Jump to content

Sloak

Members
  • Posts

    6
  • Joined

  • Last visited

Everything posted by Sloak

  1. yes sorry had to catch up some school work and labs will be running the scans either tonight or tomarrow and post back sorry about the delay and I rteally appreaciate your help
  2. The following loggs are attached thanks again for your help info.txt log.txt
  3. Ok I removed the tool bars and the spyware terminator and fixed the failed install of super anti spyware Then I ran malwarebytes and thi is the log Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4316 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 7/23/2010 9:38:06 AM mbam-log-2010-07-23 (09-38-06).txt Scan type: Quick scan Objects scanned: 155614 Time elapsed: 4 minute(s), 12 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files (x86)\DP32\display32.exe (Trojan.Backdoor) -> Delete on reboot. C:\Users\Bodie\AppData\Local\Temp\22.exe (Trojan.Downloader) -> Delete on reboot. theese 2 keep coming up even after a reboot Tried several times all in all systems running Fine so what do I do now are these files false positives I cannot locate the files I'm running win 7 home premium 64 bit awaiting your reply and thanks in advance
  4. 6 days and no reply I still need help please am I infected bad? I think I finaly got rid of the 22.exe and the display32.exe by running in safe mode but I was wanting someone to read my loggs and tell me if I'm infected elsewere
  5. ok I posted elsewhere and was instructed to run some scans a repost here so here they are and gmer ran but gave me this error first C:\Windows\system32\config\system: The system cannot find the file specified. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4316 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 7/16/2010 1:59:22 AM mbam-log-2010-07-16 (01-59-22).txt Scan type: Quick scan Objects scanned: 155939 Time elapsed: 3 minute(s), 50 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files (x86)\DP32\display32.exe (Trojan.Backdoor) -> Delete on reboot. C:\Users\Bodie\AppData\Local\Temp\22.exe (Trojan.Downloader) -> Delete on reboot. DDS (Ver_10-03-17.01) - NTFSX64 Run by Bodie at 1:34:17.06 on Fri 07/16/2010 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.7935.6109 [GMT -4:00] SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7} SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\SysWOW64\svchost.exe -k Akamai C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe C:\Program Files (x86)\MediaMall\MediaMallServer.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe C:\Program Files (x86)\ThreatFire\TFService.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe C:\Program Files (x86)\ThreatFire\TFTray.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Bodie\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uSearch Page = uStart Page = hxxp://att.my.yahoo.com/ uSearch Bar = mStart Page = hxxp://www.bigseekpro.com/cdcovers/{028D1584-8F44-41D7-BE3E-A9B52DBFA9FC} mLocal Page = c:\windows\syswow64\blank.htm uURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files (x86)\zynga\tbZyng.dll uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files (x86)\yahoo!\companion\installs\cpn\yt.dll mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files (x86)\zynga\tbZyng.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files (x86)\yahoo!\companion\installs\cpn\yt.dll BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~2\crawler\toolbar\ctbr.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files (x86)\zynga\tbZyng.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files (x86)\yahoo!\companion\installs\cpn\YTSingleInstance.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files (x86)\yahoo!\companion\installs\cpn\yt.dll TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files (x86)\zynga\tbZyng.dll TB: &Crawler Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~2\crawler\toolbar\ctbr.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [spywareTerminatorUpdate] "c:\program files (x86)\spyware terminator\SpywareTerminatorUpdate.exe" uRun: [DriverMax] "c:\program files (x86)\innovative solutions\drivermax\devices.exe" -agent uRun: [DriverMax_RESTART] "c:\program files (x86)\innovative solutions\drivermax\devices.exe" -RESTART mRun: [Gateway Photo Frame] c:\program files (x86)\gateway photo frame\ButtonMonitor.exe -A mRun: [GrooveMonitor] "c:\program files (x86)\microsoft office\office12\GrooveMonitor.exe" mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui mRun: [amd_dc_opt] c:\program files (x86)\amd\dual-core optimizer\amd_dc_opt.exe mRun: [CloneCDTray] "c:\program files (x86)\slysoft\clonecd\CloneCDTray.exe" /s mRun: [ThreatFire] c:\program files (x86)\threatfire\TFTray.exe mRun: [VirtualCloneDrive] "c:\program files (x86)\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s mRun: [Monitor] "c:\program files (x86)\leapfrog\leapfrog connect\Monitor.exe" mRun: [startCCC] "c:\program files (x86)\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\users\bodie\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files (x86)\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Crawler Search - tbr:iemenu IE: E&xport to Microsoft Excel - c:\progra~2\micros~4\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~4\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~4\office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_BHO.dll DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://support.gateway.com/support/profiler/PCPitStop.CAB DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files (x86)\yahoo!\common\Yinsthelper.dll DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} - hxxp://zone.msn.com/bingame/zpagames/zpa_wof.cab55579.cab DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} - hxxp://support.gateway.com/support/serialharvest/gwCID.CAB DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~2\crawler\toolbar\ctbr.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB-X64: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File TB-X64: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe mRun-x64: [skytel] c:\program files\realtek\audio\hda\Skytel.exe mRun-x64: [itype] "c:\program files\microsoft intellitype pro\itype.exe" mRun-x64: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" ============= SERVICES / DRIVERS =============== R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2010-5-20 65072] R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2010-5-20 59880] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-4-5 121936] R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-13 27136] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-5-27 203264] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-4-5 20048] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-4-5 61008] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-7-13 40384] R2 MediaMall Server;MediaMall Server;c:\program files (x86)\mediamall\MediaMallServer.exe [2010-3-18 3827056] R2 OrbisClient.Services;LabSim Configuration and Security;c:\program files (x86)\testout\orbis\OrbisClient.Services.exe [2010-3-23 14336] R2 ThreatFire;ThreatFire;c:\program files (x86)\threatfire\tfservice.exe service --> c:\program files (x86)\threatfire\TFService.exe service [?] R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-5-27 6856192] R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-5-27 264192] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-7-13 40384] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-7-13 40384] R3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\drivers\RTL85n64.sys [2009-10-20 1478176] R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2010-5-20 41888] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x64.sys [2010-7-9 402720] S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-4-5 133104] S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe [2010-5-5 25832] S3 DfSdkS;Defragmentation-Service;c:\program files (x86)\ashampoo\ashampoo winoptimizer 2010 advanced\DfSdkS.exe [2010-7-9 544768] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-1 1255736] =============== Created Last 30 ================ 2010-07-16 05:07:22 0 d-----w- c:\programdata\Gosu 2010-07-16 05:04:50 20 ----a-w- c:\users\bodie\defogger_reenable 2010-07-15 12:50:02 0 d-----w- c:\program files (x86)\UltraISO 2010-07-15 12:50:02 0 d-----w- c:\program files (x86)\common files\EZB Systems 2010-07-14 18:46:05 144384 ----a-w- c:\windows\system32\cdd.dll 2010-07-13 20:48:37 0 d-----w- c:\users\bodie\appdata\roaming\Ascaron Entertainment 2010-07-13 20:42:55 0 d-----w- c:\program files (x86)\Ascaron Entertainment 2010-07-13 18:58:25 0 d-----w- c:\program files (x86)\1C Company 2010-07-13 17:35:22 125456 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys 2010-07-13 16:20:01 0 d-----w- c:\program files (x86)\Strategy First 2010-07-13 15:55:51 38848 ----a-w- c:\windows\avastSS.scr 2010-07-13 15:38:40 0 d-----w- c:\program files (x86)\Legend - Hand of God 2010-07-12 06:38:43 0 d-----w- c:\program files (x86)\Pixelgame 2010-07-12 06:38:35 306688 ----a-w- c:\windows\IsUninst.exe 2010-07-11 12:55:05 0 d-----w- c:\program files (x86)\Monte Cristo 2010-07-11 11:18:04 22230 ----a-w- c:\windows\syswow64\MK_BugReport[1_02][Oct-26-2006-15_03_03]100711_7184.dmp 2010-07-11 11:18:03 765 ----a-w- c:\windows\syswow64\MK_BugReport[1_02][Oct-26-2006-15_03_03]100711_7183.er 2010-07-11 11:17:08 784 ----a-w- c:\windows\syswow64\MK_BugReport[1_02][Oct-26-2006-15_03_03]100711_7178.er 2010-07-11 11:17:08 22230 ----a-w- c:\windows\syswow64\MK_BugReport[1_02][Oct-26-2006-15_03_03]100711_7178.dmp 2010-07-11 09:23:14 0 d-----w- c:\program files (x86)\NAMCO BANDAI Games 2010-07-11 04:23:05 0 d-----w- c:\program files (x86)\Atari 2010-07-09 07:27:03 0 d-----w- c:\users\bodie\appdata\roaming\Ashampoo 2010-07-09 07:23:43 0 d-----w- c:\programdata\ashampoo 2010-07-09 06:23:20 34304 ----a-w- c:\windows\system32\DfSdkBt.exe 2010-07-09 06:23:20 28160 ----a-w- c:\windows\syswow64\DfSdkBt32.exe 2010-07-09 06:23:18 0 d-----w- c:\program files (x86)\Ashampoo 2010-07-09 05:31:14 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_point64k_01009.Wdf 2010-07-09 05:30:29 34160 ----a-w- c:\windows\system32\drivers\point64k.sys 2010-07-09 05:30:29 1721576 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll 2010-07-09 05:30:28 501536 ----a-w- c:\windows\system32\yk62x64.dll 2010-07-09 05:30:28 402720 ----a-w- c:\windows\system32\drivers\yk62x64.sys 2010-07-09 04:52:13 0 d-----w- c:\programdata\Innovative Solutions 2010-07-09 04:52:08 0 d-----w- c:\program files (x86)\Innovative Solutions 2010-07-09 04:46:25 0 d-----w- c:\program files (x86)\Crawler 2010-07-09 04:46:17 0 d-----w- c:\users\bodie\appdata\roaming\Spyware Terminator 2010-07-09 04:46:16 0 d-----w- c:\programdata\Spyware Terminator 2010-07-09 04:46:16 0 d-----w- c:\program files (x86)\Spyware Terminator 2010-07-07 22:27:27 0 d-----w- c:\program files (x86)\JoWood 2010-07-07 19:43:31 0 d-----w- c:\program files (x86)\Kalypso 2010-07-06 04:34:26 0 d-----w- c:\users\bodie\appdata\roaming\The Chosen 2010-07-06 04:34:25 0 d-----w- c:\users\bodie\appdata\roaming\Frater 2010-07-06 04:34:05 0 d-----w- c:\program files (x86)\The Chosen 2010-07-05 16:46:11 0 d-----w- c:\program files\WMV9_VCM 2010-07-05 16:25:24 0 d-----w- c:\program files (x86)\Playlogic 2010-06-30 03:10:03 652477081 ----a-w- c:\windows\MEMORY.DMP 2010-06-29 23:51:10 0 d-----w- c:\users\bodie\appdata\roaming\HandBrake 2010-06-29 23:51:07 0 d-----w- c:\program files (x86)\Handbrake 2010-06-27 10:39:25 0 d-----w- c:\programdata\ATI 2010-06-26 23:38:41 0 d-----w- c:\users\bodie\appdata\roaming\WB Games 2010-06-26 23:27:37 0 d-----w- c:\program files (x86)\WB Games 2010-06-26 18:24:46 0 d-----w- c:\windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP 2010-06-25 22:45:34 0 d-----w- C:\8d6e6ac55b19058b1f12f75d11f1 2010-06-25 12:59:19 0 d-----w- c:\windows\DEA314C409294250BC9298E4C105F28D.TMP 2010-06-25 12:52:38 0 d-----w- c:\program files (x86)\Activision 2010-06-24 07:00:50 99176 ----a-w- c:\windows\syswow64\PresentationHostProxy.dll 2010-06-24 07:00:50 49472 ----a-w- c:\windows\syswow64\netfxperf.dll 2010-06-24 07:00:50 48960 ----a-w- c:\windows\system32\netfxperf.dll 2010-06-24 07:00:50 444752 ----a-w- c:\windows\system32\mscoree.dll 2010-06-24 07:00:50 320352 ----a-w- c:\windows\system32\PresentationHost.exe 2010-06-24 07:00:50 297808 ----a-w- c:\windows\syswow64\mscoree.dll 2010-06-24 07:00:50 295264 ----a-w- c:\windows\syswow64\PresentationHost.exe 2010-06-24 07:00:50 1942856 ----a-w- c:\windows\system32\dfshim.dll 2010-06-24 07:00:50 1130824 ----a-w- c:\windows\syswow64\dfshim.dll 2010-06-24 07:00:50 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-06-23 19:39:18 1736608 ----a-w- c:\windows\system32\ntdll.dll 2010-06-23 19:39:18 1289528 ----a-w- c:\windows\syswow64\ntdll.dll 2010-06-23 19:36:52 961024 ----a-w- c:\windows\system32\CPFilters.dll 2010-06-23 19:36:52 641536 ----a-w- c:\windows\syswow64\CPFilters.dll 2010-06-23 19:36:52 552960 ----a-w- c:\windows\system32\msdri.dll 2010-06-23 19:36:52 288256 ----a-w- c:\windows\system32\MSNP.ax 2010-06-23 19:36:52 258560 ----a-w- c:\windows\system32\mpg2splt.ax 2010-06-23 19:36:52 204288 ----a-w- c:\windows\syswow64\MSNP.ax 2010-06-23 19:36:52 199680 ----a-w- c:\windows\syswow64\mpg2splt.ax 2010-06-23 08:44:15 0 d-----w- c:\program files (x86)\Akella 2010-06-19 18:54:32 0 d-----w- c:\windows\8A83AE5FF59B4E1FBF2A49185A42ED1B.TMP 2010-06-19 18:54:05 0 d-----w- c:\program files\DIFX 2010-06-19 18:45:35 0 d-----w- c:\programdata\Leapfrog 2010-06-19 18:45:35 0 d-----w- c:\program files (x86)\LeapFrog 2010-06-19 04:33:57 0 d-----w- c:\program files (x86)\common files\Akamai 2010-06-19 04:33:52 0 d-----w- c:\program files (x86)\LEGO Software 2010-06-19 04:33:30 1060864 ----a-w- c:\windows\syswow64\mfc71.dll 2010-06-16 13:26:00 0 d-----w- C:\Perfect World Entertainment ==================== Find3M ==================== 2010-07-13 18:45:37 857 ---ha-w- c:\users\bodie\appdata\roaming\Bodielog.dat 2010-06-28 20:57:12 165032 ----a-w- c:\windows\syswow64\aswBoot.exe 2010-06-28 20:33:00 61008 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2010-06-10 02:20:18 103736 ----a-w- c:\windows\syswow64\PnkBstrB.exe 2010-06-10 02:20:13 669184 ----a-w- c:\windows\syswow64\pbsvc.exe 2010-06-10 02:20:13 66872 ----a-w- c:\windows\syswow64\PnkBstrA.exe 2010-06-02 08:55:30 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll 2010-06-02 08:55:30 74072 ----a-w- c:\windows\syswow64\XAPOFX1_5.dll 2010-06-02 08:55:30 527192 ----a-w- c:\windows\syswow64\XAudio2_7.dll 2010-06-02 08:55:30 518488 ----a-w- c:\windows\system32\XAudio2_7.dll 2010-06-02 08:55:30 239960 ----a-w- c:\windows\syswow64\xactengine3_7.dll 2010-06-02 08:55:30 176984 ----a-w- c:\windows\system32\xactengine3_7.dll 2010-05-27 17:39:12 6856192 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2010-05-27 17:25:54 19901952 ----a-w- c:\windows\system32\atio6axx.dll 2010-05-27 17:05:28 15180800 ----a-w- c:\windows\syswow64\atioglxx.dll 2010-05-27 17:02:58 143360 ----a-w- c:\windows\system32\atiapfxx.exe 2010-05-27 17:02:46 511488 ----a-w- c:\windows\syswow64\aticfx32.dll 2010-05-27 17:02:04 592384 ----a-w- c:\windows\system32\aticfx64.dll 2010-05-27 17:00:20 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll 2010-05-27 17:00:10 458752 ----a-w- c:\windows\system32\atieclxx.exe 2010-05-27 16:59:40 203264 ----a-w- c:\windows\system32\atiesrxx.exe 2010-05-27 16:58:42 120320 ----a-w- c:\windows\system32\atitmm64.dll 2010-05-27 16:58:24 421376 ----a-w- c:\windows\system32\atipdl64.dll 2010-05-27 16:58:18 356352 ----a-w- c:\windows\syswow64\atipdlxx.dll 2010-05-27 16:58:10 278528 ----a-w- c:\windows\syswow64\Oemdspif.dll 2010-05-27 16:58:06 12288 ----a-w- c:\windows\system32\atimuixx.dll 2010-05-27 16:58:02 59392 ----a-w- c:\windows\system32\atiedu64.dll 2010-05-27 16:57:58 43520 ----a-w- c:\windows\syswow64\ati2edxx.dll 2010-05-27 16:54:56 3668480 ----a-w- c:\windows\syswow64\atidxx32.dll 2010-05-27 16:46:52 4294656 ----a-w- c:\windows\system32\atidxx64.dll 2010-05-27 16:41:12 43008 ----a-w- c:\windows\system32\aticalrt64.dll 2010-05-27 16:41:10 53248 ----a-w- c:\windows\syswow64\aticalrt.dll 2010-05-27 16:41:06 39936 ----a-w- c:\windows\system32\aticalcl64.dll 2010-05-27 16:41:04 53248 ----a-w- c:\windows\syswow64\aticalcl.dll 2010-05-27 16:40:58 5264896 ----a-w- c:\windows\system32\aticaldd64.dll 2010-05-27 16:39:54 4096000 ----a-w- c:\windows\syswow64\aticaldd.dll 2010-05-27 16:37:44 3798528 ----a-w- c:\windows\syswow64\atiumdag.dll 2010-05-27 16:37:08 2752512 ----a-w- c:\windows\system32\atiumd6a.dll 2010-05-27 16:35:18 55296 ----a-w- c:\windows\system32\coinst.dll 2010-05-27 16:32:06 4917248 ----a-w- c:\windows\system32\atiumd64.dll 2010-05-27 16:31:38 3025408 ----a-w- c:\windows\syswow64\atiumdva.dll 2010-05-27 16:26:00 335872 ----a-w- c:\windows\system32\atiadlxx.dll 2010-05-27 16:25:54 237568 ----a-w- c:\windows\syswow64\atiadlxy.dll 2010-05-27 16:25:46 14848 ----a-w- c:\windows\system32\atig6pxx.dll 2010-05-27 16:25:44 12800 ----a-w- c:\windows\syswow64\atiglpxx.dll 2010-05-27 16:25:44 12800 ----a-w- c:\windows\system32\atiglpxx.dll 2010-05-27 16:25:40 18432 ----a-w- c:\windows\system32\atig6txx.dll 2010-05-27 16:25:38 16896 ----a-w- c:\windows\syswow64\atigktxx.dll 2010-05-27 16:25:36 264192 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2010-05-27 16:25:00 38912 ----a-w- c:\windows\system32\atiuxp64.dll 2010-05-27 16:24:56 30208 ----a-w- c:\windows\syswow64\atiuxpag.dll 2010-05-27 16:24:50 30208 ----a-w- c:\windows\system32\atiu9p64.dll 2010-05-27 16:24:46 22528 ----a-w- c:\windows\syswow64\atiu9pag.dll 2010-05-27 16:24:16 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2010-05-27 16:20:50 54272 ----a-w- c:\windows\system32\atimpc64.dll 2010-05-27 16:20:50 54272 ----a-w- c:\windows\system32\amdpcom64.dll 2010-05-27 16:20:46 52736 ----a-w- c:\windows\syswow64\atimpc32.dll 2010-05-27 16:20:46 52736 ----a-w- c:\windows\syswow64\amdpcom32.dll 2010-05-27 07:24:13 34304 ----a-w- c:\windows\syswow64\atmlib.dll 2010-05-27 06:34:09 46080 ----a-w- c:\windows\system32\atmlib.dll 2010-05-27 04:11:32 366080 ----a-w- c:\windows\system32\atmfd.dll 2010-05-27 03:49:37 293888 ----a-w- c:\windows\syswow64\atmfd.dll 2010-05-26 15:41:02 511328 ----a-w- c:\windows\system32\d3dx10_43.dll 2010-05-26 15:41:02 470880 ----a-w- c:\windows\syswow64\d3dx10_43.dll 2010-05-26 15:41:02 276832 ----a-w- c:\windows\system32\d3dx11_43.dll 2010-05-26 15:41:02 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll 2010-05-26 15:41:02 248672 ----a-w- c:\windows\syswow64\d3dx11_43.dll 2010-05-26 15:41:02 2106216 ----a-w- c:\windows\syswow64\D3DCompiler_43.dll 2010-05-26 15:41:02 1998168 ----a-w- c:\windows\syswow64\D3DX9_43.dll 2010-05-26 15:41:02 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll 2010-05-26 15:41:02 1868128 ----a-w- c:\windows\syswow64\d3dcsx_43.dll 2010-05-26 15:41:00 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll 2010-05-21 18:14:28 270208 ------w- c:\windows\system32\MpSigStub.exe 2010-05-21 05:52:30 1192960 ----a-w- c:\windows\system32\wininet.dll 2010-05-21 05:18:06 977920 ----a-w- c:\windows\syswow64\wininet.dll 2010-05-21 05:14:50 48128 ----a-w- c:\windows\syswow64\jsproxy.dll 2010-05-20 03:43:21 153376 ----a-w- c:\windows\syswow64\javaws.exe 2010-05-20 03:43:21 145184 ----a-w- c:\windows\syswow64\javaw.exe 2010-05-20 03:43:21 145184 ----a-w- c:\windows\syswow64\java.exe 2010-05-20 03:43:20 411368 ----a-w- c:\windows\syswow64\deployJava1.dll 2010-05-06 12:42:05 1225216 ----a-w- c:\windows\syswow64\urlmon.dll 2010-05-06 12:41:55 606208 ----a-w- c:\windows\syswow64\mstime.dll 2010-05-06 12:41:53 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll 2010-05-06 12:41:53 5970944 ----a-w- c:\windows\syswow64\mshtml.dll 2010-05-06 12:41:49 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll 2010-05-06 12:41:49 10984448 ----a-w- c:\windows\syswow64\ieframe.dll 2010-05-01 15:07:05 3122176 ----a-w- c:\windows\system32\win32k.sys 2010-04-29 15:37:26 2137 ----a-w- c:\windows\syswow64\atipblag.dat 2010-04-29 15:37:26 2137 ----a-w- c:\windows\system32\atipblag.dat 2010-04-27 18:45:56 72856 ----a-w- c:\windows\syswow64\xliveinstallhost.exe 2010-04-27 18:45:56 187544 ----a-w- c:\windows\syswow64\xliveinstall.dll 2010-04-23 07:13:36 2048 ----a-w- c:\windows\syswow64\tzres.dll 2010-04-23 07:11:58 2048 ----a-w- c:\windows\system32\tzres.dll 2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini 2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2010-01-30 22:47:48 245760 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\ietldcache\index.dat 2010-01-30 21:39:41 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat 2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 1:37:02.54 =============== awaiting reply thanks in advance Attach.zip ark.zip
  6. I detects in in the appsdata\local\temp folder of my user folder but when it says it will be removed on reboot I reboot and do another scan and its still there What do I need to do I have looked in the folder and do not find it in there
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.