Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC startup time is very slow


  • This topic is locked This topic is locked
2 replies to this topic

#1 Genius_MKD

Genius_MKD

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:06:57 PM

Posted 05 November 2009 - 02:36 AM

I have core2duo 2.8 GHz and 4GB ram and when my PC is starting it needs 10-15 seconds before running all applications.I'm suspecting that I'm infected with malware if I'm not infected please tell me what processes/services can be safely disabled.



DDS (Ver_09-10-26.01) - NTFSx86
Run by Trajkovski at 8:24:06.95 on Thu 11/05/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.3326.2419 [GMT 1:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\EPSON\eEBAPI\eEBSVC.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\Common Files\EPSON\eEBAPI\SAgent2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Net Studio\USB FireWall\USB FireWall.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\PROGRAM FILES\DU METER\DUMETER.EXE
C:\PROGRAM FILES\STARDOCK\OBJECTDOCK\OBJECTDOCK.EXE
C:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOTASKBARICON.EXE
C:\Documents and Settings\Trajkovski\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Trajkovski\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Trajkovski\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Trajkovski\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Trajkovski\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Trajkovski\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Trajkovski\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Trajkovski\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Trajkovski\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Trajkovski\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Trajkovski\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Trajkovski\My Documents\Downloads\RootRepeal.exe
C:\Documents and Settings\Trajkovski\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://google.com
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
TB: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No File
TB: {724D43A0-0D85-11D4-9908-00400523E39A} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [USBFW] c:\program files\net studio\usb firewall\USB FireWall.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [WinPatrol [FREE Edition]] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe MSRun
dRunOnce: [KeyScrambler] c:\program files\keyscrambler\getting_started.html
dRunOnce: [RunNarrator] Narrator.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.systemrequirementslab.com/srl_bin/sysreqlab_srl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\trajko~1\applic~1\mozilla\firefox\profiles\auuc41id.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\documents and settings\trajkovski\application data\mozilla\firefox\profiles\auuc41id.default\extensions\{52f2b999-2724-4693-b1a5-86d167ba79a6}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\trajkovski\application data\mozilla\firefox\profiles\auuc41id.default\extensions\keyscrambler@qfx.software.corporation\components\KeyScramblerIE.dll
FF - component: c:\program files\mozilla firefox\extensions\browserhighlighter@ebay.com\components\Shim.dll
FF - component: c:\program files\siber systems\ai roboform\firefox\components\rfproxy_31.dll
FF - plugin: c:\documents and settings\trajkovski\application data\mozilla\firefox\profiles\auuc41id.default\extensions\battlefieldheroespatcher@ea.com\platform\winnt_x86-msvc\plugins\npBFHUpdater.dll
FF - plugin: c:\documents and settings\trajkovski\local settings\application data\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmusicn.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\np_gp.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npdsplay.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\NPOFFICE.DLL
FF - plugin: c:\program files\opera 10 beta\program\plugins\npqtplugin.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npqtplugin2.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npqtplugin3.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npqtplugin4.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npqtplugin5.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npqtplugin6.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npqtplugin7.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\NPSWF32.dll
FF - plugin: c:\program files\opera 10 beta\program\plugins\npwmsdrm.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-10-20 64288]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-10-12 132296]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2009-10-12 25160]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-9-15 74480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-4-16 108289]
R2 cpuz132;cpuz132;c:\windows\system32\drivers\cpuz132_x32.sys [2009-10-17 12672]
R2 DUMeterSvc;DU Meter Service;c:\program files\du meter\DUMeterSvc.exe [2009-7-19 1386008]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-11-1 604488]
R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2009-3-22 89600]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2009-7-7 113896]
R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2009-9-30 116736]
R3 tap0901;TAP-Win32 Adapter V9;c:\windows\system32\drivers\tap0901.sys [2008-7-31 25216]
S1 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S3 block_reader;MPR DRV;c:\program files\multi password recovery\block_reader.sys [2009-2-3 1920]
S3 cpuz130;cpuz130;\??\c:\docume~1\trajko~1\locals~1\temp\cpuz130\cpuz_x32.sys --> c:\docume~1\trajko~1\locals~1\temp\cpuz130\cpuz_x32.sys [?]
S3 ddsxeiservice;ddsxeiservice2;c:\program files\sxe injected\ddsxei.sys [2009-6-4 100224]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-9-24 1170768]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\8b.tmp --> c:\windows\system32\8B.tmp [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-6-17 12648]
S4 gupdate1c9b2f85d08273e;Google Update Service (gupdate1c9b2f85d08273e);c:\program files\google\update\GoogleUpdate.exe [2009-4-1 133104]

=============== Created Last 30 ================

2009-11-03 17:17:55 0 d-----w- c:\docume~1\alluse~1\applic~1\Sports Interactive
2009-11-03 17:17:19 0 d-----w- c:\docume~1\trajko~1\applic~1\Sports Interactive
2009-11-03 17:08:19 0 d--h--w- c:\program files\Zero G Registry
2009-11-03 17:07:19 0 d--h--w- c:\documents and settings\trajkovski\InstallAnywhere
2009-11-03 11:10:10 0 d-----w- c:\program files\Sophos
2009-11-03 10:56:28 0 d-----w- c:\program files\SpywareBlaster
2009-11-02 09:25:53 87552 ----a-w- c:\windows\system32\VACFix.exe
2009-11-01 11:33:31 0 d-s---w- C:\ComboFix
2009-11-01 11:33:28 389120 ----a-w- c:\windows\system32\CF1873.exe
2009-11-01 09:11:48 604488 ----a-w- c:\windows\system32\TUProgSt.exe
2009-11-01 09:11:47 29000 ----a-w- c:\windows\system32\uxtuneup.dll
2009-11-01 09:11:46 361288 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-10-24 12:16:19 0 d-----w- c:\program files\KONAMI
2009-10-22 10:28:23 0 d-----w- c:\docume~1\alluse~1\applic~1\KONAMI
2009-10-21 13:09:25 0 d-----w- c:\program files\LastPass
2009-10-20 15:43:19 8 ----a-w- c:\windows\system32\ms84791803.dll
2009-10-20 15:43:13 0 d-----w- c:\program files\SoftForYou
2009-10-20 11:02:44 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-10-20 10:51:54 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-10-20 10:45:03 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-10-20 10:44:46 0 d-----w- c:\program files\Lavasoft
2009-10-18 17:09:15 0 d-----w- c:\program files\CamStudio
2009-10-17 15:37:03 12672 ----a-w- c:\windows\system32\drivers\cpuz132_x32.sys
2009-10-17 15:37:02 0 d-----w- c:\program files\CPUID
2009-10-17 15:26:16 0 d-----w- c:\program files\oZone3D
2009-10-17 11:28:40 0 d-----w- c:\windows\system32\NtmsData
2009-10-17 07:40:17 313856 ----a-w- c:\windows\system32\scesrv.dll
2009-10-17 07:37:49 3488 ------w- C:\bootsqm.dat
2009-10-17 07:37:21 0 d-sh--w- C:\found.000
2009-10-16 14:17:50 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2009-10-16 14:17:44 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2009-10-16 14:17:41 0 d-----w- c:\program files\Cheat Engine
2009-10-16 11:23:25 1393 ----a-w- c:\windows\imsins.BAK
2009-10-16 10:01:15 2145280 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-10-16 10:01:14 2066048 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-10-16 10:01:14 2023936 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-10-13 11:12:43 0 d-----w- c:\program files\common files\Wise Installation Wizard
2009-10-12 17:09:05 130 ----a-w- c:\windows\cfplogvw.INI
2009-10-12 15:45:01 0 d-----w- c:\docume~1\alluse~1\applic~1\Comodo
2009-10-12 15:44:58 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-10-12 15:44:58 179792 ----a-w- c:\windows\system32\guard32.dll
2009-10-12 15:44:58 132296 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-10-12 14:08:11 9662 ----a-w- c:\windows\EPISME00.SWB
2009-10-12 13:22:38 0 d-----w- c:\docume~1\trajko~1\applic~1\Comodo
2009-10-12 13:10:45 0 d-----w- c:\program files\COMODO
2009-10-12 09:55:02 0 d-----w- c:\program files\a-squared HiJackFree
2009-10-12 08:54:47 0 d-----w- c:\docume~1\trajko~1\applic~1\Sunbelt
2009-10-12 08:54:46 0 d-----w- c:\docume~1\alluse~1\applic~1\Sunbelt
2009-10-12 08:54:43 0 d-----w- c:\program files\Sunbelt Software
2009-10-11 23:19:39 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-10-11 23:19:33 0 d-----w- c:\program files\SUPERAntiSpyware
2009-10-11 23:19:33 0 d-----w- c:\docume~1\trajko~1\applic~1\SUPERAntiSpyware.com
2009-10-11 23:06:48 3840 ----a-w- c:\windows\system32\drivers\BANTExt.sys
2009-10-11 23:06:48 0 d-----w- c:\program files\Belarc
2009-10-11 17:38:23 0 d-----w- c:\docume~1\trajko~1\applic~1\Malwarebytes
2009-10-11 17:38:19 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-11 17:38:18 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-11 17:38:18 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-11 17:38:18 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-10-11 17:37:37 0 d-----w- c:\docume~1\trajko~1\applic~1\WinPatrol
2009-10-11 17:37:32 0 d-----w- c:\program files\BillP Studios
2009-10-11 07:26:24 0 d-----w- c:\docume~1\trajko~1\applic~1\HDRsoft
2009-10-10 20:42:14 0 d-----w- c:\program files\PhotomatixPro3
2009-10-10 20:42:14 0 d-----w- c:\program files\Photomatix.lrplugin
2009-10-09 12:30:39 0 d-----w- C:\Dev-Pas
2009-10-07 12:31:31 0 d-----w- c:\program files\Hamachi
2009-10-06 15:04:08 0 d-----r- C:\Sandbox
2009-10-06 15:03:22 1820 ----a-w- c:\windows\Sandboxie.ini
2009-10-06 15:03:01 0 d-----w- c:\program files\Sandboxie

==================== Find3M ====================

2009-11-02 09:26:17 2018 ----a-w- c:\windows\system32\tmp.reg
2009-10-07 12:31:32 17480 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-09-28 16:34:00 20 ---h--w- c:\docume~1\alluse~1\applic~1\PKP_DLdu.DAT
2009-09-14 00:12:36 229888 ----a-w- c:\windows\PEV.exe
2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-04 15:44:40 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-09-04 15:44:40 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-09-04 15:44:40 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-09-04 15:29:34 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-09-04 15:29:34 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-09-04 15:29:32 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-09-04 15:29:32 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-09-04 15:29:30 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-08-29 08:08:21 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 05:50:02 667136 ----a-w- c:\windows\system32\OGACheckControl.dll
2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-20 15:51:40 195440 ------w- c:\windows\system32\MpSigStub.exe
2009-08-18 18:10:16 106496 ----a-w- c:\windows\system32\ATL71.DLL
2009-08-14 02:28:26 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-08-14 02:27:20 345600 ----a-w- c:\windows\system32\ati2dvag.dll
2009-08-14 02:10:18 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-08-14 02:10:00 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-08-14 02:09:46 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-08-14 02:09:36 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-08-14 02:09:22 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-08-14 02:08:00 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-08-14 02:06:30 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-08-14 02:00:10 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-08-14 01:58:06 3492576 ----a-w- c:\windows\system32\ati3duag.dll
2009-08-14 01:47:56 12959744 ----a-w- c:\windows\system32\atioglxx.dll
2009-08-14 01:42:42 2081920 ----a-w- c:\windows\system32\ativvaxx.dll
2009-08-14 01:42:20 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-08-14 01:25:46 49664 ----a-w- c:\windows\system32\atimpc32.dll
2009-08-14 01:25:46 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-08-14 01:21:18 561152 ----a-w- c:\windows\system32\atikvmag.dll
2009-08-14 01:21:04 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-08-14 01:20:50 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-08-14 01:19:10 3469312 ----a-w- c:\windows\system32\aticaldd.dll
2009-08-14 01:19:06 163840 ----a-w- c:\windows\system32\atiadlxx.dll
2009-08-14 01:18:42 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-08-14 01:17:02 376832 ----a-w- c:\windows\system32\atiok3x2.dll
2009-08-14 01:12:18 614400 ----a-w- c:\windows\system32\ati2cqag.dll
2009-08-13 19:05:00 593920 ------w- c:\windows\system32\ati2sgag.exe
2009-06-08 12:35:30 283952 ----a-w- c:\program files\npmusicn.dll
2009-04-01 18:32:55 1075832 ----a-w- c:\program files\Google_Updater.exe
2003-09-02 05:55:20 1406 ----a-w- c:\program files\favicon.ico

============= FINISH: 8:24:43.01 ===============


P.S. This is my first log so tell me if you need logs from another program :(

Attached Files


Edited by Genius_MKD, 05 November 2009 - 02:51 AM.


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:05:57 PM

Posted 09 November 2009 - 07:56 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :(
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:05:57 PM

Posted 11 November 2009 - 04:19 PM

Since this issue appears to be resolved ... this topic has been closed. Glad we could help. :(

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users