21/2013 at 06:54:13 # Updated 08/06/2013 by Xplode # Operating system : Windows 8 (64 bits) # User : gary - REDMEN # Boot Mode : Normal # Running from : C:\Users\gary\Downloads\AdwCleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Program Files (x86)\Wondershare Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare Folder Deleted : C:\Users\gary\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Smart Suggestor Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Registry is clean. -\\ Mozilla Firefox v21.0 (en-US) File : C:\Users\gary\AppData\Roaming\Mozilla\Firefox\Profiles\8ni317tu.default\prefs.js Deleted : user_pref("extensions.SmartSuggestor.aid", "20049"); Deleted : user_pref("extensions.SmartSuggestor.ppi", true); Deleted : user_pref("extensions.SmartSuggestor.uid", "b349f92070193ab252c4b39ed5d03f1e"); ************************* AdwCleaner[s1].txt - [1813 octets] - [21/06/2013 06:54:13] ########## EOF - C:\AdwCleaner[s1].txt - [1873 octets] ##########
  11. GPK1
    A question re AdwCleaner log.......what is 'wondershare'? I haven't intentionally downloaded this program?
  12. GPK1
    Thanks for your reply Re: Designate sound card in BIOS to IRQ 5 I accessed the BIOS start up menu, however I couldn't find an option to change the sound card value? Logs posted below. ESET didn't detect any threats and no log was produced in the ESET folder? Ive attached the OTL logs as too big to post. # AdwCleaner v2.303 - Logfile created 06/20/2013 at 08:01:10 # Updated 08/06/2013 by Xplode # Operating system : Windows 8 (64 bits) # User : gary - REDMEN # Boot Mode : Normal # Running from : C:\Users\gary\Downloads\AdwCleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** Folder Found : C:\Program Files (x86)\Wondershare Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare Folder Found : C:\Users\gary\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar ***** [Registry] ***** Key Found : HKCU\Software\AppDataLow\Software\Smart Suggestor Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar Key Found : HKU\S-1-5-21-1635826418-418428999-3397147183-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16537 [OK] Registry is clean. -\\ Mozilla Firefox v21.0 (en-US) File : C:\Users\gary\AppData\Roaming\Mozilla\Firefox\Profiles\8ni317tu.default\prefs.js Found : user_pref("extensions.SmartSuggestor.aid", "20049"); Found : user_pref("extensions.SmartSuggestor.ppi", true); Found : user_pref("extensions.SmartSuggestor.uid", "b349f92070193ab252c4b39ed5d03f1e"); ************************* AdwCleaner[R1].txt - [2165 octets] - [20/06/2013 08:01:10] ########## EOF - C:\AdwCleaner[R1].txt - [2225 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 8 x64 Ran by gary on 20/06/2013 at 8:04:30.03 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{66EDD1EC-32FE-4870-BC1E-69695A8299EB} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{66EDD1EC-32FE-4870-BC1E-69695A8299EB} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} ~~~ Files ~~~ Folders Failed to delete: [Folder] "C:\Program Files (x86)\wondershare" Failed to delete: [Folder] "C:\Windows\syswow64\ai_recyclebin" Successfully deleted: [Empty Folder] C:\Users\gary\appdata\local\{54E52EA5-BF1D-4B7F-94F8-A2248779B585} Successfully deleted: [Empty Folder] C:\Users\gary\appdata\local\{7DFDBD68-3F66-4162-A81B-50D7193E8770} ~~~ FireFox Successfully deleted: [File] C:\Users\gary\AppData\Roaming\mozilla\firefox\profiles\8ni317tu.default\user.js Emptied folder: C:\Users\gary\AppData\Roaming\mozilla\firefox\profiles\8ni317tu.default\minidumps [5 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 20/06/2013 at 8:08:18.25 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ OTL.Txt Extras.Txt
  13. GPK1
    Hi D-FRED-BROWN, TDSSKiller did not detect any infections. Re: ComboFix...Im running Win 8 MBAR and security check logs posted below. One further thought....A member from another forum suggested a link to an HP forum detailing a similar problem to mine. The reply to said problem is posted below: Hello! I found this information on another website. It might help you. I have been experiencing the same thing. "This is a very common issue with creative cards and it has to do with IRQ. Go into your bios and try to designate the sound card to IRQ 5 (basically by itself). That way it wont conflict and casue that noise. Its like two people yelling at each other who MUST get their point across, you will be able to make sense of it. It the sound card is sharing IRQ with another resource hungry device (graphics eg.) then that will cause the issue. Its common, google it. " Malwarebytes Anti-Rootkit BETA 1.06.0.1003 www.malwarebytes.org Database version: v2013.06.19.02 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16599 gary :: REDMEN [administrator] 19/06/2013 08:20:02 mbar-log-2013-06-19 (08-20-02).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P Scan options disabled: Deep Anti-Rootkit Scan | PUP Objects scanned: 226903 Time elapsed: 28 minute(s), 42 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.06.0.1003 © Malwarebytes Corporation 2011-2012 OS version: 6.2.9200 Windows 8 x64 Account is Administrative Internet Explorer version: 10.0.9200.16599 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED CPU speed: 2.494000 GHz Memory total: 8467005440, free: 6114906112 Downloaded database version: v2013.06.19.02 Downloaded database version: v2013.05.22.01 Initializing... ------------ Kernel report ------------ 06/19/2013 08:19:59 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\iaStorA.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\System32\drivers\EhStorClass.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\DRIVERS\wfplwfs.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\hpdskflt.sys \SystemRoot\System32\drivers\amdkmpfd.sys \SystemRoot\System32\drivers\wd.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\System32\Drivers\aswVmm.sys \SystemRoot\System32\Drivers\aswRvrt.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\System32\Drivers\aswSnx.SYS \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\Drivers\aswTdi.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\System32\Drivers\aswrdr2.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\System32\Drivers\aswSP.SYS \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\System32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\kdnic.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\system32\DRIVERS\atikmpag.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\system32\DRIVERS\igdpmd64.sys \SystemRoot\System32\drivers\USBXHCI.SYS \SystemRoot\System32\drivers\ucx01000.sys \SystemRoot\System32\drivers\HECIx64.sys \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\RtsBaStor.sys \SystemRoot\system32\DRIVERS\Rt630x64.sys \SystemRoot\system32\DRIVERS\NETwew00.sys \SystemRoot\System32\drivers\vwifibus.sys \SystemRoot\System32\drivers\i8042prt.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\ikbevent.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\system32\DRIVERS\imsevent.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\System32\drivers\CmBatt.sys \SystemRoot\System32\drivers\BATTC.SYS \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys \SystemRoot\system32\DRIVERS\Accelerometer.sys \SystemRoot\System32\drivers\wmiacpi.sys \SystemRoot\System32\drivers\WirelessButtonDriver64.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\System32\drivers\intelppm.sys \SystemRoot\System32\drivers\ISCTD64.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\iwdbus.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\drivers\AMPPAL.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\UsbHub3.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\system32\DRIVERS\stwrt64.sys \SystemRoot\system32\DRIVERS\portcls.sys \SystemRoot\system32\DRIVERS\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_iaStorA.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\System32\drivers\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \??\C:\Windows\system32\drivers\aswMonFlt.sys \SystemRoot\System32\Drivers\aswFsBlk.SYS \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\System32\drivers\WinUSB.sys \SystemRoot\System32\drivers\WUDFRd.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\System32\drivers\condrv.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\drivers\WPRO_41_2001.sys \??\C:\Windows\system32\drivers\mbam.sys \SystemRoot\System32\ATMFD.DLL \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8008b09060 Upper Device Driver Name: \Driver\disk\ Lower Device Name: \Device\00000034\ Lower Device Object: 0xfffffa8008a0d060 Lower Device Driver Name: \Driver\iaStorA\ <<<2>>> Device number: 0, partition: 4 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8008b09060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8008b09b10, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8008b09060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ DevicePointer: 0xfffffa8008b0a040, DeviceName: Unknown, DriverName: \Driver\hpdskflt\ DevicePointer: 0xfffffa8008a0d060, DeviceName: \Device\00000034\, DriverName: \Driver\iaStorA\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Partition type: GUID <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> Device number: 0, partition: 4 Partition type: GUID <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 4 Partition type: GUID <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: This drive is a GPT Drive. MBR Signature: 55AA Disk Signature: 4471529D GPT Protective MBR Partition information: Partition 0 type is EFI-GPT (0xee) Partition is NOT ACTIVE. Partition starts at LBA: 1 Numsec = 1953525167 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 GPT Partition information: GPT Header Signature 4546492050415254 GPT Header Revision 65536 Size 92 CRC 805998356 GPT Header CurrentLba = 1 BackupLba 1953525167 GPT Header FirstUsableLba 34 LastUsableLba 1953525134 GPT Header Guid fba89e66-3adf-422b-a0e1-e2d24040155e GPT Header Contains 128 partition entries starting at LBA 2 GPT Header Partition entry size = 128 Backup GPT header Signature 4546492050415254 Backup GPT header Revision 65536 Size 92 CRC 805998356 Backup GPT header CurrentLba = 1953525167 BackupLba 1 Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134 Backup GPT header Guid fba89e66-3adf-422b-a0e1-e2d24040155e Backup GPT header Contains 128 partition entries starting at LBA 1953525135 Backup GPT header Partition entry size = 128 Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac Partition ID 91b81a53-2fce-4d5d-a955-86ab85bd7bf5 FirstLBA 2048 Last LBA 821247 Attributes 1 Partition Name Basic data partition Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b Partition ID 66ce902e-4247-4862-9229-7a36461ee6ed FirstLBA 821248 Last LBA 1353727 Attributes 0 Partition Name EFI system partition GPT Partition 1 is bootable Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae Partition ID 720f874e-5c8c-4a7a-a152-9a442b8f1f93 FirstLBA 1353728 Last LBA 1615871 Attributes 0 Partition Name Microsoft reserved partition Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID f91576b8-16fd-4749-a422-14c048b1eb8b FirstLBA 1615872 Last LBA 1910194175 Attributes 0 Partition Name Basic data partition Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7 Partition ID 4d26fcae-f106-4931-8c45-b0215d4ce729 FirstLBA 1910194176 Last LBA 1953511423 Attributes 1 Partition Name Basic data partition Disk Size: 1000204886016 bytes Sector size: 512 bytes Done! Scan finished ======================================= Removal queue found; removal started Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam... Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam... Removal finished Results of screen317's Security Check version 0.99.66 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Windows Defender Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` MVPS Hosts File SpywareBlaster 5.0 Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.75.0.1300 Adobe Flash Player 11.7.700.224 Mozilla Firefox (21.0) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
  14. GPK1
    A 'water dripping or 'tik tok' sound is heard at random on my laptop. The sound appears to come from the screen and can be heard when the speakers are muted. I have previously been through the malware removal process on this site and was advised to seek Tech Support. The Tech Support guys, suggest this could be a malware infection and suggest I try malware removal once again. Reply from tech support and DDS logs posted below. Many Thanks From PC General Help Forum: Well the Event Logs alone are not necessarily due to an infection but certainly could be a "sign" of an underlying infection. You said that you cleaned the hosts file yet it now shows that it's full again with entries probably due to some type of hosts management software There are 15360 more lines starting with "127.0.0.1" These entries though are certainly a big issue and if not addressed then the computer simply will continue to have problems of various types. 13/06/2013 07:45:24, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): 13/06/2013 04:11:12, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Then running software like this is an open invitation and asking to get your computer infected sooner or later. Yes there are clean valid files to be had but a ton of infected ones as well and you have an open door for them to come into your system. Like a cat and mouse game sooner or later your security software will miss it. µTorrent Probably best to go ahead and have someone review your system for some type of infection again. I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue. DDS Log: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 Run by gary at 15:45:30 on 2013-06-18 Microsoft Windows 8 6.2.9200.0.1252.44.2057.18.8075.6253 [GMT 1:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\dwm.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\Hpservice.exe C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\Stardock\Start8\Start8_64.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k WbioSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k apphost C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\dashost.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\atieclxx.exe C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\taskhostex.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\HP SimplePass\TouchControl.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files\Common Files\AuthenTec\TrueService.exe C:\Program Files\Common Files\AuthenTec\TrueService.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\rundll32.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Users\gary\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SndVol.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [uTorrent] "C:\Users\gary\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED uRun: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ISCTSY~1.LNK - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray.exe mPolicies-System: EnableSecureUIAPath = dword:1 IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.0.1 TCP: Interfaces\{11B2500D-0EDA-41C0-8154-A5D0512BF4E3} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{ADA4012E-DD59-4E3C-B823-B53527DFB77F} : DHCPNameServer = 100.100.10.24 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - x64-TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [iSW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden" x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-mPolicies-System: EnableSecureUIAPath = dword:1 . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\gary\AppData\Roaming\Mozilla\Firefox\Profiles\8ni317tu.default\ FF - plugin: C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - ExtSQL: 2013-04-30 17:24; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; C:\Users\gary\AppData\Roaming\Mozilla\Firefox\Profiles\8ni317tu.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF - ExtSQL: 2013-04-30 19:12; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\gary\AppData\Roaming\Mozilla\Firefox\Profiles\8ni317tu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF - ExtSQL: 2013-06-08 08:44; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF . ---- FIREFOX POLICIES ---- FF - user.js: extensions.zonealarm.autoRvrt - false FF - user.js: extensions.zonealarm_i.newTab - false FF - user.js: extensions.zonealarm.id - 5c382ac20000000000006036dd75897f FF - user.js: extensions.zonealarm.appId - {C56C48A0-DA4E-46F6-9859-1553DC865F84} FF - user.js: extensions.zonealarm.instlDay - 15863 FF - user.js: extensions.zonealarm.vrsn - 1.8.3.16 FF - user.js: extensions.zonealarm.vrsni - 1.8.3.16 FF - user.js: extensions.zonealarm_i.vrsnTs - 1.8.3.1617:03:37 FF - user.js: extensions.zonealarm.prtnrId - checkpoint FF - user.js: extensions.zonealarm.prdct - zonealarm FF - user.js: extensions.zonealarm.aflt - 5043 FF - user.js: extensions.zonealarm_i.smplGrp - none FF - user.js: extensions.zonealarm.tlbrId - base2013 FF - user.js: extensions.zonealarm.instlRef - ZLN118383973293322-5043 FF - user.js: extensions.zonealarm.dfltLng - en FF - user.js: extensions.zonealarm.excTlbr - false FF - user.js: extensions.zonealarm.admin - false . ============= SERVICES / DRIVERS =============== . R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\Drivers\amdkmpfd.sys [2012-7-9 35496] R0 aswRvrt;aswRvrt;C:\Windows\System32\Drivers\aswRvrt.sys [2013-6-8 65336] R0 aswVmm;aswVmm;C:\Windows\System32\Drivers\aswVmm.sys [2013-6-8 189936] R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-31 645952] R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-6-8 1025808] R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-6-8 378432] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-1 239616] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-7-17 731688] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-6-8 33400] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-6-8 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-6-8 46808] R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-12-25 1091520] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-12-25 1112000] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-5-2 135952] R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2012-8-10 1641320] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-8-10 85504] R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-8-10 29600] R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-7-31 35232] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104] R2 ISCTAgent;ISCT Always Updated Agent;C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2012-7-24 146984] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-12-25 165760] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-13 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-13 701512] R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-4-16 39056] R2 Start8;Stardock Start8;C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2013-3-19 142960] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-12-25 364416] R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-7-18 2699568] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\Drivers\AmpPal.sys [2012-7-17 162344] R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\Drivers\ikbevent.sys [2012-7-24 20968] R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\Drivers\imsevent.sys [2012-7-24 19944] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528] R3 intelkmd;intelkmd;C:\Windows\System32\Drivers\igdpmd64.sys [2012-7-25 8982208] R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\Drivers\ISCTD64.sys [2012-7-24 46016] R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\Drivers\iwdbus.sys [2012-8-9 25568] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-6-13 25928] R3 NETwNe64;@oem15.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\Windows\System32\Drivers\NETwew00.sys [2012-8-7 4273192] R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\Drivers\RtsBaStor.sys [2012-12-25 294544] R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-12-25 690832] R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-12-25 43832] R3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2012-7-16 401256] R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-31 20800] R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:\Windows\System32\Drivers\WPRO_41_2001.sys [2013-6-8 34752] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\Drivers\AmpPal.sys [2012-7-17 162344] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\Drivers\ssadadb.sys [2011-5-13 36328] S3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752] S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\Drivers\btmaux.sys [2012-12-25 110592] S3 btmhsf;btmhsf;C:\Windows\System32\Drivers\btmhsf.sys [2012-12-25 825344] S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\Drivers\iBtFltCoex.sys [2012-12-25 55848] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\Drivers\intelaud.sys [2012-8-9 35296] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-7-18 272176] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\Drivers\netr28x.sys [2012-6-2 1737760] S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2012-12-25 41272] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\Drivers\ssadbus.sys [2011-5-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\Drivers\ssadmdfl.sys [2011-5-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\Drivers\ssadmdm.sys [2011-5-13 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\Drivers\ssadserd.sys [2011-5-13 146920] S3 usb3Hub;USB-IF USB 3.0 Hub;C:\Windows\System32\Drivers\usb3Hub.sys [2012-8-9 48096] S3 XHCIPort;USB-IF xHCI USB Host Controller;C:\Windows\System32\Drivers\xHCIPort.sys [2012-8-9 188384] . =============== Created Last 30 ================ . 2013-06-18 09:44:34 94656 ----a-w- C:\Windows\System32\WPRO_41_2001woem.tmp 2013-06-16 18:32:59 -------- d-----w- C:\ProgramData\Stardock 2013-06-16 18:32:55 -------- d-----w- C:\Program Files (x86)\Stardock 2013-06-15 16:47:31 1300992 ----a-w- C:\Windows\System32\gdi32.dll 2013-06-15 16:47:31 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll 2013-06-15 15:31:32 888320 ----a-w- C:\Windows\System32\autochk.exe 2013-06-15 15:31:32 793088 ----a-w- C:\Windows\SysWow64\autochk.exe 2013-06-15 15:31:32 542208 ----a-w- C:\Windows\System32\untfs.dll 2013-06-15 15:31:32 482816 ----a-w- C:\Windows\SysWow64\untfs.dll 2013-06-13 07:04:48 -------- d-----w- C:\Program Files (x86)\SpywareBlaster 2013-06-13 06:57:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-06-13 06:57:32 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-06-11 11:45:00 264880 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10206.bin 2013-06-09 15:27:44 -------- d-----w- C:\Users\gary\AppData\Local\{7DFDBD68-3F66-4162-A81B-50D7193E8770} 2013-06-09 15:27:43 -------- d-----w- C:\Users\gary\AppData\Local\{54E52EA5-BF1D-4B7F-94F8-A2248779B585} 2013-06-09 13:37:04 -------- d-----w- C:\Program Files (x86)\Wondershare 2013-06-08 07:59:18 34752 ----a-w- C:\Windows\System32\drivers\WPRO_41_2001.sys 2013-06-08 07:45:13 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2013-06-08 07:44:59 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2013-06-08 07:44:59 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2013-06-08 07:44:59 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2013-06-08 07:44:57 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2013-06-08 07:44:37 41664 ----a-w- C:\Windows\avastSS.scr 2013-06-08 07:44:27 -------- d-----w- C:\Program Files\AVAST Software 2013-06-08 07:43:30 -------- d-----w- C:\ProgramData\AVAST Software 2013-06-07 16:19:59 224256 ----a-w- C:\Windows\System32\HPToneCtrls64.dll 2013-06-07 16:19:58 7986176 ----a-w- C:\Windows\System32\IDTNGUI.exe 2013-06-07 16:19:58 7683584 ----a-w- C:\Windows\System32\IDTNHP.dll 2013-06-07 16:19:58 6085632 ----a-w- C:\Windows\System32\stlang64.dll 2013-06-07 16:19:58 464384 ----a-w- C:\Windows\System32\slapoi64.dll 2013-06-07 16:19:58 252928 ----a-w- C:\Windows\System32\IDTNJ.exe 2013-06-07 16:19:58 2211840 ----a-w- C:\Windows\System32\IDTNX.dll 2013-06-07 16:19:58 1821184 ----a-w- C:\Windows\System32\IDTNC64.cpl 2013-06-07 16:19:58 1425408 ----a-w- C:\Windows\sttray64.exe 2013-06-07 16:19:52 -------- d-----w- C:\Program Files\IDT 2013-06-07 16:06:14 -------- d-----w- C:\Users\gary\AppData\Roaming\RealNetworks 2013-06-07 16:06:00 -------- d-----w- C:\Program Files (x86)\RealNetworks 2013-06-07 16:05:59 -------- d-----w- C:\ProgramData\RealNetworks 2013-06-07 16:05:56 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared 2013-06-07 16:04:52 -------- d-----w- C:\Users\gary\AppData\Roaming\CheckPoint 2013-06-07 16:03:28 -------- d-----w- C:\ProgramData\CheckPoint 2013-06-07 15:58:56 97280 ----a-w- C:\Users\gary\AppData\Local\UrlManager.exe 2013-06-07 15:55:56 -------- d-----w- C:\Users\gary\AppData\Roaming\DemoCreator 2013-06-07 08:39:55 -------- d-----w- C:\Windows\ERUNT 2013-06-06 08:39:37 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-06-06 03:04:11 -------- d-----w- C:\Users\gary\AppData\Local\ElevatedDiagnostics 2013-06-03 05:25:52 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin 2013-06-03 05:25:51 -------- d-----w- C:\Program Files (x86)\Reason 2013-05-20 15:49:36 -------- d-----w- C:\Users\gary\AppData\Roaming\IDT . ==================== Find3M ==================== . 2013-06-07 16:05:50 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2013-06-07 16:05:50 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2013-06-04 22:09:22 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-04 22:09:22 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-05-15 22:37:03 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll 2013-05-15 22:35:49 53760 ----a-w- C:\Windows\System32\UXInit.dll 2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-05-04 07:58:17 120736 ----a-w- C:\Windows\System32\AuthHost.exe 2013-05-04 07:45:29 2233600 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-05-04 07:34:17 446720 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS 2013-05-04 07:34:17 213248 ----a-w- C:\Windows\System32\drivers\UCX01000.SYS 2013-05-04 07:34:15 284416 ----a-w- C:\Windows\System32\drivers\spaceport.sys 2013-05-04 06:59:56 39424 ----a-w- C:\Windows\System32\wuapp.exe 2013-05-04 06:59:51 1483776 ----a-w- C:\Windows\System32\VSSVC.exe 2013-05-04 06:59:36 812544 ----a-w- C:\Windows\System32\Magnify.exe 2013-05-04 06:59:25 98304 ----a-w- C:\Windows\System32\wudriver.dll 2013-05-04 06:59:25 251904 ----a-w- C:\Windows\System32\WUSettingsProvider.dll 2013-05-04 06:59:25 141824 ----a-w- C:\Windows\System32\wuwebv.dll 2013-05-04 06:59:24 1619968 ----a-w- C:\Windows\System32\wucltux.dll 2013-05-04 06:59:08 13644288 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll 2013-05-04 06:58:54 328192 ----a-w- C:\Windows\System32\ubpm.dll 2013-05-04 06:58:54 10116096 ----a-w- C:\Windows\System32\twinui.dll 2013-05-04 06:58:49 173568 ----a-w- C:\Windows\System32\storewuauth.dll 2013-05-04 06:58:49 1332736 ----a-w- C:\Windows\System32\sysmain.dll 2013-05-04 06:58:48 330240 ----a-w- C:\Windows\System32\stobject.dll 2013-05-04 06:58:28 93696 ----a-w- C:\Windows\System32\psmsrv.dll 2013-05-04 06:58:02 470528 ----a-w- C:\Windows\System32\netprofmsvc.dll 2013-05-04 06:58:02 151552 ----a-w- C:\Windows\System32\netprofm.dll 2013-05-04 06:58:01 169984 ----a-w- C:\Windows\System32\netplwiz.dll 2013-05-04 06:57:59 17408 ----a-w- C:\Windows\System32\muifontsetup.dll 2013-05-04 06:57:46 560640 ----a-w- C:\Windows\System32\mfmp4srcsnk.dll 2013-05-04 06:57:15 501760 ----a-w- C:\Windows\System32\DevicePairing.dll 2013-05-04 06:57:05 179712 ----a-w- C:\Windows\System32\bisrv.dll 2013-05-04 06:57:05 122368 ----a-w- C:\Windows\System32\biwinrt.dll 2013-05-04 06:57:04 389120 ----a-w- C:\Windows\System32\BCP47Langs.dll 2013-05-04 06:57:04 2305024 ----a-w- C:\Windows\System32\authui.dll 2013-05-04 06:57:00 708096 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll 2013-05-04 06:57:00 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll 2013-05-04 06:56:53 419840 ----a-w- C:\Windows\System32\intl.cpl 2013-05-04 04:58:34 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe 2013-05-04 04:58:14 758784 ----a-w- C:\Windows\SysWow64\Magnify.exe 2013-05-04 04:58:02 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll 2013-05-04 04:58:02 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2013-05-04 04:57:49 10788864 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll 2013-05-04 04:57:39 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll 2013-05-04 04:57:39 247296 ----a-w- C:\Windows\SysWow64\ubpm.dll 2013-05-04 04:57:35 303616 ----a-w- C:\Windows\SysWow64\stobject.dll 2013-05-04 04:57:16 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll 2013-05-04 04:57:04 151040 ----a-w- C:\Windows\SysWow64\netplwiz.dll 2013-05-04 04:57:04 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll 2013-05-04 04:57:02 14336 ----a-w- C:\Windows\SysWow64\muifontsetup.dll 2013-05-04 04:56:48 411136 ----a-w- C:\Windows\SysWow64\mfmp4srcsnk.dll 2013-05-04 04:56:14 449536 ----a-w- C:\Windows\SysWow64\DevicePairing.dll 2013-05-04 04:56:06 92160 ----a-w- C:\Windows\SysWow64\biwinrt.dll 2013-05-04 04:56:05 309760 ----a-w- C:\Windows\SysWow64\BCP47Langs.dll 2013-05-04 04:56:05 2035712 ----a-w- C:\Windows\SysWow64\authui.dll 2013-05-04 04:55:58 389632 ----a-w- C:\Windows\SysWow64\intl.cpl 2013-05-04 04:51:38 14848 ----a-w- C:\Windows\System32\rars.rs 2013-05-04 04:48:33 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2013-05-04 04:48:26 27648 ----a-w- C:\Windows\System32\drivers\hidusb.sys 2013-05-04 04:47:02 427520 ----a-w- C:\Windows\System32\drivers\rdbss.sys 2013-05-04 04:10:47 14848 ----a-w- C:\Windows\SysWow64\rars.rs 2013-04-28 22:30:55 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-04-28 22:30:12 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-04-28 22:28:33 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-04-28 22:28:29 915968 ----a-w- C:\Windows\System32\uxtheme.dll 2013-04-28 22:28:00 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-04-27 05:20:12 733184 ----a-w- C:\Windows\System32\win32spl.dll 2013-04-23 23:13:53 1013248 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-04-23 23:12:44 1569792 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-04-23 23:12:44 109056 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-04-23 22:56:35 1255936 ----a-w- C:\Windows\System32\certutil.exe 2013-04-23 22:55:48 68096 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-04-23 22:55:48 1889280 ----a-w- C:\Windows\System32\crypt32.dll 2013-04-23 22:55:48 141312 ----a-w- C:\Windows\System32\cryptnet.dll 2013-04-16 02:34:44 1455368 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-04-13 05:56:35 444416 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-11 06:40:48 6987528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-04-09 05:33:02 489576 ----a-w- C:\Windows\System32\AudioEng.dll 2013-04-09 05:33:02 446792 ----a-w- C:\Windows\System32\AudioSes.dll 2013-04-09 05:33:02 253544 ----a-w- C:\Windows\System32\audiodg.exe 2013-04-09 05:20:02 86280 ----a-w- C:\Windows\System32\kdnet.dll 2013-04-09 05:20:02 306952 ----a-w- C:\Windows\System32\kd_02_10ec.dll 2013-04-09 05:18:05 77960 ----a-w- C:\Windows\System32\kdvm.dll 2013-04-09 05:17:57 1829408 ----a-w- C:\Windows\System32\ntdll.dll 2013-04-09 04:52:07 816128 ----a-w- C:\Windows\System32\SearchIndexer.exe 2013-04-09 04:52:07 373760 ----a-w- C:\Windows\System32\SearchProtocolHost.exe 2013-04-09 04:52:07 197120 ----a-w- C:\Windows\System32\SearchFilterHost.exe 2013-04-09 04:52:07 126464 ----a-w- C:\Windows\System32\Robocopy.exe 2013-04-09 04:52:06 804352 ----a-w- C:\Windows\System32\RecoveryDrive.exe 2013-04-09 04:51:51 367616 ----a-w- C:\Windows\System32\conhost.exe 2013-04-09 04:51:45 523264 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2013-04-09 04:51:41 99840 ----a-w- C:\Windows\System32\wscsvc.dll 2013-04-09 04:51:41 456704 ----a-w- C:\Windows\System32\wpncore.dll 2013-04-09 04:51:17 595456 ----a-w- C:\Windows\System32\Windows.Networking.dll 2013-04-09 04:51:17 391168 ----a-w- C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll 2013-04-09 04:51:03 3552768 ----a-w- C:\Windows\System32\tquery.dll 2013-04-09 04:50:53 414720 ----a-w- C:\Windows\System32\GenuineCenter.dll 2013-04-09 04:50:39 422400 ----a-w- C:\Windows\System32\schannel.dll . ============= FINISH: 15:46:27.96 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 8 Boot Device: \Device\HarddiskVolume2 Install Date: 30/04/2013 16:24:48 System Uptime: 18/06/2013 10:43:34 (5 hours ago) . Motherboard: Hewlett-Packard | | 18A5 Processor: Intel® Core i5-3210M CPU @ 2.50GHz | U3E1 | 2501/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 910 GiB total, 796.984 GiB free. D: is FIXED (NTFS) - 21 GiB total, 2.547 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {8a2edc79-c759-46f2-88af-9d4efe3b5eee} Description: USB-IF xHCI USB Host Controller Device ID: ROOT\UOIP_BUS_DRIVER\0000 Manufacturer: Intel Corporation Name: USB-IF xHCI USB Host Controller PNP Device ID: ROOT\UOIP_BUS_DRIVER\0000 Service: XHCIPort . Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Description: Intel® Centrino® Wireless Bluetooth® 4.0 + High Speed Adapter Device ID: USB\VID_8087&PID_07DA\6&24DAA714&0&3 Manufacturer: Intel Corporation Name: Intel® Centrino® Wireless Bluetooth® 4.0 + High Speed Adapter PNP Device ID: USB\VID_8087&PID_07DA\6&24DAA714&0&3 Service: BTHUSB . ==== System Restore Points =================== . RP17: 07/06/2013 09:40:02 - End of disinfection RP18: 08/06/2013 14:22:47 - Removed Skype™ 6.3 RP19: 13/06/2013 07:06:37 - Windows Update . ==== Installed Programs ====================== . Adobe Flash Player 11 Plugin Adobe Shockwave Player 11.6 AMD APP SDK Runtime AMD Catalyst Install Manager µTorrent AuthenTec TrueAPI 64-bit avast! Free Antivirus Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All Catalyst Control Center Profiles Mobile ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CyberLink LabelPrint CyberLink Media Suite 10 CyberLink PhotoDirector CyberLink PowerDirector 10 CyberLink YouCam D3DX10 Energy Star Free Stopwatch 2.7.0 Hewlett-Packard ACLM.NET v1.2.0.0 HP 3D DriveGuard HP Connected Music (Meridian - installer) HP CoolSense HP Customer Experience Enhancements HP Documentation HP Games HP Postscript Converter HP Quick Launch HP Recovery Manager HP Registration Service HP SimplePass HP Software Framework HP Support Assistant HP Utility Center HP Wireless Button Driver Intel PROSet Wireless Intel® Display Audio Driver Intel® Management Engine Components Intel® PROSet/Wireless for Bluetooth® + High Speed Intel® PROSet/Wireless Software for Bluetooth® Technology Intel® Smart Connect Technology 3.0 x64 Intel® WiDi Intel® PROSet/Wireless WiFi Software Intel® Trusted Connect Service Client Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft Application Error Reporting Microsoft Games for Windows - LIVE Redistributable Microsoft Office Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 21.0 (x86 en-US) Mozilla Maintenance Service MSVCRT PokerStars PX Profile Update RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer Realtek Ethernet Controller Driver Realtek PCIE Card Reader RealUpgrade 1.1 Spybot - Search & Destroy SpywareBlaster 5.0 Stardock Start8 swMSM Synaptics Pointing Device Driver Visual Studio 2010 x64 Redistributables Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Language Selector Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ZoneAlarm LTD Toolbar . ==== Event Viewer Messages From Past Week ======== . 18/06/2013 10:43:39, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''. 13/06/2013 04:11:12, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. . ==== End Of File ===========================
  15. GPK1
    Hi Guys, It's been 4 days since I posted my latest logs. Can I assume these logs do not provide the information required to assist with my sound problem?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.