Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

check up on my computer


  • This topic is locked This topic is locked
7 replies to this topic

#1 Drj312

Drj312

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:07:31 PM

Posted 18 December 2010 - 04:29 PM

I was wondering if i could have an expert here do a checkup on my computer. i do not know of any infection on my computer but i would like to be sure. last time i did a post here, an expert found some really bad malware hidden on my other computer. malwarebytes has not been running for me (runtime error 0 and 440 code i think). i have read that that could be caused by a virus. in any case, i would still like for someone to check everything out. i will post any logs that are necessary.

thank you

BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:07:31 PM

Posted 28 December 2010 - 01:21 PM

Hello Drj312 ,

Posted Image

Sorry for the delay. :( If you still need help, please Follow the directions in the link below. :)

http://www.bleepingcomputer.com/forums/topic34773.html

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 Drj312

Drj312
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:07:31 PM

Posted 28 December 2010 - 10:25 PM

Thank you for your reply!
GMER was a little different than the guide said. Only Services, Registry, Files, and my C drive were checked in. The rest of the boxes, including show all, were unchecked and unable to be checked. Thats not a very good description so I included a screen cap of it.
The GMER scan came up with no results, so I am not able to post ark.txt.


DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by Josh at 20:58:36.80 on Tue 12/28/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.4094.2790 [GMT -6:00]

AV: Microsoft Security Essentials *Enabled/Updated* {BF5CEBDC-F2D3-7540-343C-F0CE11FD6E66}
SP: Microsoft Security Essentials *Enabled/Updated* {043D0A38-D4E9-7ACE-0E8C-CBBC6A7A24DB}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Josh\Downloads\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [<NO NAME>]
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Free YouTube Download - C:\Users\Josh\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - C:\Users\Josh\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: {872208B1-D677-4A87-8D29-8255E3C0749E} = 68.87.72.134,68.87.77.134
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey

================= FIREFOX ===================

FF - ProfilePath - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\r9te2e0z.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.comcast.net/light/
FF - component: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\OpenOffice.org 3\program\npsoplugin.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Wikipedia Toolbar: wikipediatoolbar@wikipedia.org - %profile%\extensions\wikipediatoolbar@wikipedia.org
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension

============= SERVICES / DRIVERS ===============

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2010-3-25 173984]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-8-25 203776]
R2 cpuz133;cpuz133;C:\Windows\System32\drivers\cpuz133_x64.sys [2010-5-23 20968]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2009-9-26 819600]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-9-23 447848]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-10-27 8012288]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-10-27 287232]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-9-24 116752]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2010-3-25 40832]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680]
R3 sftfs;sftfs;C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftFSlh.sys [2009-9-23 712536]
R3 sftplay;sftplay;C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys [2009-9-23 261480]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2009-9-23 25944]
R3 sftvol;sftvol;C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\SftVollh.sys [2009-9-23 17752]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-9-23 203608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-13 136176]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-9-26 4924336]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 USBTINSP;TI-Nspire™ Handheld or TI Network Bridge Device Driver;C:\Windows\System32\drivers\tinspusb.sys [2010-7-7 142848]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-11 1255736]

=============== Created Last 30 ================

2010-12-28 05:12:37 8199504 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{259084A3-DC59-4EA8-9384-69E1CAE12DCB}\mpengine.dll
2010-12-27 18:14:46 -------- d-----w- C:\PROGRA~3\Nokia
2010-12-27 18:08:52 -------- d-----w- C:\Users\Josh\AppData\Roaming\Nokia Ovi Suite
2010-12-27 18:07:15 -------- d-----w- C:\Users\Josh\AppData\Local\NokiaAccount
2010-12-27 18:05:31 -------- d-----w- C:\Users\Josh\AppData\Local\Nokia
2010-12-27 18:04:41 -------- d-----w- C:\Program Files (x86)\Common Files\Nokia
2010-12-27 18:04:25 25600 ----a-w- C:\Windows\System32\drivers\pccsmcfdx64.sys
2010-12-27 18:04:20 -------- d-----w- C:\Program Files (x86)\PC Connectivity Solution
2010-12-27 18:04:01 57856 ----a-w- C:\Windows\System32\nmwcdclsX64.dll
2010-12-27 18:02:29 -------- d-----w- C:\Program Files (x86)\Nokia
2010-12-27 18:02:29 -------- d-----w- C:\PROGRA~3\NokiaInstallerCache
2010-12-19 22:09:37 -------- d-----w- C:\Program Files (x86)\World of Warcraft
2010-12-19 22:09:37 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2010-12-19 22:09:17 -------- d-----w- C:\PROGRA~3\Blizzard Entertainment
2010-12-15 04:35:48 -------- d-----w- C:\Program Files (x86)\PFPortChecker
2010-12-15 04:31:21 -------- d-----w- C:\Users\Josh\AppData\Roaming\PFStaticIP
2010-12-15 04:31:09 -------- d-----w- C:\Program Files (x86)\PFStaticIP
2010-12-13 22:08:41 -------- d-----w- C:\Users\Josh\AppData\Local\Google
2010-12-13 17:21:38 -------- d-----w- C:\Users\Josh\AppData\Roaming\Foxit
2010-12-09 19:02:45 -------- d-----w- C:\Users\Josh\AppData\Local\Apple Computer
2010-12-09 19:02:16 -------- d-----w- C:\Program Files\iPod
2010-12-09 19:02:15 -------- d-----w- C:\Program Files\iTunes
2010-12-09 19:02:15 -------- d-----w- C:\Program Files (x86)\iTunes
2010-12-09 19:02:15 -------- d-----w- C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2010-12-04 03:47:52 -------- d-----w- C:\Program Files (x86)\Steinberg
2010-12-04 03:47:37 -------- d-----w- C:\Program Files (x86)\Peavey Electronics
2010-12-04 03:40:12 -------- d-----w- C:\Users\Josh\AppData\Roaming\GetRightToGo
2010-11-30 21:27:55 -------- d-----w- C:\Users\Josh\AppData\Roaming\TI-Nspire
2010-11-29 23:31:13 -------- d-----w- C:\Users\Josh\AppData\Roaming\Foxit Software

==================== Find3M ====================

2010-11-29 23:42:06 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-11-04 06:35:53 1194496 ----a-w- C:\Windows\System32\wininet.dll
2010-11-04 06:31:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-11-04 05:52:17 978944 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-11-04 05:48:36 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-11-04 05:16:14 482816 ----a-w- C:\Windows\System32\html.iec
2010-11-04 04:41:26 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-11-04 04:35:37 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-11-04 04:08:54 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-11-02 05:18:17 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2010-11-02 05:17:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
2010-11-02 05:17:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
2010-11-02 05:16:53 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2010-11-02 05:10:47 464384 ----a-w- C:\Windows\System32\taskeng.exe
2010-11-02 05:10:32 285696 ----a-w- C:\Windows\System32\schtasks.exe
2010-11-02 04:40:36 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2010-11-02 04:40:36 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2010-11-02 04:34:44 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2010-11-02 04:34:33 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2010-10-27 10:00:16 8012288 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2010-10-27 09:25:38 21422592 ----a-w- C:\Windows\System32\atio6axx.dll
2010-10-27 09:08:18 16281600 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2010-10-27 08:55:32 143360 ----a-w- C:\Windows\System32\atiapfxx.exe
2010-10-27 08:55:24 547328 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2010-10-27 08:54:24 645120 ----a-w- C:\Windows\System32\aticfx64.dll
2010-10-27 08:52:18 450560 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2010-10-27 08:52:14 478208 ----a-w- C:\Windows\System32\atieclxx.exe
2010-10-27 08:51:38 203776 ----a-w- C:\Windows\System32\atiesrxx.exe
2010-10-27 08:50:30 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2010-10-27 08:50:16 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2010-10-27 08:50:10 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2010-10-27 08:49:58 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2010-10-27 08:49:54 16384 ----a-w- C:\Windows\System32\atimuixx.dll
2010-10-27 08:49:50 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2010-10-27 08:49:46 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2010-10-27 08:46:58 4020736 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2010-10-27 08:38:04 4744704 ----a-w- C:\Windows\System32\atidxx64.dll
2010-10-27 08:35:30 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2010-10-27 08:35:28 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2010-10-27 08:35:20 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2010-10-27 08:35:18 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2010-10-27 08:35:08 6815744 ----a-w- C:\Windows\System32\aticaldd64.dll
2010-10-27 08:33:52 5441536 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2010-10-27 08:28:22 4094464 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2010-10-27 08:22:04 5218304 ----a-w- C:\Windows\System32\atiumd64.dll
2010-10-27 08:15:00 58880 ----a-w- C:\Windows\System32\coinst.dll
2010-10-27 08:14:58 349184 ----a-w- C:\Windows\System32\atiadlxx.dll
2010-10-27 08:14:52 249856 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2010-10-27 08:14:44 14848 ----a-w- C:\Windows\System32\atig6pxx.dll
2010-10-27 08:14:42 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2010-10-27 08:14:42 12800 ----a-w- C:\Windows\System32\atiglpxx.dll
2010-10-27 08:14:38 31744 ----a-w- C:\Windows\System32\atig6txx.dll
2010-10-27 08:14:32 27136 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2010-10-27 08:14:24 287232 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2010-10-27 08:13:44 39936 ----a-w- C:\Windows\System32\atiuxp64.dll
2010-10-27 08:13:36 30720 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2010-10-27 08:13:30 37888 ----a-w- C:\Windows\System32\atiu9p64.dll
2010-10-27 08:13:24 28672 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2010-10-27 08:12:56 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2010-10-27 07:57:04 3221504 ----a-w- C:\Windows\System32\atiumd6a.dll
2010-10-27 07:50:10 3460096 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2010-10-27 07:37:18 53760 ----a-w- C:\Windows\System32\atimpc64.dll
2010-10-27 07:37:18 53760 ----a-w- C:\Windows\System32\amdpcom64.dll
2010-10-27 07:37:14 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2010-10-27 07:37:14 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2010-10-27 05:06:22 2048 ----a-w- C:\Windows\System32\tzres.dll
2010-10-27 04:32:36 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2010-10-20 05:20:01 46080 ----a-w- C:\Windows\System32\atmlib.dll
2010-10-20 04:54:18 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2010-10-20 03:09:15 3124224 ----a-w- C:\Windows\System32\win32k.sys
2010-10-20 03:05:46 367104 ----a-w- C:\Windows\System32\atmfd.dll
2010-10-20 02:58:41 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2010-10-19 20:51:33 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-10-16 05:23:13 112000 ----a-w- C:\Windows\System32\consent.exe
2010-10-16 05:19:41 395776 ----a-w- C:\Windows\System32\webio.dll
2010-10-16 04:36:10 314368 ----a-w- C:\Windows\SysWow64\webio.dll
2010-10-07 18:36:16 96544 ----a-w- C:\Windows\System32\dnssd.dll
2010-10-07 18:36:16 69408 ----a-w- C:\Windows\System32\jdns_sd.dll
2010-10-07 18:36:16 237856 ----a-w- C:\Windows\System32\dnssdX.dll
2010-10-07 18:36:16 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2010-10-07 18:23:02 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2010-10-07 18:23:02 75040 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2010-10-07 18:23:02 197920 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2010-10-07 18:23:02 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe

============= FINISH: 20:59:01.95 ===============

Attached Files



#4 Drj312

Drj312
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:07:31 PM

Posted 27 January 2011 - 04:33 PM

hello?

#5 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:07:31 PM

Posted 27 January 2011 - 11:06 PM

Hi :)

Nothing there, and gmer isn't compatible with win7 or 64 bit. :) Is there a reason you thought it was malware?

tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#6 Drj312

Drj312
  • Topic Starter

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:07:31 PM

Posted 28 January 2011 - 03:05 PM

Thank you! No, nothing made me suspect there was malware. I just thought it would be responsible to have my computer get checked up every now and then just to be safe.

#7 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:07:31 PM

Posted 28 January 2011 - 04:12 PM

Cool

Take care,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#8 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:07:31 PM

Posted 12 February 2011 - 03:11 PM

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users