This morning my PC (Win 7 Ult 64-bit) abruptly shut itself off and seince the restart I have been experiencing several issues.
1. There are AUDIO ADS playing in the background of my PC constantly, they start when my PC starts up even before opening a browser, and are listed in my Ausio Mixer as No Name Available. There is no apparent source of the audio as I am unable to locate the process.
2. I randomly get errors saying either: My Plug N Play has had an error or DCom has had an error and both require restarts.
I have run MBAM, MBar, Adwcleaner, ComboFix, damagefix, TRL, RKiller, and TDSSKiller and NOTHING can find whatever is causing this issue.
As far as I know I have NO ROOTKITS. I will include the MBAM full scan results and the DDS here for starters.
Thank you in advance from HOPEFULLY saving me from a reformat.
P.S. When I kill the process svchost.exe - audiodg.exe all my sound goes away when I restart the process the Audio Ads stop. If interested I'd be willing to make a Video showing the exact order of actions taken to stop the virus's processes.
-Drew
Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org
Database version: v2014.01.01.04
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Drew :: NCC-1701-C [administrator]
1/1/2014 12:35:25 PM
mbam-log-2014-01-01 (12-35-25).txt
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 423177
Time elapsed: 43 minute(s), 27 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 8
C:\Users\Drew\Desktop\downloads\Adobe photoshop CS6 13.0 [Extended x86+x64] (2012) PC\Patch\Crack\x64\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Users\Drew\Desktop\downloads\Adobe photoshop CS6 13.0 [Extended x86+x64] (2012) PC\Patch\Crack\x86\amtlib.dll (PUP.RiskwareTool.CK) -> No action taken.
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Steam\SteamApps\common\Fable 3\paul.dll (PUP.RiskwareTool.CK) -> Quarantined and deleted successfully.
C:\ProgramData\Martau\Total Uninstall 6\Backup\Connect DLC 5 Toolbar for IE.Analyzed.zip (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\Martau\Total Uninstall 6\Backup\weDownload Manager Pro.Analyzed.zip (PUP.Optional.WeDownload.A) -> Quarantined and deleted successfully.
C:\Users\Drew\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000 (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Drew\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 (PUP.Optional.InstalleRex) -> Quarantined and deleted successfully.
(end)
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.45.2
Run by Drew at 14:13:31 on 2014-01-01
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.8174.5330 [GMT -6:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Users\Drew\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\SndVol.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Spotify Web Helper] "C:\Users\Drew\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{52998234-5EA3-4582-ACE8-A25140A20DD3} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2013-11-22 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2013-11-22 40064]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-11-24 283064]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-10-8 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-10-8 344064]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-11-20 57512]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-11-29 2210640]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2013-11-26 9216]
R2 HOSTNT;HOSTNT;C:\Windows\System32\drivers\hostnt.sys [2013-11-24 13864]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2013-10-11 377104]
R2 MSI_SuperCharger;MSI_SuperCharger;C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2013-11-22 143416]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-7-5 96256]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-22 25928]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2013-11-22 13368]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-11-22 676968]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2013-11-22 44672]
S2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-11-20 57512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-22 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-22 701512]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2013-11-22 46136]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-8-19 351136]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2013-12-30 121416]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-22 1255736]
.
=============== Created Last 30 ================
.
2014-01-01 19:48:10 -------- d-----w- C:\Windows\ERUNT
2014-01-01 19:45:30 -------- d-----w- C:\AdwCleaner
2014-01-01 19:40:51 -------- d-sh--w- C:\$RECYCLE.BIN
2014-01-01 19:25:02 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-01 19:24:48 89304 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-01-01 19:22:57 145920 ----a-w- C:\Windows\System32\drivers\rmcast.sys.bak
2014-01-01 18:27:34 -------- d-----w- C:\TDSSKiller_Quarantine
2014-01-01 17:56:36 98816 ----a-w- C:\Windows\sed.exe
2014-01-01 17:56:36 256000 ----a-w- C:\Windows\PEV.exe
2014-01-01 17:56:36 208896 ----a-w- C:\Windows\MBR.exe
2013-12-31 09:48:46 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1E2EB68B-B92D-4F63-9990-885A3AD7A9D2}\offreg.dll
2013-12-30 17:55:39 -------- d-----w- C:\Users\Drew\AppData\Roaming\MotioninJoy
2013-12-30 17:55:24 74960 ----a-w- C:\Windows\System32\drivers\xusb21.sys
2013-12-30 17:55:24 328712 ----a-w- C:\Windows\System32\MijFrc.dll
2013-12-30 17:55:24 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2013-12-30 17:55:24 121416 ----a-w- C:\Windows\System32\drivers\MijXfilt.sys
2013-12-30 17:55:24 -------- d-----w- C:\Program Files\MotioninJoy
2013-12-29 12:21:14 -------- d-----w- C:\ProgramData\Steam
2013-12-29 12:20:54 -------- d-----w- C:\Users\Drew\AppData\Roaming\Injustice
2013-12-28 19:31:05 -------- d-----w- C:\Users\Drew\AppData\Roaming\Fatshark
2013-12-26 20:30:44 -------- d-----w- C:\Users\Drew\AppData\Roaming\Warner Bros. Interactive Entertainment
2013-12-21 19:49:00 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2013-12-21 19:49:00 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2013-12-21 19:48:58 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2013-12-21 19:48:45 -------- d-----w- C:\Riot Games
2013-12-21 19:47:47 -------- d-----w- C:\Users\Drew\AppData\Local\PMB Files
2013-12-21 19:47:46 -------- d-----w- C:\ProgramData\PMB Files
2013-12-21 19:47:44 -------- d-----w- C:\Program Files (x86)\Pando Networks
2013-12-21 19:46:52 -------- d-----w- C:\Users\Drew\AppData\Roaming\Riot Games
2013-12-17 16:46:06 -------- d-----w- C:\Users\Drew\AppData\Roaming\Wondershare Video Converter Ultimate
2013-12-17 16:45:39 -------- d-----w- C:\Users\Drew\AppData\Local\Wondershare
2013-12-17 16:45:39 -------- d-----w- C:\Program Files\Common Files\Wondershare
2013-12-17 16:45:32 -------- d-----w- C:\ProgramData\Wondershare Video Converter Ultimate
2013-12-17 16:45:30 -------- d-----w- C:\Program Files (x86)\Wondershare
2013-12-17 16:05:12 -------- d-----w- C:\Users\Drew\.lennasinception
2013-12-12 20:48:55 -------- d-----w- C:\Program Files\Ventrilo
2013-12-12 20:48:39 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-12-09 22:20:12 -------- d-----w- C:\Games
2013-12-09 21:49:52 -------- d-----w- C:\Users\Drew\AppData\Roaming\StepMania 5
2013-12-09 21:42:31 -------- d-----w- C:\ProgramData\InstallMate
2013-12-09 20:33:17 -------- d-----w- C:\Program Files\ATI
2013-12-09 20:32:54 -------- d-----w- C:\ATI
2013-12-09 20:27:19 -------- d-----w- C:\Users\Drew\AppData\Local\Logitech® Webcam Software
2013-12-09 20:24:28 53248 ----a-r- C:\Users\Drew\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2013-12-09 20:24:12 -------- d-----w- C:\Program Files (x86)\Common Files\LWS
2013-12-09 20:17:14 -------- d-----w- C:\ProgramData\DriverGenius
2013-12-08 02:48:42 -------- d-----w- C:\Users\Drew\AppData\Roaming\7 Sticky Notes
2013-12-08 02:46:35 805376 ----a-w- C:\Windows\SysWow64\EditCtlsU.ocx
2013-12-08 02:46:35 662288 ----a-w- C:\Windows\SysWow64\MSCOMCT2.OCX
2013-12-08 02:46:35 604672 ----a-w- C:\Windows\SysWow64\ExTVwU.ocx
2013-12-08 02:46:35 554008 ----a-w- C:\Windows\SysWow64\dao360.dll
2013-12-08 02:46:35 212240 ----a-w- C:\Windows\SysWow64\richtx32.ocx
2013-12-08 02:46:35 198456 ----a-w- C:\Windows\SysWow64\MCI32.OCX
2013-12-08 02:46:35 140488 ----a-w- C:\Windows\SysWow64\comdlg32.ocx
2013-12-08 02:46:35 1351392 ----a-w- C:\Windows\SysWow64\comctl32.ocx
2013-12-08 02:46:35 1071088 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2013-12-08 02:46:35 1031168 ----a-w- C:\Windows\SysWow64\ExLVwU.ocx
2013-12-08 02:46:35 -------- d-----w- C:\Program Files (x86)\7 Sticky Notes
2013-12-06 19:26:28 -------- d-----w- C:\Users\Drew\AppData\Roaming\Hello Fangaming
2013-12-05 20:48:50 -------- d-----w- C:\Users\Drew\AppData\Local\Diagnostics
2013-12-05 20:20:57 -------- d-----w- C:\Users\Drew\AppData\Local\Mr_Reds_adventure_TMB
2013-12-05 03:28:02 -------- d-----w- C:\Windows\pss
2013-12-05 03:05:20 33856 ---ha-w- C:\Windows\System32\hamachi.sys
2013-12-05 03:05:16 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2013-12-03 03:31:17 -------- d-----w- C:\Users\Drew\AppData\Local\My Games
.
==================== Find3M ====================
.
2013-12-20 03:49:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-20 03:49:11 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-05 20:58:31 283032 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-12-05 20:58:31 283032 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-11-25 02:06:05 76968 ----a-w- C:\Windows\System32\drivers\GrandUsb.sys
2013-11-25 02:06:05 13864 ----a-w- C:\Windows\System32\drivers\hostnt.sys
2013-11-24 18:40:02 283064 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2013-11-23 01:32:11 283032 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-11-23 00:51:30 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-11-23 00:36:18 3130440 ----a-w- C:\Windows\SysWow64\pbsvc_blr.exe
2013-11-22 16:44:46 44544 ----a-w- C:\Windows\System32\themeservice.dll
2013-11-22 16:44:46 332288 ----a-w- C:\Windows\System32\uxtheme.dll
2013-11-22 16:44:46 2851328 ----a-w- C:\Windows\System32\themeui.dll
2013-11-22 16:14:55 0 ----a-w- C:\Windows\ativpsrm.bin
2013-11-22 15:41:21 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-22 15:33:55 14848 ----a-w- C:\Windows\System32\slwga.dll
2013-11-22 15:33:55 13824 ----a-w- C:\Windows\SysWow64\slwga.dll
2013-11-22 15:33:54 419840 ----a-w- C:\Windows\System32\systemcpl.dll
2013-11-22 15:33:52 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2013-11-22 15:33:52 1008640 ----a-w- C:\Windows\System32\user32.dll
2013-11-11 11:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-10-08 15:50:12 51200 ----a-w- C:\Windows\System32\kdbsdk64.dll
2013-10-08 15:45:08 38912 ----a-w- C:\Windows\SysWow64\kdbsdk32.dll
2013-10-08 14:01:20 156712 ----a-w- C:\Windows\System32\amdhcp64.dll
2013-10-08 14:01:18 141256 ----a-w- C:\Windows\SysWow64\amdhcp32.dll
2013-10-08 14:01:14 78432 ----a-w- C:\Windows\System32\atimpc64.dll
2013-10-08 14:01:14 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
2013-10-08 14:01:12 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2013-10-08 14:01:12 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2013-10-08 14:01:06 142792 ----a-w- C:\Windows\System32\atiuxp64.dll
2013-10-08 14:01:06 125824 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2013-10-08 14:01:04 97984 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2013-10-08 14:01:04 114488 ----a-w- C:\Windows\System32\atiu9p64.dll
2013-10-08 14:01:02 1237200 ----a-w- C:\Windows\System32\aticfx64.dll
2013-10-08 14:01:00 1030128 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2013-10-08 14:00:56 9464840 ----a-w- C:\Windows\System32\atidxx64.dll
2013-10-08 14:00:52 8215992 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2013-10-08 14:00:46 6176008 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2013-10-08 14:00:42 6189416 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2013-10-08 14:00:36 6767240 ----a-w- C:\Windows\System32\atiumd6a.dll
2013-10-08 14:00:32 7256496 ----a-w- C:\Windows\System32\atiumd64.dll
2013-10-08 13:58:42 12534784 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2013-10-08 13:39:22 229376 ----a-w- C:\Windows\System32\clinfo.exe
2013-10-08 13:39:10 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe
2013-10-08 13:39:10 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe
2013-10-08 13:39:08 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe
2013-10-08 13:39:08 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe
2013-10-08 13:39:06 98816 ----a-w- C:\Windows\System32\OpenVideo64.dll
2013-10-08 13:38:58 83456 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2013-10-08 13:38:58 127488 ----a-w- C:\Windows\System32\coinst_13.152.1.8.dll
2013-10-08 13:38:52 86528 ----a-w- C:\Windows\System32\OVDecode64.dll
2013-10-08 13:38:48 73216 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2013-10-08 13:38:30 28192256 ----a-w- C:\Windows\System32\amdocl64.dll
2013-10-08 13:36:22 23761408 ----a-w- C:\Windows\SysWow64\amdocl.dll
2013-10-08 13:34:34 63488 ----a-w- C:\Windows\System32\OpenCL.dll
2013-10-08 13:34:28 57344 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-10-08 13:17:50 25385984 ----a-w- C:\Windows\System32\atio6axx.dll
2013-10-08 13:13:44 368640 ----a-w- C:\Windows\System32\atiapfxx.exe
2013-10-08 13:13:34 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2013-10-08 13:13:32 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2013-10-08 13:13:26 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2013-10-08 13:13:24 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2013-10-08 13:13:08 15716352 ----a-w- C:\Windows\System32\aticaldd64.dll
2013-10-08 13:09:52 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2013-10-08 13:00:30 21400064 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2013-10-08 12:54:10 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2013-10-08 12:53:58 26112 ----a-w- C:\Windows\System32\atimuixx.dll
2013-10-08 12:53:50 576512 ----a-w- C:\Windows\System32\atieclxx.exe
2013-10-08 12:52:58 239616 ----a-w- C:\Windows\System32\atiesrxx.exe
2013-10-08 12:51:30 190976 ----a-w- C:\Windows\System32\atitmm64.dll
2013-10-08 12:29:04 96256 ----a-w- C:\Windows\System32\amdave64.dll
2013-10-08 12:28:56 90624 ----a-w- C:\Windows\SysWow64\amdave32.dll
2013-10-08 12:28:42 89088 ----a-w- C:\Windows\System32\atisamu64.dll
2013-10-08 12:28:36 784384 ----a-w- C:\Windows\System32\atiadlxx.dll
2013-10-08 12:28:34 80896 ----a-w- C:\Windows\SysWow64\atisamu32.dll
2013-10-08 12:28:26 594944 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2013-10-08 12:28:12 75264 ----a-w- C:\Windows\System32\atig6pxx.dll
2013-10-08 12:28:08 69632 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2013-10-08 12:28:08 69632 ----a-w- C:\Windows\System32\atiglpxx.dll
2013-10-08 12:28:04 100352 ----a-w- C:\Windows\System32\atig6txx.dll
2013-10-08 12:27:56 96768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2013-10-08 12:27:46 619008 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2013-10-08 12:24:54 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
.
============= FINISH: 14:14:06.21 ===============