Jump to content

Recommended Posts

So i had the system fix virus, Managed to get rid of most of it via Malware bytes pro and other means.

But my computer is still missing my old desktop links and program links, my bar in the right side of the taskbar no longer stacks up and i just push an arrow to see what's in there etc.

I just want to revert to how i had everything prior to gaining that nasty virus!

As requested, Logs.

Thanks in advance

Also just noticed I'm now getting re-directs from google.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_21

Run by Will at 12:40:54 on 2011-11-20

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.4095.2205 [GMT 0:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\AEADISRV.EXE

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Google\Update\1.3.21.79\GoogleCrashHandler.exe

C:\Program Files\Logitech\SetPoint\LBTWiz.exe

C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe

C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\ping.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\System32\mobsync.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.ask.com?o=10148&l=dis

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

mRun: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: HideSCAHealth = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

LSP: mswsock.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab

TCP: DhcpNameServer = 194.168.4.100 194.168.8.100

TCP: Interfaces\{0C41D9E8-2F54-4A13-B1D0-EE60137DE3A7} : DhcpNameServer = 194.168.4.100 194.168.8.100

TCP: Interfaces\{71114F2F-2F1B-4215-AAF9-D6ED7F79A981} : NameServer = 208.67.220.220,208.67.222.222

TCP: Interfaces\{71114F2F-2F1B-4215-AAF9-D6ED7F79A981} : DhcpNameServer = 62.253.162.232 194.168.4.37

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

BHO-X64: Google Gears Helper - No File

mRun-x64: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Will\AppData\Roaming\Mozilla\Firefox\Profiles\cq3dupo6.default\

FF - prefs.js: browser.startup.homepage - Google.com

FF - prefs.js: network.proxy.gopher -

FF - prefs.js: network.proxy.gopher_port - 0

FF - prefs.js: network.proxy.http - 127.0.0.1

FF - prefs.js: network.proxy.http_port - 60848

FF - prefs.js: network.proxy.type - 0

FF - component: C:\Program Files (x86)\Google\Google Gears\Firefox\lib\ff36\gears.dll

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-11-20 366152]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 XENfiltv;XENfiltv;C:\Windows\system32\drivers\XENfiltv.sys --> C:\Windows\system32\drivers\XENfiltv.sys [?]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

RUnknown aswFsBlk;aswFsBlk; [x]

RUnknown aswMonFlt;aswMonFlt; [x]

RUnknown aswSnx;aswSnx; [x]

RUnknown aswSP;aswSP; [x]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-17 136176]

S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-10-26 79360]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-10-26 79360]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-17 136176]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2011-11-20 12:14:45 -------- d-----w- C:\ProgramData\AVAST Software

2011-11-20 12:14:44 -------- d-----w- C:\Program Files\AVAST Software

2011-11-20 00:18:16 -------- d-----w- C:\Users\Will\AppData\Roaming\Malwarebytes

2011-11-20 00:18:12 -------- d-----w- C:\ProgramData\Malwarebytes

2011-11-20 00:18:10 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-11-20 00:18:10 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-11-20 00:00:30 -------- d-----w- C:\ProgramData\PC Tools

2011-11-19 22:57:00 -------- d-----w- C:\Program Files\NETGATE

2011-11-19 22:08:30 -------- d-----w- C:\Users\Will\AppData\Roaming\5CB29

2011-11-19 22:08:26 -------- d-----w- C:\Program Files (x86)\LP

2011-11-19 22:08:04 -------- d-----we C:\Windows\system64

2011-11-18 15:27:51 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0BBF385E-73E0-4F8D-BD11-DFF8991C74BF}\mpengine.dll

2011-11-10 15:12:48 -------- d-----w- C:\Program Files (x86)\AMD APP

2011-11-09 19:58:10 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll

2011-11-09 19:58:10 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll

2011-11-09 19:57:44 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2011-11-09 19:57:40 3144704 ----a-w- C:\Windows\System32\win32k.sys

2011-10-28 23:14:48 -------- d-----w- C:\Users\Will\AppData\Local\ESN Sonar

2011-10-26 21:51:20 -------- d-----w- C:\Users\Will\AppData\Local\Creative

2011-10-26 21:37:56 -------- d-----w- C:\Program Files (x86)\Common Files\Creative Labs Shared

2011-10-26 21:37:37 -------- d-----w- C:\Program Files\Creative

2011-10-26 21:37:14 -------- d-----w- C:\Program Files (x86)\Creative

2011-10-26 12:41:41 6144 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll

2011-10-26 12:41:41 6144 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll

2011-10-25 22:02:50 -------- d-----w- C:\Program Files (x86)\Battlelog Web Plugins

2011-10-25 22:00:58 -------- d-----w- C:\ProgramData\EA Core

2011-10-25 21:56:40 -------- d-----w- C:\Program Files (x86)\PlatinumHideIP

2011-10-25 21:45:21 -------- d-----w- C:\Users\Will\AppData\Roaming\C__Users_Will_Desktop_Platinum Hide IP v3.1.1.8_crack_PlatinumHideIP.exe

2011-10-25 21:45:21 -------- d-----w- C:\ProgramData\C__Users_Will_Desktop_Platinum Hide IP v3.1.1.8_crack_PlatinumHideIP.exe

2011-10-25 21:39:57 -------- d-----w- C:\Users\Will\AppData\Roaming\PlatinumHideIP

2011-10-25 21:39:57 -------- d-----w- C:\ProgramData\PlatinumHideIP

2011-10-25 21:23:36 424296 ----a-w- C:\Windows\System32\HMIPCore64.dll

2011-10-25 21:23:22 330600 ----a-w- C:\Windows\SysWow64\HMIPCore.dll

2011-10-23 12:55:31 -------- d-----w- C:\Program Files (x86)\Common Files\EAInstaller

2011-10-23 10:18:29 -------- d-----w- C:\Users\Will\AppData\Roaming\Origin

2011-10-23 10:18:14 -------- d-----w- C:\Users\Will\AppData\Local\Origin

2011-10-23 10:17:46 -------- d-----w- C:\ProgramData\Origin

2011-10-23 10:17:46 -------- d-----w- C:\ProgramData\Electronic Arts

2011-10-23 10:17:46 -------- d-----w- C:\Program Files (x86)\Origin Games

2011-10-23 10:17:24 -------- d-----w- C:\Program Files (x86)\Origin

.

==================== Find3M ====================

.

2011-11-16 19:47:06 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2011-11-16 19:47:06 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2011-11-16 19:46:15 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2011-11-14 19:46:27 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-10-26 21:38:16 466520 ----a-w- C:\Windows\System32\wrap_oal.dll

2011-10-26 21:38:16 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll

2011-10-26 21:38:16 123480 ----a-w- C:\Windows\System32\OpenAL32.dll

2011-10-26 21:38:16 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll

2011-10-23 12:55:01 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2011-10-19 22:14:52 59904 ----a-w- C:\Windows\SysWow64\OVDecode.dll

2011-10-13 20:29:40 42392 ----a-w- C:\Windows\SysWow64\xfcodec.dll

2011-10-13 20:29:40 28056 ----a-w- C:\Windows\System32\xfcodec64.dll

2011-10-12 20:56:18 10207232 ----a-w- C:\Windows\System32\drivers\atikmdag.sys

2011-10-12 20:20:20 24629760 ----a-w- C:\Windows\System32\atio6axx.dll

2011-10-12 20:14:36 159744 ----a-w- C:\Windows\System32\atiapfxx.exe

2011-10-12 20:14:26 736768 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2011-10-12 20:13:00 867328 ----a-w- C:\Windows\System32\aticfx64.dll

2011-10-12 20:10:28 466944 ----a-w- C:\Windows\System32\ATIDEMGX.dll

2011-10-12 20:10:18 487936 ----a-w- C:\Windows\System32\atieclxx.exe

2011-10-12 20:09:44 204288 ----a-w- C:\Windows\System32\atiesrxx.exe

2011-10-12 20:08:34 120320 ----a-w- C:\Windows\System32\atitmm64.dll

2011-10-12 20:08:16 423424 ----a-w- C:\Windows\System32\atipdl64.dll

2011-10-12 20:08:10 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll

2011-10-12 20:07:58 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll

2011-10-12 20:07:54 21504 ----a-w- C:\Windows\System32\atimuixx.dll

2011-10-12 20:07:48 59392 ----a-w- C:\Windows\System32\atiedu64.dll

2011-10-12 20:07:44 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll

2011-10-12 20:04:42 4231680 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2011-10-12 20:04:14 18630656 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2011-10-12 19:54:44 4960768 ----a-w- C:\Windows\System32\atidxx64.dll

2011-10-12 19:46:20 51200 ----a-w- C:\Windows\System32\aticalrt64.dll

2011-10-12 19:46:18 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2011-10-12 19:46:10 44544 ----a-w- C:\Windows\System32\aticalcl64.dll

2011-10-12 19:46:08 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2011-10-12 19:45:58 9877504 ----a-w- C:\Windows\System32\aticaldd64.dll

2011-10-12 19:44:44 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll

2011-10-12 19:44:28 4289024 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2011-10-12 19:44:20 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll

2011-10-12 19:44:10 4023296 ----a-w- C:\Windows\System32\atiumd6a.dll

2011-10-12 19:42:56 8391680 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2011-10-12 19:39:38 58880 ----a-w- C:\Windows\System32\coinst.dll

2011-10-12 19:38:20 5431808 ----a-w- C:\Windows\System32\atiumd64.dll

2011-10-12 19:33:10 4174848 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2011-10-12 19:31:34 479744 ----a-w- C:\Windows\System32\atiadlxx.dll

2011-10-12 19:31:22 335872 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2011-10-12 19:31:06 17408 ----a-w- C:\Windows\System32\atig6pxx.dll

2011-10-12 19:31:02 14336 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2011-10-12 19:31:02 14336 ----a-w- C:\Windows\System32\atiglpxx.dll

2011-10-12 19:30:58 39936 ----a-w- C:\Windows\System32\atig6txx.dll

2011-10-12 19:30:50 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2011-10-12 19:30:42 317952 ----a-w- C:\Windows\System32\drivers\atikmpag.sys

2011-10-12 19:29:50 40960 ----a-w- C:\Windows\System32\atiuxp64.dll

2011-10-12 19:29:42 31744 ----a-w- C:\Windows\SysWow64\atiuxpag.dll

2011-10-12 19:29:34 38912 ----a-w- C:\Windows\System32\atiu9p64.dll

2011-10-12 19:29:26 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll

2011-10-12 19:28:30 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll

2011-10-12 19:16:52 54784 ----a-w- C:\Windows\System32\atimpc64.dll

2011-10-12 19:16:52 54784 ----a-w- C:\Windows\System32\amdpcom64.dll

2011-10-12 19:16:42 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll

2011-10-12 19:16:42 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll

2011-10-12 16:16:36 66048 ----a-w- C:\Windows\System32\OpenVideo64.dll

2011-10-12 16:16:22 16787456 ----a-w- C:\Windows\System32\amdocl64.dll

2011-10-12 16:14:54 51200 ----a-w- C:\Windows\System32\OpenCL.dll

2011-10-01 03:25:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-10-01 02:42:56 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-09-14 10:47:42 60416 ----a-w- C:\Windows\System32\OVDecode64.dll

2011-09-14 10:46:58 13625856 ----a-w- C:\Windows\SysWow64\amdocl.dll

2011-09-14 10:38:30 44032 ----a-w- C:\Windows\System32\amdoclcl64.dll

2011-09-14 10:38:28 37376 ----a-w- C:\Windows\SysWow64\amdoclcl.dll

2011-08-30 22:05:32 96104 ----a-w- C:\Windows\System32\dns-sd.exe

2011-08-30 22:05:32 85864 ----a-w- C:\Windows\System32\dnssd.dll

2011-08-30 22:05:32 212840 ----a-w- C:\Windows\System32\dnssdX.dll

2011-08-30 22:05:04 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe

2011-08-30 22:05:04 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll

2011-08-30 22:05:04 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll

2011-08-27 05:37:49 861696 ----a-w- C:\Windows\System32\oleaut32.dll

2011-08-27 05:37:48 331776 ----a-w- C:\Windows\System32\oleacc.dll

2011-08-27 04:26:27 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-08-27 04:26:27 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

.

============= FINISH: 12:41:22.94 ===============

DDS.txt

Attach.txt

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 2 weeks later...
  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.