Jump to content

Random 'Water Dripping' or 'chugging' sound


Recommended Posts

A 'water dripping or 'tik tok' sound is heard at random on my laptop. The sound appears to come from the screen and can be heard when the speakers are muted.

 

I have previously been through the malware removal process on this site and was advised to seek Tech Support. The Tech Support guys, suggest this could be a malware infection and suggest  I try malware removal once again. Reply from tech support and DDS logs posted below.

 

 

Many Thanks

 

From PC General Help Forum:

 

Well the Event Logs alone are not necessarily due to an infection but certainly could be a "sign" of an underlying infection.  You said that you cleaned the hosts file yet it now shows that it's full again with entries probably due to some type of hosts management software

There are 15360 more lines starting with "127.0.0.1"

These entries though are certainly a big issue and if not addressed then the computer simply will continue to have problems of various types.

13/06/2013 07:45:24, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file):

13/06/2013 04:11:12, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Then running software like this is an open invitation and asking to get  your computer infected sooner or later.  Yes there are clean valid files to be had but a ton of infected ones as well and you have an open door for them to come into your system.  Like a cat and mouse game sooner or later your security software will miss it.

 

µTorrent
 

 

Probably best to go ahead and have someone review your system for some type of infection again.

 

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.

 

 

DDS Log:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by gary at 15:45:30 on 2013-06-18
Microsoft Windows 8  6.2.9200.0.1252.44.2057.18.8075.6253 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\dwm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Common Files\AuthenTec\TrueService.exe
C:\Program Files\Common Files\AuthenTec\TrueService.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Users\gary\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SndVol.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [uTorrent] "C:\Users\gary\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
uRun: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ISCTSY~1.LNK - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray.exe
mPolicies-System: EnableSecureUIAPath = dword:1
IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{11B2500D-0EDA-41C0-8154-A5D0512BF4E3} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{ADA4012E-DD59-4E3C-B823-B53527DFB77F} : DHCPNameServer = 100.100.10.24
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -
x64-TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [iSW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-mPolicies-System: EnableSecureUIAPath = dword:1
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1    www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\gary\AppData\Roaming\Mozilla\Firefox\Profiles\8ni317tu.default\
FF - plugin: C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - ExtSQL: 2013-04-30 17:24; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; C:\Users\gary\AppData\Roaming\Mozilla\Firefox\Profiles\8ni317tu.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2013-04-30 19:12; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\gary\AppData\Roaming\Mozilla\Firefox\Profiles\8ni317tu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-06-08 08:44; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.zonealarm.autoRvrt - false
FF - user.js: extensions.zonealarm_i.newTab - false

FF - user.js: extensions.zonealarm.id - 5c382ac20000000000006036dd75897f
FF - user.js: extensions.zonealarm.appId - {C56C48A0-DA4E-46F6-9859-1553DC865F84}
FF - user.js: extensions.zonealarm.instlDay - 15863
FF - user.js: extensions.zonealarm.vrsn - 1.8.3.16
FF - user.js: extensions.zonealarm.vrsni - 1.8.3.16
FF - user.js: extensions.zonealarm_i.vrsnTs - 1.8.3.1617:03:37
FF - user.js: extensions.zonealarm.prtnrId - checkpoint
FF - user.js: extensions.zonealarm.prdct - zonealarm
FF - user.js: extensions.zonealarm.aflt - 5043
FF - user.js: extensions.zonealarm_i.smplGrp - none
FF - user.js: extensions.zonealarm.tlbrId - base2013
FF - user.js: extensions.zonealarm.instlRef - ZLN118383973293322-5043
FF - user.js: extensions.zonealarm.dfltLng - en
FF - user.js: extensions.zonealarm.excTlbr - false
FF - user.js: extensions.zonealarm.admin - false
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\Drivers\amdkmpfd.sys [2012-7-9 35496]
R0 aswRvrt;aswRvrt;C:\Windows\System32\Drivers\aswRvrt.sys [2013-6-8 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\Drivers\aswVmm.sys [2013-6-8 189936]
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-31 645952]
R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-6-8 1025808]
R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-6-8 378432]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-1 239616]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-7-17 731688]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-6-8 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-6-8 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-6-8 46808]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-12-25 1091520]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-12-25 1112000]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-5-2 135952]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2012-8-10 1641320]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-8-10 85504]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-8-10 29600]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-7-31 35232]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 ISCTAgent;ISCT Always Updated Agent;C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2012-7-24 146984]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-12-25 165760]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-6-13 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-6-13 701512]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-4-16 39056]
R2 Start8;Stardock Start8;C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [2013-3-19 142960]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-12-25 364416]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-7-18 2699568]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\Drivers\AmpPal.sys [2012-7-17 162344]
R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\Drivers\ikbevent.sys [2012-7-24 20968]
R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\Drivers\imsevent.sys [2012-7-24 19944]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]
R3 intelkmd;intelkmd;C:\Windows\System32\Drivers\igdpmd64.sys [2012-7-25 8982208]
R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\Drivers\ISCTD64.sys [2012-7-24 46016]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\Drivers\iwdbus.sys [2012-8-9 25568]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-6-13 25928]
R3 NETwNe64;@oem15.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\Windows\System32\Drivers\NETwew00.sys [2012-8-7 4273192]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\Drivers\RtsBaStor.sys [2012-12-25 294544]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-12-25 690832]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-12-25 43832]
R3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2012-7-16 401256]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-31 20800]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:\Windows\System32\Drivers\WPRO_41_2001.sys [2013-6-8 34752]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\Drivers\AmpPal.sys [2012-7-17 162344]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\Drivers\ssadadb.sys [2011-5-13 36328]
S3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\Drivers\btmaux.sys [2012-12-25 110592]
S3 btmhsf;btmhsf;C:\Windows\System32\Drivers\btmhsf.sys [2012-12-25 825344]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\Drivers\iBtFltCoex.sys [2012-12-25 55848]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\Drivers\intelaud.sys [2012-8-9 35296]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-7-18 272176]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\Drivers\netr28x.sys [2012-6-2 1737760]
S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2012-12-25 41272]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\Drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\Drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\Drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\Drivers\ssadserd.sys [2011-5-13 146920]
S3 usb3Hub;USB-IF USB 3.0 Hub;C:\Windows\System32\Drivers\usb3Hub.sys [2012-8-9 48096]
S3 XHCIPort;USB-IF xHCI USB Host Controller;C:\Windows\System32\Drivers\xHCIPort.sys [2012-8-9 188384]
.
=============== Created Last 30 ================
.
2013-06-18 09:44:34    94656    ----a-w-    C:\Windows\System32\WPRO_41_2001woem.tmp
2013-06-16 18:32:59    --------    d-----w-    C:\ProgramData\Stardock
2013-06-16 18:32:55    --------    d-----w-    C:\Program Files (x86)\Stardock
2013-06-15 16:47:31    1300992    ----a-w-    C:\Windows\System32\gdi32.dll
2013-06-15 16:47:31    1022464    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2013-06-15 15:31:32    888320    ----a-w-    C:\Windows\System32\autochk.exe
2013-06-15 15:31:32    793088    ----a-w-    C:\Windows\SysWow64\autochk.exe
2013-06-15 15:31:32    542208    ----a-w-    C:\Windows\System32\untfs.dll
2013-06-15 15:31:32    482816    ----a-w-    C:\Windows\SysWow64\untfs.dll
2013-06-13 07:04:48    --------    d-----w-    C:\Program Files (x86)\SpywareBlaster
2013-06-13 06:57:32    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2013-06-13 06:57:32    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-11 11:45:00    264880    ----a-w-    C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10206.bin
2013-06-09 15:27:44    --------    d-----w-    C:\Users\gary\AppData\Local\{7DFDBD68-3F66-4162-A81B-50D7193E8770}
2013-06-09 15:27:43    --------    d-----w-    C:\Users\gary\AppData\Local\{54E52EA5-BF1D-4B7F-94F8-A2248779B585}
2013-06-09 13:37:04    --------    d-----w-    C:\Program Files (x86)\Wondershare
2013-06-08 07:59:18    34752    ----a-w-    C:\Windows\System32\drivers\WPRO_41_2001.sys
2013-06-08 07:45:13    72016    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2013-06-08 07:44:59    65336    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2013-06-08 07:44:59    189936    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2013-06-08 07:44:59    1025808    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2013-06-08 07:44:57    80816    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2013-06-08 07:44:37    41664    ----a-w-    C:\Windows\avastSS.scr
2013-06-08 07:44:27    --------    d-----w-    C:\Program Files\AVAST Software
2013-06-08 07:43:30    --------    d-----w-    C:\ProgramData\AVAST Software
2013-06-07 16:19:59    224256    ----a-w-    C:\Windows\System32\HPToneCtrls64.dll
2013-06-07 16:19:58    7986176    ----a-w-    C:\Windows\System32\IDTNGUI.exe
2013-06-07 16:19:58    7683584    ----a-w-    C:\Windows\System32\IDTNHP.dll
2013-06-07 16:19:58    6085632    ----a-w-    C:\Windows\System32\stlang64.dll
2013-06-07 16:19:58    464384    ----a-w-    C:\Windows\System32\slapoi64.dll
2013-06-07 16:19:58    252928    ----a-w-    C:\Windows\System32\IDTNJ.exe
2013-06-07 16:19:58    2211840    ----a-w-    C:\Windows\System32\IDTNX.dll
2013-06-07 16:19:58    1821184    ----a-w-    C:\Windows\System32\IDTNC64.cpl
2013-06-07 16:19:58    1425408    ----a-w-    C:\Windows\sttray64.exe
2013-06-07 16:19:52    --------    d-----w-    C:\Program Files\IDT
2013-06-07 16:06:14    --------    d-----w-    C:\Users\gary\AppData\Roaming\RealNetworks
2013-06-07 16:06:00    --------    d-----w-    C:\Program Files (x86)\RealNetworks
2013-06-07 16:05:59    --------    d-----w-    C:\ProgramData\RealNetworks
2013-06-07 16:05:56    --------    d-----w-    C:\Program Files (x86)\Common Files\xing shared
2013-06-07 16:04:52    --------    d-----w-    C:\Users\gary\AppData\Roaming\CheckPoint
2013-06-07 16:03:28    --------    d-----w-    C:\ProgramData\CheckPoint
2013-06-07 15:58:56    97280    ----a-w-    C:\Users\gary\AppData\Local\UrlManager.exe
2013-06-07 15:55:56    --------    d-----w-    C:\Users\gary\AppData\Roaming\DemoCreator
2013-06-07 08:39:55    --------    d-----w-    C:\Windows\ERUNT
2013-06-06 08:39:37    --------    d-----w-    C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-06-06 03:04:11    --------    d-----w-    C:\Users\gary\AppData\Local\ElevatedDiagnostics
2013-06-03 05:25:52    --------    d-sh--w-    C:\Windows\SysWow64\AI_RecycleBin
2013-06-03 05:25:51    --------    d-----w-    C:\Program Files (x86)\Reason
2013-05-20 15:49:36    --------    d-----w-    C:\Users\gary\AppData\Roaming\IDT
.
==================== Find3M  ====================
.
2013-06-07 16:05:50    499712    ----a-w-    C:\Windows\SysWow64\msvcp71.dll
2013-06-07 16:05:50    348160    ----a-w-    C:\Windows\SysWow64\msvcr71.dll
2013-06-04 22:09:22    78200    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-04 22:09:22    693112    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-15 22:37:03    44032    ----a-w-    C:\Windows\SysWow64\UXInit.dll
2013-05-15 22:35:49    53760    ----a-w-    C:\Windows\System32\UXInit.dll
2013-05-14 13:14:01    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-05-14 09:23:31    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-05-04 07:58:17    120736    ----a-w-    C:\Windows\System32\AuthHost.exe
2013-05-04 07:45:29    2233600    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-05-04 07:34:17    446720    ----a-w-    C:\Windows\System32\drivers\USBHUB3.SYS
2013-05-04 07:34:17    213248    ----a-w-    C:\Windows\System32\drivers\UCX01000.SYS
2013-05-04 07:34:15    284416    ----a-w-    C:\Windows\System32\drivers\spaceport.sys
2013-05-04 06:59:56    39424    ----a-w-    C:\Windows\System32\wuapp.exe
2013-05-04 06:59:51    1483776    ----a-w-    C:\Windows\System32\VSSVC.exe
2013-05-04 06:59:36    812544    ----a-w-    C:\Windows\System32\Magnify.exe
2013-05-04 06:59:25    98304    ----a-w-    C:\Windows\System32\wudriver.dll
2013-05-04 06:59:25    251904    ----a-w-    C:\Windows\System32\WUSettingsProvider.dll
2013-05-04 06:59:25    141824    ----a-w-    C:\Windows\System32\wuwebv.dll
2013-05-04 06:59:24    1619968    ----a-w-    C:\Windows\System32\wucltux.dll
2013-05-04 06:59:08    13644288    ----a-w-    C:\Windows\System32\Windows.UI.Xaml.dll
2013-05-04 06:58:54    328192    ----a-w-    C:\Windows\System32\ubpm.dll
2013-05-04 06:58:54    10116096    ----a-w-    C:\Windows\System32\twinui.dll
2013-05-04 06:58:49    173568    ----a-w-    C:\Windows\System32\storewuauth.dll
2013-05-04 06:58:49    1332736    ----a-w-    C:\Windows\System32\sysmain.dll
2013-05-04 06:58:48    330240    ----a-w-    C:\Windows\System32\stobject.dll
2013-05-04 06:58:28    93696    ----a-w-    C:\Windows\System32\psmsrv.dll
2013-05-04 06:58:02    470528    ----a-w-    C:\Windows\System32\netprofmsvc.dll
2013-05-04 06:58:02    151552    ----a-w-    C:\Windows\System32\netprofm.dll
2013-05-04 06:58:01    169984    ----a-w-    C:\Windows\System32\netplwiz.dll
2013-05-04 06:57:59    17408    ----a-w-    C:\Windows\System32\muifontsetup.dll
2013-05-04 06:57:46    560640    ----a-w-    C:\Windows\System32\mfmp4srcsnk.dll
2013-05-04 06:57:15    501760    ----a-w-    C:\Windows\System32\DevicePairing.dll
2013-05-04 06:57:05    179712    ----a-w-    C:\Windows\System32\bisrv.dll
2013-05-04 06:57:05    122368    ----a-w-    C:\Windows\System32\biwinrt.dll
2013-05-04 06:57:04    389120    ----a-w-    C:\Windows\System32\BCP47Langs.dll
2013-05-04 06:57:04    2305024    ----a-w-    C:\Windows\System32\authui.dll
2013-05-04 06:57:00    708096    ----a-w-    C:\Windows\System32\AppXDeploymentExtensions.dll
2013-05-04 06:57:00    1131520    ----a-w-    C:\Windows\System32\AppXDeploymentServer.dll
2013-05-04 06:56:53    419840    ----a-w-    C:\Windows\System32\intl.cpl
2013-05-04 04:58:34    34304    ----a-w-    C:\Windows\SysWow64\wuapp.exe
2013-05-04 04:58:14    758784    ----a-w-    C:\Windows\SysWow64\Magnify.exe
2013-05-04 04:58:02    83968    ----a-w-    C:\Windows\SysWow64\wudriver.dll
2013-05-04 04:58:02    125952    ----a-w-    C:\Windows\SysWow64\wuwebv.dll
2013-05-04 04:57:49    10788864    ----a-w-    C:\Windows\SysWow64\Windows.UI.Xaml.dll
2013-05-04 04:57:39    8857088    ----a-w-    C:\Windows\SysWow64\twinui.dll
2013-05-04 04:57:39    247296    ----a-w-    C:\Windows\SysWow64\ubpm.dll
2013-05-04 04:57:35    303616    ----a-w-    C:\Windows\SysWow64\stobject.dll
2013-05-04 04:57:16    18432    ----a-w-    C:\Windows\SysWow64\npmproxy.dll
2013-05-04 04:57:04    151040    ----a-w-    C:\Windows\SysWow64\netplwiz.dll
2013-05-04 04:57:04    115712    ----a-w-    C:\Windows\SysWow64\netprofm.dll
2013-05-04 04:57:02    14336    ----a-w-    C:\Windows\SysWow64\muifontsetup.dll
2013-05-04 04:56:48    411136    ----a-w-    C:\Windows\SysWow64\mfmp4srcsnk.dll
2013-05-04 04:56:14    449536    ----a-w-    C:\Windows\SysWow64\DevicePairing.dll
2013-05-04 04:56:06    92160    ----a-w-    C:\Windows\SysWow64\biwinrt.dll
2013-05-04 04:56:05    309760    ----a-w-    C:\Windows\SysWow64\BCP47Langs.dll
2013-05-04 04:56:05    2035712    ----a-w-    C:\Windows\SysWow64\authui.dll
2013-05-04 04:55:58    389632    ----a-w-    C:\Windows\SysWow64\intl.cpl
2013-05-04 04:51:38    14848    ----a-w-    C:\Windows\System32\rars.rs
2013-05-04 04:48:33    83968    ----a-w-    C:\Windows\System32\drivers\hidclass.sys
2013-05-04 04:48:26    27648    ----a-w-    C:\Windows\System32\drivers\hidusb.sys
2013-05-04 04:47:02    427520    ----a-w-    C:\Windows\System32\drivers\rdbss.sys
2013-05-04 04:10:47    14848    ----a-w-    C:\Windows\SysWow64\rars.rs
2013-04-28 22:30:55    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-04-28 22:30:12    2877440    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-04-28 22:28:33    2241024    ----a-w-    C:\Windows\System32\wininet.dll
2013-04-28 22:28:29    915968    ----a-w-    C:\Windows\System32\uxtheme.dll
2013-04-28 22:28:00    3958784    ----a-w-    C:\Windows\System32\jscript9.dll
2013-04-27 05:20:12    733184    ----a-w-    C:\Windows\System32\win32spl.dll
2013-04-23 23:13:53    1013248    ----a-w-    C:\Windows\SysWow64\certutil.exe
2013-04-23 23:12:44    1569792    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-04-23 23:12:44    109056    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
2013-04-23 22:56:35    1255936    ----a-w-    C:\Windows\System32\certutil.exe
2013-04-23 22:55:48    68096    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-04-23 22:55:48    1889280    ----a-w-    C:\Windows\System32\crypt32.dll
2013-04-23 22:55:48    141312    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-04-16 02:34:44    1455368    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-13 05:56:35    444416    ----a-w-    C:\Windows\apppatch\AcSpecfc.dll
2013-04-11 06:40:48    6987528    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2013-04-09 05:33:02    489576    ----a-w-    C:\Windows\System32\AudioEng.dll
2013-04-09 05:33:02    446792    ----a-w-    C:\Windows\System32\AudioSes.dll
2013-04-09 05:33:02    253544    ----a-w-    C:\Windows\System32\audiodg.exe
2013-04-09 05:20:02    86280    ----a-w-    C:\Windows\System32\kdnet.dll
2013-04-09 05:20:02    306952    ----a-w-    C:\Windows\System32\kd_02_10ec.dll
2013-04-09 05:18:05    77960    ----a-w-    C:\Windows\System32\kdvm.dll
2013-04-09 05:17:57    1829408    ----a-w-    C:\Windows\System32\ntdll.dll
2013-04-09 04:52:07    816128    ----a-w-    C:\Windows\System32\SearchIndexer.exe
2013-04-09 04:52:07    373760    ----a-w-    C:\Windows\System32\SearchProtocolHost.exe
2013-04-09 04:52:07    197120    ----a-w-    C:\Windows\System32\SearchFilterHost.exe
2013-04-09 04:52:07    126464    ----a-w-    C:\Windows\System32\Robocopy.exe
2013-04-09 04:52:06    804352    ----a-w-    C:\Windows\System32\RecoveryDrive.exe
2013-04-09 04:51:51    367616    ----a-w-    C:\Windows\System32\conhost.exe
2013-04-09 04:51:45    523264    ----a-w-    C:\Windows\System32\XpsGdiConverter.dll
2013-04-09 04:51:41    99840    ----a-w-    C:\Windows\System32\wscsvc.dll
2013-04-09 04:51:41    456704    ----a-w-    C:\Windows\System32\wpncore.dll
2013-04-09 04:51:17    595456    ----a-w-    C:\Windows\System32\Windows.Networking.dll
2013-04-09 04:51:17    391168    ----a-w-    C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-04-09 04:51:03    3552768    ----a-w-    C:\Windows\System32\tquery.dll
2013-04-09 04:50:53    414720    ----a-w-    C:\Windows\System32\GenuineCenter.dll
2013-04-09 04:50:39    422400    ----a-w-    C:\Windows\System32\schannel.dll
.
============= FINISH: 15:46:27.96 ===============

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 30/04/2013 16:24:48
System Uptime: 18/06/2013 10:43:34 (5 hours ago)
.
Motherboard: Hewlett-Packard |  | 18A5
Processor: Intel® Core i5-3210M CPU @ 2.50GHz | U3E1 | 2501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 910 GiB total, 796.984 GiB free.
D: is FIXED (NTFS) - 21 GiB total, 2.547 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Description: USB-IF xHCI USB Host Controller
Device ID: ROOT\UOIP_BUS_DRIVER\0000
Manufacturer: Intel Corporation
Name: USB-IF xHCI USB Host Controller
PNP Device ID: ROOT\UOIP_BUS_DRIVER\0000
Service: XHCIPort
.
Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Description: Intel® Centrino® Wireless Bluetooth® 4.0 + High Speed Adapter
Device ID: USB\VID_8087&PID_07DA\6&24DAA714&0&3
Manufacturer: Intel Corporation
Name: Intel® Centrino® Wireless Bluetooth® 4.0 + High Speed Adapter
PNP Device ID: USB\VID_8087&PID_07DA\6&24DAA714&0&3
Service: BTHUSB
.
==== System Restore Points ===================
.
RP17: 07/06/2013 09:40:02 - End of disinfection
RP18: 08/06/2013 14:22:47 - Removed Skype™ 6.3
RP19: 13/06/2013 07:06:37 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 11.6
AMD APP SDK Runtime
AMD Catalyst Install Manager
µTorrent
AuthenTec TrueAPI 64-bit
avast! Free Antivirus
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CyberLink LabelPrint
CyberLink Media Suite 10
CyberLink PhotoDirector
CyberLink PowerDirector 10
CyberLink YouCam
D3DX10
Energy Star
Free Stopwatch 2.7.0
Hewlett-Packard ACLM.NET v1.2.0.0
HP 3D DriveGuard
HP Connected Music (Meridian - installer)
HP CoolSense
HP Customer Experience Enhancements
HP Documentation
HP Games
HP Postscript Converter
HP Quick Launch
HP Recovery Manager
HP Registration Service
HP SimplePass
HP Software Framework
HP Support Assistant
HP Utility Center
HP Wireless Button Driver
Intel PROSet Wireless
Intel® Display Audio Driver
Intel® Management Engine Components
Intel® PROSet/Wireless for Bluetooth® + High Speed
Intel® PROSet/Wireless Software for Bluetooth® Technology
Intel® Smart Connect Technology 3.0 x64
Intel® WiDi
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 21.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
PokerStars
PX Profile Update
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
RealUpgrade 1.1
Spybot - Search & Destroy
SpywareBlaster 5.0
Stardock Start8
swMSM
Synaptics Pointing Device Driver
Visual Studio 2010 x64 Redistributables
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
ZoneAlarm LTD Toolbar
.
==== Event Viewer Messages From Past Week ========
.
18/06/2013 10:43:39, Error: Microsoft-Windows-Kernel-General [6]  - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.
13/06/2013 04:11:12, Error: Service Control Manager [7031]  - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
.
==== End Of File ===========================


 

Link to post
Share on other sites

Hello GPK1 and welcome to Malwarebytes!

I am D-FRED-BROWN and I will be helping you. :)

Please print or save this topic. It will make it easier for you to follow the instructions and complete all of the necessary steps.

----------Step 1----------------

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.

    Vista/Windows 7 users right-click and select Run As Administrator.

  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.

  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
----------Step 2----------------

Please download Malwarebytes Anti-Rootkit from HERE

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt
----------Step 3----------------

Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

***IMPORTANT: save ComboFix to your Desktop***

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review.

NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

----------Step 4----------------

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
----------Step 5----------------

In your next reply, please include the following:

  • TDSSKiller's logfile
  • MBAR mbar-log.txt and system-log.txt
  • ComboFix's report (C:\ComboFix.txt)
  • Security Check checkup.txt
After that, please let me know: How is your computer running now? Do you have any questions or concerns you'd like me to address? Don't hesitate to ask. :)

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Note:

Please make sure you are subscribed to this topic: Click on the "Follow This Topic" Button (at the top right of this page), make sure that the "Receive notification" box is checked and that it is set to "Instantly"

 

-------> Your topic will be closed if you haven't replied within 3 days! <--------

(If I don't respond within 24 hours, please send me a PM)

-DFB

Link to post
Share on other sites

Hi D-FRED-BROWN,

 

TDSSKiller did not detect any infections. Re: ComboFix...Im running Win 8

 

MBAR and security check logs posted below.

 

One further thought....A member from another forum suggested a link to an HP forum detailing a similar problem to mine. The reply to said problem is posted below:

 

Hello! I found this information on another website. It might help you. I have been experiencing the same thing.

 

"This is a very common issue with creative cards and it has to do with IRQ. Go into your bios and try to designate the sound card to IRQ 5 (basically by itself). That way it wont conflict and casue that noise. Its like two people yelling at each other who MUST get their point across, you will be able to make sense of it. It the sound card is sharing IRQ with another resource hungry device (graphics eg.) then that will cause the issue. Its common, google it. "

 

 

 

 

Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org

Database version: v2013.06.19.02

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16599
gary :: REDMEN [administrator]

19/06/2013 08:20:02
mbar-log-2013-06-19 (08-20-02).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: Deep Anti-Rootkit Scan | PUP
Objects scanned: 226903
Time elapsed: 28 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1003

© Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16599

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.494000 GHz
Memory total: 8467005440, free: 6114906112

Downloaded database version: v2013.06.19.02
Downloaded database version: v2013.05.22.01
Initializing...
------------ Kernel report ------------
     06/19/2013 08:19:59
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\hpdskflt.sys
\SystemRoot\System32\drivers\amdkmpfd.sys
\SystemRoot\System32\drivers\wd.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\System32\Drivers\aswrdr2.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\system32\DRIVERS\igdpmd64.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\RtsBaStor.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\system32\DRIVERS\NETwew00.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\ikbevent.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\imsevent.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\system32\DRIVERS\Accelerometer.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\WirelessButtonDriver64.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\ISCTD64.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\AMPPAL.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\WinUSB.sys
\SystemRoot\System32\drivers\WUDFRd.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WPRO_41_2001.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8008b09060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000034\
Lower Device Object: 0xfffffa8008a0d060
Lower Device Driver Name: \Driver\iaStorA\
<<<2>>>
Device number: 0, partition: 4
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8008b09060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8008b09b10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8008b09060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8008b0a040, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xfffffa8008a0d060, DeviceName: \Device\00000034\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Partition type: GUID
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 4
Partition type: GUID
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 4
Partition type: GUID
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 4471529D

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 1953525167

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 805998356
    GPT Header CurrentLba = 1 BackupLba 1953525167
    GPT Header FirstUsableLba 34  LastUsableLba 1953525134
    GPT Header Guid fba89e66-3adf-422b-a0e1-e2d24040155e
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 805998356
    Backup GPT header CurrentLba = 1953525167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1953525134
    Backup GPT header Guid fba89e66-3adf-422b-a0e1-e2d24040155e
    Backup GPT header Contains 128 partition entries starting at LBA 1953525135
    Backup GPT header Partition entry size = 128

    Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 91b81a53-2fce-4d5d-a955-86ab85bd7bf5
    FirstLBA 2048  Last LBA 821247
    Attributes 1
    Partition Name                 Basic data partition

    Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID 66ce902e-4247-4862-9229-7a36461ee6ed
    FirstLBA 821248  Last LBA 1353727
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 1 is bootable
    Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 720f874e-5c8c-4a7a-a152-9a442b8f1f93
    FirstLBA 1353728  Last LBA 1615871
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID f91576b8-16fd-4749-a422-14c048b1eb8b
    FirstLBA 1615872  Last LBA 1910194175
    Attributes 0
    Partition Name                 Basic data partition

    Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 4d26fcae-f106-4931-8c45-b0215d4ce729
    FirstLBA 1910194176  Last LBA 1953511423
    Attributes 1
    Partition Name                 Basic data partition

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removal finished

 

 

 Results of screen317's Security Check version 0.99.66  
   x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus   
Windows Defender   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File  
 SpywareBlaster 5.0    
 Spybot - Search & Destroy
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Adobe Flash Player     11.7.700.224  
 Mozilla Firefox (21.0)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 

 

Link to post
Share on other sites

My apolgies for the delay.

 

 

One further thought....A member from another forum suggested a link to an HP forum detailing a similar problem to mine. The reply to said problem is posted below:

 

Hello! I found this information on another website. It might help you. I have been experiencing the same thing.

 

"This is a very common issue with creative cards and it has to do with IRQ. Go into your bios and try to designate the sound card to IRQ 5 (basically by itself). That way it wont conflict and casue that noise. Its like two people yelling at each other who MUST get their point across, you will be able to make sense of it. It the sound card is sharing IRQ with another resource hungry device (graphics eg.) then that will cause the issue. Its common, google it. "

 

You could certainly give that a try. Could you link me to the forum where that was recommended? 

 

My gut feeling tells me this isn't malware related, but let's run a few more scans to verify there isn't anything:

 

----------Step 1----------------
Please download AdwCleaner by Xplode onto your desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.

 

----------Step 2----------------
Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

----------Step 3----------------
We need to create a New FULL OTL Report

  • Please download OTL from here if you have not done so already:
  • Save it to your desktop.
  • Double click on the OTL icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "SafeList"
  • Push the Run Scan button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

 

----------Step 4 (note: this scan may take a little time)----------------I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the esetBack.png button.
  • Push esetFinish.png

A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

 

 

----------Step 5----------------
Please post the AdwCleaner logfile, the JRT.txt, the OTL.txt and Extras.txt, and the ESET online scan log in your next reply.

Let me know how things go.

Link to post
Share on other sites

Thanks for your reply

 

Re: Designate sound card in BIOS to IRQ 5

 

I accessed the BIOS start up menu, however I couldn't find an option to change the sound card value?

 

Logs posted below. ESET didn't detect any threats and no log was produced in the ESET folder?

 

Ive attached the OTL logs as too big to post.

 

 

# AdwCleaner v2.303 - Logfile created 06/20/2013 at 08:01:10
# Updated 08/06/2013 by Xplode
# Operating system : Windows 8  (64 bits)
# User : gary - REDMEN
# Boot Mode : Normal
# Running from : C:\Users\gary\Downloads\AdwCleaner.exe
# Option [search]


***** [services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\Wondershare
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
Folder Found : C:\Users\gary\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Smart Suggestor
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Key Found : HKU\S-1-5-21-1635826418-418428999-3397147183-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Users\gary\AppData\Roaming\Mozilla\Firefox\Profiles\8ni317tu.default\prefs.js

Found : user_pref("extensions.SmartSuggestor.aid", "20049");
Found : user_pref("extensions.SmartSuggestor.ppi", true);
Found : user_pref("extensions.SmartSuggestor.uid", "b349f92070193ab252c4b39ed5d03f1e");

*************************

AdwCleaner[R1].txt - [2165 octets] - [20/06/2013 08:01:10]

########## EOF - C:\AdwCleaner[R1].txt - [2225 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 8 x64
Ran by gary on 20/06/2013 at  8:04:30.03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{66EDD1EC-32FE-4870-BC1E-69695A8299EB}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{66EDD1EC-32FE-4870-BC1E-69695A8299EB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\Program Files (x86)\wondershare"
Failed to delete: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\gary\appdata\local\{54E52EA5-BF1D-4B7F-94F8-A2248779B585}
Successfully deleted: [Empty Folder] C:\Users\gary\appdata\local\{7DFDBD68-3F66-4162-A81B-50D7193E8770}



~~~ FireFox

Successfully deleted: [File] C:\Users\gary\AppData\Roaming\mozilla\firefox\profiles\8ni317tu.default\user.js
Emptied folder: C:\Users\gary\AppData\Roaming\mozilla\firefox\profiles\8ni317tu.default\minidumps [5 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20/06/2013 at  8:08:18.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

OTL.Txt

Extras.Txt

Link to post
Share on other sites

A question re AdwCleaner log.......what is 'wondershare'? I haven't intentionally downloaded this program?

It's likely some form of adware that was installed as part of another program. I've never heard of it, but after looking into it a little bit, it seems like something that users get tricked into installing. Basically it's just junk. ;)

-----------

Still have a little more to do, but we're nearly there.

----------Step 1----------------

We need to run an OTL Fix

  • Please reopen otlicon.png on your desktop.
  • Copy and Paste the following code into the customscanfix.png textbox.

    :OTL

    [1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

    [2012/09/12 13:10:14 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    "" = C:\Windows\SysNative\shell32.dll -- [2013/03/06 07:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    "" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 06:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

    "" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)

    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34

    :Commands

    [purity]

    [emptytemp]

    [emptyjava]

    [emptyflash]

    [Reboot]

  • Push runfix.png
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
----------Step 2----------------

Instructions for DELETE:

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
Afterwards, please reboot the computer.

----------Step 3----------------

Please post the OTL and AdwCleaner reports in your next reply. How are things running now?

Link to post
Share on other sites

I've run the fixes and posted logs below. Ill need to post again in a couple of hours, to update regarding sound problem, as it comes and goes at random.

 

Many Thanks.

 

All processes killed
========== OTL ==========
File delete failed. C:\Windows\SysNative\WPRO_41_2001woem.tmp scheduled to be deleted on reboot.
C:\Windows\assembly\Desktop.ini moved successfully.
File EY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
File EY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 not found.
File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] not found.
File EY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
File EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64\ not found.
Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]\ not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64\ not found.
Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]\ not found.
ADS C:\ProgramData\Temp:5C321E34 deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: gary
->Temp folder emptied: 31600688 bytes
->Temporary Internet Files folder emptied: 59251683 bytes
->FireFox cache emptied: 138405198 bytes
->Flash cache emptied: 45316 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 94656 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8972464 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 227.00 mb
 
 
[EMPTYJAVA]
 
User: All Users
 
User: Default
 
User: Default User
 
User: gary
 
User: Public
 
Total Java Files Cleaned = 0.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: gary
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 06212013_064818

Files\Folders moved on Reboot...
C:\Windows\SysNative\WPRO_41_2001woem.tmp moved successfully.
File move failed. C:\Users\gary\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

 

 

 

# AdwCleaner v2.303 - Logfile created 06/21/2013 at 06:54:13
# Updated 08/06/2013 by Xplode
# Operating system : Windows 8  (64 bits)
# User : gary - REDMEN
# Boot Mode : Normal
# Running from : C:\Users\gary\Downloads\AdwCleaner.exe
# Option [Delete]


***** [services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Wondershare
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
Folder Deleted : C:\Users\gary\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Smart Suggestor
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Mozilla Firefox v21.0 (en-US)

File : C:\Users\gary\AppData\Roaming\Mozilla\Firefox\Profiles\8ni317tu.default\prefs.js

Deleted : user_pref("extensions.SmartSuggestor.aid", "20049");
Deleted : user_pref("extensions.SmartSuggestor.ppi", true);
Deleted : user_pref("extensions.SmartSuggestor.uid", "b349f92070193ab252c4b39ed5d03f1e");

*************************

AdwCleaner[s1].txt - [1813 octets] - [21/06/2013 06:54:13]

########## EOF - C:\AdwCleaner[s1].txt - [1873 octets] ##########


 

Link to post
Share on other sites

 

I've run the fixes and posted logs below. Ill need to post again in a couple of hours, to update regarding sound problem, as it comes and goes at random.

 

Any luck? is it still happening?

 

-----

 

Please download RogueKiller to your desktop

  • Quit all running programs
  • For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
  • When prompted, type 1 and validate
  • The RKreport.txt shall be generated next to the executable.
  • If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe

Please post the contents of the RKreport.txt in your next Reply.

Link to post
Share on other sites

No change with my sound problem.

 

Could you advise on how to change sound card value in BIOS?  (you never know)

 

RogueKiller Logs

 

RogueKiller V8.6.1 _x64_ [Jun 19 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 8 (6.2.9200 ) 64 bits version
Started in : Normal mode
User : gary [Admin rights]
Mode : Scan -- Date : 06/21/2013 16:01:20
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : Mal.Hosts ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1    www.download-winmx-free.com --> Potentially malicious!
127.0.0.1    download-winmx-free.com --> Potentially malicious!
127.0.0.1    www.facebook.com.img335.tk --> Potentially malicious!
127.0.0.1    www.free-winmx-downloads.com --> Potentially malicious!
127.0.0.1    free-winmx-downloads.com --> Potentially malicious!
127.0.0.1    www.google.dospop.com --> Potentially malicious!
127.0.0.1    www.mp3winmx.com --> Potentially malicious!
127.0.0.1    mp3winmx.com --> Potentially malicious!
127.0.0.1    winmx.click-new-download.com --> Potentially malicious!
127.0.0.1    www.winmx.click-new-download.com --> Potentially malicious!
127.0.0.1    www.winmx-d0wnload.com --> Potentially malicious!
127.0.0.1    winmx-d0wnload.com --> Potentially malicious!
127.0.0.1    winmxfrance.com --> Potentially malicious!
127.0.0.1    www.winmxfrance.com --> Potentially malicious!
127.0.0.1    www.winmx-freebie.com --> Potentially malicious!
127.0.0.1    winmx-freebie.com --> Potentially malicious!
127.0.0.1    www.winmx-music-download.com --> Potentially malicious!
127.0.0.1    winmx-music-download.com --> Potentially malicious!
127.0.0.1    winmx-usa.com --> Potentially malicious!
127.0.0.1    www.winmx-usa.com --> Potentially malicious!

127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS541010A9E680 +++++
--- User ---
[MBR] b2feecec400489dc35042c607a5cf9ba
[bSP] 0bdc0d4c7796a879c62fd2e90aea6c35 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 953869 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_06212013_160120.txt >>



 

Link to post
Share on other sites

The HOSTS entries are good... it's set up so that when you try to navigate to one of those sites, it will redirect you back to 127.0.0.1 (home)... which is good ;).

 

I'd like you to try booting to Safe Mode. Do you still hear the dripping noise there?

Link to post
Share on other sites

I've not experienced any problems' until 15.40 today. I rebooted into safe mode and the 'water chugging' type sound is heard at the exact same volume and frequency. It lasts from maybe 10 mins to 2 hours....then stops...and of course starts again.

Link to post
Share on other sites

I'm reading through some HP forums... it seems like it's a pretty common problem with the Envy series.

I don't think it's necessarily a soundcard issue as I have an HP Pavilion laptop with seemingly the same sound card as yours (do you have Beats Audio on yours?), and I have yet to encounter this problem.

I've seen a few "fixes" here and there but nothing too substantial. See if trying this helps any: http://forum.notebookreview.com/hp-envy-hdx/484905-hp-envy-17-17-3d-1xxx-series-owners-lounge-148.html#post6347979

One thing I'd like to know- does it happen when you have anything plugged into a USB port? Does it happen when you're on battery power?

Link to post
Share on other sites

Also, one thing you could try- completely uninstall any sound drivers and see if it still happens there (that will verify whether it's a sound issue).

Go to Control Panel -> Hardware and Sound -> Device Manager (it's under Devices and Printers). Go to Sound, Video and Game Controllers... Right-click on the following 2 entries and select Uninstall (if present):

1. High Definition Audio Device
2. IDT High Definition Audio CODEC

 

NOTE: This will completely uninstall your audio drivers. We can reinstall them later, but I'd like to either disable or uninstall them for now to verify this isn't an issue related to your sound card.

Link to post
Share on other sites

I've tried the fix in post 20 and I'll confirm the outcome in a couple of hours. The sound isn't related to USB port use and can be heard on both battery power and when fully charged.

 

If the fix in post 20 is unsuccessful, I'll uninstall the sound drivers and post again.

 

Thanks

Link to post
Share on other sites

The fix in post 20 didn't work out. I muted the internal mic but the noise persisted. I disabled the sound drivers when I heard the noise return . The sound is heard at the same volume/ frequency when the sound drivers are disabled.

Link to post
Share on other sites

At this point, there really isn't much else I can do to help you solve this problem as it's something directly related to your hardware.

 

I would suggest that you contact HP Customer Support and see if they can assist you with this issue. Depending on your warranty, you might be able to get an entirely new computer as this one appears to be defective.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.