Jump to content

Safety Measures

MDragoon

By MDragoon
in Resolved Malware Removal Logs

 Share

Recommended Posts

MDragoon

MDragoon

Posted
Posted

Hopefully I did that correctly.

Thank you guys for all the help, I greatly appreciate it.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_29

Run by Henry Lee at 19:55:01 on 2011-12-07

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4021.1328 [GMT -5:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

C:\Program Files\ATKGFNEX\GFNEXSrv.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

C:\Program Files (x86)\LOLReplay\LOLRecorder.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\AsScrPro.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Henry Lee\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Users\Henry Lee\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/?rlz=1V1IPYX

uURLSearchHooks: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Google Update] "C:\Users\Henry Lee\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

mRun: [setwallpaper] c:\programdata\SetWallpaper.cmd

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"

dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f

dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f

StartupFolder: C:\Users\HENRYL~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOLREC~1.LNK - C:\Program Files (x86)\LOLReplay\LOLRecorder.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SRSPRE~1.LNK - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 68.87.71.230 68.87.73.246

TCP: Interfaces\{36CEBA39-A8E1-4F63-A14C-62AD6FCB9CB8} : DhcpNameServer = 68.87.71.230 68.87.73.246

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

BHO-X64: Ad-Aware Security Toolbar - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

mRun-x64: [setwallpaper] c:\programdata\SetWallpaper.cmd

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Henry Lee\AppData\Roaming\Mozilla\Firefox\Profiles\26cyc1gh.default\

FF - prefs.js: browser.search.selectedEngine - Search the Web

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/?rlz=1V1IPYX

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

FF - plugin: C:\Users\Henry Lee\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: C:\Users\Henry Lee\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Henry Lee\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]

R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys --> C:\Windows\system32\DRIVERS\lullaby.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2010-5-13 14904]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-12-2 2152152]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-7 366152]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-5-13 2314240]

R3 bbcap;bb_capture_driver;C:\Windows\system32\DRIVERS\bbcap.sys --> C:\Windows\system32\DRIVERS\bbcap.sys [?]

R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]

R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-12-7 17152]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]

S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-8-6 118672]

.

=============== Created Last 30 ================

.

2011-12-07 23:47:45 16432 ----a-w- C:\Windows\System32\lsdelete.exe

2011-12-07 22:25:11 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys

2011-12-07 22:23:33 -------- d-----w- C:\Users\Henry Lee\AppData\Local\adaware

2011-12-07 22:23:32 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection

2011-12-07 22:23:31 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner

2011-12-07 22:23:26 -------- d-----w- C:\Program Files (x86)\adawaretb

2011-12-07 22:23:12 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys

2011-12-07 22:23:08 -------- d-----w- C:\Program Files (x86)\Lavasoft

2011-12-07 22:07:32 -------- d-----w- C:\Users\Henry Lee\AppData\Roaming\Malwarebytes

2011-12-07 22:07:18 -------- d-----w- C:\ProgramData\Malwarebytes

2011-12-07 22:07:14 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-12-07 22:07:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-11-26 18:16:19 -------- d-----w- C:\Users\Henry Lee\AppData\Roaming\SmartDraw

2011-11-23 21:01:46 -------- d-----w- C:\Users\Henry Lee\.thumbnails

2011-11-23 20:59:04 -------- d-----w- C:\Users\Henry Lee\.gimp-2.6

2011-11-23 20:58:38 -------- d-----w- C:\Program Files (x86)\GIMP-2.0

2011-11-23 18:10:43 -------- d-----w- C:\nDoors

2011-11-22 22:57:41 -------- d-----w- C:\Program Files (x86)\Facade

2011-11-22 20:19:13 -------- d-----w- C:\Nexon

2011-11-22 20:19:11 -------- d-----w- C:\ProgramData\NexonUS

2011-11-22 06:27:00 557056 ----a-w- C:\Windows\SysWow64\AltST.dll

2011-11-22 06:27:00 53248 ----a-w- C:\Windows\SysWow64\sticversion.exe

2011-11-22 06:27:00 491520 ----a-w- C:\Windows\SysWow64\imagx4.dll

2011-11-22 06:27:00 421888 ----a-w- C:\Windows\SysWow64\imagr4.dll

2011-11-22 06:27:00 38912 ----a-w- C:\Windows\SysWow64\picn20.dll

2011-11-22 06:27:00 250736 ----a-w- C:\Windows\SysWow64\ImagXpr4.dll

2011-11-22 06:27:00 -------- d-----w- C:\Program Files (x86)\Image Merger .EXE

2011-11-22 06:27:00 -------- d-----w- C:\Program Files (x86)\Common Files\SoftTech InterCorp

2011-11-18 21:44:40 -------- d-----w- C:\ProgramData\Blueberry

2011-11-18 21:43:22 -------- d-----w- C:\Users\Henry Lee\AppData\Roaming\Blueberry

2011-11-18 21:43:03 5632 ----a-w- C:\Windows\System32\bbchlp.dll

2011-11-18 21:43:03 4608 ----a-w- C:\Windows\System32\drivers\bbcap.sys

2011-11-18 21:43:03 37376 ----a-w- C:\Windows\System32\bbcap.dll

2011-11-18 21:42:57 -------- d-----w- C:\Users\Henry Lee\AppData\Roaming\LogSys

2011-11-18 21:42:56 -------- d-----w- C:\ProgramData\LogSys

2011-11-18 21:42:48 -------- d-----w- C:\Program Files (x86)\Common Files\Blueberry Software

2011-11-18 21:42:48 -------- d-----w- C:\Program Files (x86)\Blueberry Software

2011-11-18 05:02:08 68616 ----a-w- C:\Windows\SysWow64\XAPOFX1_1.dll

2011-11-18 05:02:08 509448 ----a-w- C:\Windows\SysWow64\XAudio2_2.dll

2011-11-18 05:02:08 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll

2011-11-18 05:02:08 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll

2011-11-18 05:02:07 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll

2011-11-18 05:02:05 -------- d-----w- C:\Riot Games

.

==================== Find3M ====================

.

2011-11-18 20:45:42 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-10-22 11:21:42 71680 ----a-w- C:\Windows\System32\frapsv64.dll

2011-10-22 11:21:38 65536 ----a-w- C:\Windows\SysWow64\frapsvid.dll

2009-04-08 17:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll

2008-08-12 04:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll

.

============= FINISH: 19:56:00.69 ===============

Attach.txt

Link to post
Share on other sites
  • 2 weeks later...
  • Staff
screen317

screen317

Posted
  • Staff
Posted

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.