Jump to content

NEED HELP, PLEASE


Recommended Posts

Hi,

I am in desperate need of assistance. I followed the instructions of recording the logs. I actually believe this has spread to my other computers on my home network. My computer sometimes shuts down all by itself. Any help would be greatly appreciated.I am not sure if this matters but there are tunnel adapters attached to my ip config file. I have tried everything that I could think of.

Mj

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Database version: 7277

Windows 6.1.7601 Service Pack 1

Internet Explorer 8.0.7601.17514

7/26/2011 1:45:18 AM

mbam-log-2011-07-26 (01-45-18).txt

Scan type: Quick scan

Objects scanned: 172112

Time elapsed: 3 minute(s), 16 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

.

DDS (Ver_2011-06-23.01) - NTFSAMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_20

Run by Maureen's Computer at 0:41:47 on 2011-07-26

.

============== Running Processes ===============

.

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\windows\system32\DRIVERS\o2flash.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\real\realplayer\Update\realsched.exe

C:\Program Files (x86)\Malware protection\mbamgui.exe

C:\Program Files (x86)\Malware protection\mbamservice.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\windows\SysWOW64\DllHost.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWWSC.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.exe

C:\Program Files (x86)\Malware protection\mbam.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Maureen's Computer\Desktop\dds.scr

.

============== Pseudo HJT Report ===============

.

uSearch Page = hxxp://www.google.com

uStart Page = hxxp://www.netvibes.com/privatepage/1#General

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt

uSearch Bar = hxxp://www.google.com/ie

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110515124845.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File

TB: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File

uRun: [PhotoshopElements8SyncAgent] C:\Program Files (x86)\Adobe\Elements Organizer 8.0\ElementsOrganizerSyncAgent.exe

uRun: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

mRun: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED

mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun: [iolo Startup] "C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malware protection\mbamgui.exe" /starttray

uPolicies-explorer: HideSCAHealth = 1 (0x1)

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL

Trusted Zone: internet

Trusted Zone: mcafee.com

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {445F47D7-E043-4BD6-82EB-7A1BD0EBA773} - hxxp://www.opinionguru.com/CopyGuardIE.cab

DPF: {49232000-16E4-426C-A231-62846947304B} - hxxps://wimpro2.cce.hp.com/ChatEntry/downloads/sysinfo.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab

DPF: {A7846ED2-9DE6-4E8A-B116-A8ACEBFA7DB1} - hxxp://rms2.invokesolutions.com/events/bin/6.2.0.1452/MILive.cab

DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab

DPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47}

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{B558047B-3B4B-4950-AF98-0D07359ECE5B} : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{B558047B-3B4B-4950-AF98-0D07359ECE5B}\4786560286F6F6B6025707 : DhcpNameServer = 192.168.1.1

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110515124845.dll

BHO-X64: scriptproxy - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File

TB-X64: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No File

mRun-x64: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED

mRun-x64: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

mRun-x64: [iolo Startup] "C:\Program Files (x86)\iolo\Common\Lib\ioloLManager.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malware protection\mbamgui.exe" /starttray

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Maureen's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\4u8o72dn.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/?pc=Z002&form=ZGAPHP

FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff4.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox4\components\avgssff5.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll

FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll

FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll

FF - component: C:\Users\Maureen's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\4u8o72dn.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko19.dll

FF - component: C:\Users\Maureen's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\4u8o72dn.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll

FF - plugin: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol500.dll

FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Maureen's Computer\AppData\Roaming\Mozilla\Firefox\Profiles\4u8o72dn.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

FF - Ext: Adobe DLM (powered by getPlus®): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com

FF - Ext: BitTorrentBar Community Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - %profile%\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}

FF - Ext: Search Toolbar: searchtoolbar@zugo.com - %profile%\extensions\searchtoolbar@zugo.com

FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

.

---- FIREFOX POLICIES ----

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

FF - user.js: general.useragent.extra.brc -

.

============= SERVICES / DRIVERS ===============

.

R? Akamai;Akamai NetSession Interface

R? cfwids;McAfee Inc. cfwids

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64

R? ConfigFree Service;ConfigFree Service

R? fssfltr;fssfltr

R? fsssvc;Windows Live Family Safety Service

R? ioloFileInfoList;iolo FileInfoList Service

R? libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0

R? McComponentHostService;McAfee Security Scan Component Host Service

R? McShield;McShield

R? mferkdet;McAfee Inc. mferkdet

R? mferkdk;McAfee Inc. mferkdk

R? mfesmfk;McAfee Inc. mfesmfk

R? TsUsbFlt;TsUsbFlt

R? USBAAPL64;Apple Mobile USB Driver

R? wlcrasvc;Windows Live Mesh remote connections service

S? cfWiMAXService;ConfigFree WiMAX Service

S? ElRawDisk;ElRawDisk

S? HECIx64;Intel® Management Engine Interface

S? IAStorDataMgrSvc;Intel® Rapid Storage Technology

S? Impcd;Impcd

S? IntcDAud;Intel® Display Audio

S? ioloSystemService;iolo System Service

S? L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller

S? MBAMProtector;MBAMProtector

S? MBAMService;MBAMService

S? mfeavfk;McAfee Inc. mfeavfk

S? mfefire;McAfee Firewall Core Service

S? mfefirek;McAfee Inc. mfefirek

S? mfehidk;McAfee Inc. mfehidk

S? mfenlfk;McAfee NDIS Light Filter

S? mfevtp;McAfee Validation Trust Protection Service

S? mfewfpk;McAfee Inc. mfewfpk

S? O2MDGRDR;O2MDGRDR

S? O2SDGRDR;O2SDGRDR

S? PGEffect;Pangu effect driver

S? QIOMem;Generic IO & Memory Access

S? regi;regi

S? rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver

S? Thpdrv;TOSHIBA HDD Protection Driver

S? Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver

S? TMachInfo;TMachInfo

S? tos_sps64;TOSHIBA tos_sps64 Service

S? TOSHIBA eco Utility Service;TOSHIBA eco Utility Service

S? TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service

S? TPCHSrv;TPCH Service

S? TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver

S? UNS;Intel® Management & Security Application User Notification Service

S? vwififlt;Virtual WiFi Filter Driver

S? vwifimp;Microsoft Virtual WiFi Miniport Service

.

=============== Created Last 30 ================

.

2011-07-25 22:14:12 -------- d-----w- C:\Program Files (x86)\CCleaner

2011-07-25 20:51:11 -------- d-----w- C:\windows\SysWow64\syncdb

2011-07-25 11:06:18 41272 ----a-w- C:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-25 11:06:14 -------- d-----w- C:\Program Files (x86)\Malware protection

2011-07-25 09:55:44 -------- d-----w- C:\Users\Maureen's Computer\AppData\Local\AVG Security Toolbar

2011-07-25 07:43:22 -------- d--h--w- C:\ProgramData\Common Files

2011-07-25 07:43:16 -------- d-----w- C:\ProgramData\AVG Security Toolbar

2011-07-25 07:42:06 -------- d-----w- C:\ProgramData\AVG10

2011-07-25 07:32:37 -------- d-----w- C:\ProgramData\MFAData

2011-07-22 00:11:42 719496 ----a-w- C:\windows\isRS-000.tmp

2011-07-14 15:26:23 -------- d-----w- C:\windows\System32\SPReview

2011-07-14 15:25:53 -------- d-----w- C:\windows\System32\EventProviders

2011-07-13 19:40:59 7680 ----a-w- C:\windows\SysWow64\instnm.exe

2011-07-13 19:40:59 5120 ----a-w- C:\windows\SysWow64\wow32.dll

2011-07-13 19:40:56 2048 ----a-w- C:\windows\SysWow64\user.exe

.

==================== Find3M ====================

.

2011-07-19 23:25:34 14848 ----a-w- C:\windows\System32\smrgdf.exe

2011-07-19 23:25:28 45568 ----a-w- C:\windows\System32\iolobtdfg.exe

2011-07-19 22:42:46 2141832 ----a-w- C:\windows\System32\Incinerator64.dll

2011-07-19 22:42:44 2083464 ----a-w- C:\windows\SysWow64\Incinerator32.dll

2011-07-14 15:36:19 175616 ----a-w- C:\windows\System32\msclmd.dll

2011-07-14 15:36:19 152576 ----a-w- C:\windows\SysWow64\msclmd.dll

2011-07-07 02:52:42 25912 ----a-w- C:\windows\System32\drivers\mbam.sys

2011-06-22 23:19:48 404640 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-06-11 03:07:25 3137536 ----a-w- C:\windows\System32\win32k.sys

2011-06-07 20:03:14 18816 ----a-w- C:\windows\System32\roboot64.exe

2011-06-03 06:57:45 362496 ----a-w- C:\windows\System32\wow64win.dll

2011-06-03 06:57:45 243200 ----a-w- C:\windows\System32\wow64.dll

2011-06-03 06:57:45 13312 ----a-w- C:\windows\System32\wow64cpu.dll

2011-06-03 06:57:44 214528 ----a-w- C:\windows\System32\winsrv.dll

2011-06-03 06:57:38 16384 ----a-w- C:\windows\System32\ntvdm64.dll

2011-06-03 06:56:38 421888 ----a-w- C:\windows\System32\KernelBase.dll

2011-06-03 06:53:33 338944 ----a-w- C:\windows\System32\conhost.exe

2011-06-03 06:00:53 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll

2011-06-03 05:57:52 44032 ----a-w- C:\windows\apppatch\acwow64.dll

2011-06-03 05:57:33 25600 ----a-w- C:\windows\SysWow64\setup16.exe

2011-06-03 05:56:11 272384 ----a-w- C:\windows\SysWow64\KernelBase.dll

2011-06-03 03:48:32 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2011-06-03 03:48:31 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2011-06-03 03:48:31 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2011-06-03 03:48:31 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2011-05-28 03:30:09 1638912 ----a-w- C:\windows\System32\mshtml.tlb

2011-05-28 02:53:58 1638912 ----a-w- C:\windows\SysWow64\mshtml.tlb

2011-05-24 11:42:55 404480 ----a-w- C:\windows\System32\umpnpmgr.dll

2011-05-24 10:40:05 64512 ----a-w- C:\windows\SysWow64\devobj.dll

2011-05-24 10:40:05 44544 ----a-w- C:\windows\SysWow64\devrtl.dll

2011-05-24 10:39:38 145920 ----a-w- C:\windows\SysWow64\cfgmgr32.dll

2011-05-24 10:37:54 252928 ----a-w- C:\windows\SysWow64\drvinst.exe

2011-05-22 20:43:20 499712 ----a-w- C:\windows\SysWow64\msvcp71.dll

2011-05-22 20:43:20 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll

2011-05-04 05:25:03 2315776 ----a-w- C:\windows\System32\tquery.dll

2011-05-04 05:22:25 778752 ----a-w- C:\windows\System32\mssvp.dll

2011-05-04 05:22:25 2223616 ----a-w- C:\windows\System32\mssrch.dll

2011-05-04 05:22:24 75264 ----a-w- C:\windows\System32\msscntrs.dll

2011-05-04 05:22:24 491520 ----a-w- C:\windows\System32\mssph.dll

2011-05-04 05:22:24 288256 ----a-w- C:\windows\System32\mssphtb.dll

2011-05-04 05:19:28 591872 ----a-w- C:\windows\System32\SearchIndexer.exe

2011-05-04 05:19:28 249856 ----a-w- C:\windows\System32\SearchProtocolHost.exe

2011-05-04 05:19:28 113664 ----a-w- C:\windows\System32\SearchFilterHost.exe

2011-05-04 04:34:43 1549312 ----a-w- C:\windows\SysWow64\tquery.dll

2011-05-04 04:32:02 666624 ----a-w- C:\windows\SysWow64\mssvp.dll

2011-05-04 04:32:01 337408 ----a-w- C:\windows\SysWow64\mssph.dll

2011-05-04 04:32:01 197120 ----a-w- C:\windows\SysWow64\mssphtb.dll

2011-05-04 04:32:01 1401344 ----a-w- C:\windows\SysWow64\mssrch.dll

2011-05-04 04:32:00 59392 ----a-w- C:\windows\SysWow64\msscntrs.dll

2011-05-04 04:28:31 86528 ----a-w- C:\windows\SysWow64\SearchFilterHost.exe

2011-05-04 04:28:31 427520 ----a-w- C:\windows\SysWow64\SearchIndexer.exe

2011-05-04 04:28:31 164352 ----a-w- C:\windows\SysWow64\SearchProtocolHost.exe

2011-05-03 05:29:29 976896 ----a-w- C:\windows\System32\inetcomm.dll

2011-05-03 04:30:02 741376 ----a-w- C:\windows\SysWow64\inetcomm.dll

2011-04-29 03:06:10 467456 ----a-w- C:\windows\System32\drivers\srv.sys

2011-04-29 03:05:49 410112 ----a-w- C:\windows\System32\drivers\srv2.sys

2011-04-29 03:05:37 168448 ----a-w- C:\windows\System32\drivers\srvnet.sys

.

============= FINISH: 0:42:41.02 ===============

ark.zip

Attach.zip

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

My computer sometimes shuts down all by itself.
This is not a symptom of malware. Your computer is probably running too hot from clogged fans.

Download and install SpeedFan. Tell me what temperatures it is reporting (take a screenshot please).

Let me know if you have any difficulties setting it up.

Please describe the symptoms of infection that you are currently experiencing.

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.