Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Defender goes red when trying to scan. [Windows 8]


  • Please log in to reply
2 replies to this topic

#1 RedWinDefender

RedWinDefender

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:01 PM

Posted 09 March 2013 - 10:57 PM

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16482  BrowserJavaVersion: 10.15.2
Run by Zach at 21:51:53 on 2013-03-09
Microsoft Windows 8 Pro  6.2.9200.0.1252.1.1033.18.6142.4228 [GMT -6:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Classic Shell\ClassicShellService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\dashost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\EVGA Precision X\Bundle\OSDServer\RTSS.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\HsMgr.exe
C:\Windows\System\HsMgr64.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Unified Remote\RemoteServer.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Trillian\trillian.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\HexChat\hexchat.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://192.168.1.1/
mWinlogon: Userinit = userinit.exe,
BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: ClassicIE9BHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll
TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Unified Remote v2] C:\Program Files (x86)\Unified Remote\RemoteServer.exe
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
uRun: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe"
StartupFolder: C:\Users\Zach\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
IE: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4C624A35-9012-4218-81AD-2CC21EC6A789} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: ClassicIE9BHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll
x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-Run: [Cmaudio8788] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
x64-Run: [Cmaudio8788GX] C:\Windows\syswow64\HsMgr.exe Envoke
x64-Run: [Cmaudio8788GX64] C:\Windows\system\HsMgr64.exe Envoke
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe
x64-IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310}
x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R3 cmudaxp;ASUS Xonar DG Audio Interface;C:\Windows\System32\Drivers\cmudaxp.sys [2013-1-24 2733568]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\Drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\Drivers\LGVirHid.sys [2009-11-23 16008]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\Drivers\nusb3hub.sys [2010-11-18 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\Drivers\nusb3xhc.sys [2010-11-18 181248]
R3 RTCore64;RTCore64;C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [2013-2-21 15176]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\Drivers\rzudd.sys [2012-11-7 113664]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
R3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\Windows\System32\Drivers\xusb22.sys [2012-7-25 89088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-7 161384]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-3-7 49152]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-25 117248]
SUnknown MpKsl1196e29d;MpKsl1196e29d; [x]
SUnknown MpKslde0fa6e7;MpKslde0fa6e7; [x]
.
=============== Created Last 30 ================
.
2013-03-10 01:39:03 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2CD39552-C1D7-4D5D-B16D-FB1A004C38BD}\mpengine.dll
2013-03-10 01:24:59 -------- d-----w- C:\Windows\pss
2013-03-09 19:31:47 9162192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-03-08 00:54:37 -------- d-----w- C:\Program Files (x86)\Common Files\BattlEye
2013-03-07 23:00:54 -------- d-----w- C:\Users\Zach\AppData\Local\Play withSIX
2013-03-07 23:00:54 -------- d-----w- C:\Users\Zach\AppData\Local\IsolatedStorage
2013-03-07 23:00:50 -------- d-----w- C:\Program Files (x86)\SIX Networks
2013-03-07 23:00:37 -------- d-----w- C:\Users\Zach\AppData\Local\Downloaded Installations
2013-03-07 22:55:54 -------- d-----w- C:\ProgramData\Bohemia Interactive Studio
2013-03-07 22:20:25 -------- d-----w- C:\Users\Zach\AppData\Local\DayZCommander
2013-03-07 22:20:21 -------- d-----w- C:\Program Files (x86)\Dotjosh Studios
2013-03-07 22:19:01 -------- d-----w- C:\Users\Zach\AppData\Local\ArmA 2 OA
2013-03-07 22:16:43 -------- d-----w- C:\Users\Zach\AppData\Local\ArmA 2
2013-03-06 04:23:57 -------- d-----w- C:\Users\Zach\AppData\Local\dxhr
2013-03-06 04:22:26 -------- d-----w- C:\Users\Zach\AppData\Local\28050
2013-03-05 04:22:04 -------- d-----w- C:\Users\Zach\AppData\Roaming\Origin
2013-03-05 04:22:04 -------- d-----w- C:\Program Files (x86)\Origin Games
2013-03-05 04:22:01 -------- d-----w- C:\Users\Zach\AppData\Local\Origin
2013-03-05 04:21:07 -------- d-----w- C:\ProgramData\Origin
2013-03-05 04:21:05 -------- d-----w- C:\Program Files (x86)\Origin
2013-03-04 20:52:28 -------- d-----w- C:\Users\Zach\AppData\Local\SKIDROW
2013-03-04 20:52:10 -------- d-----w- C:\Program Files (x86)\Unified Remote
2013-03-03 06:40:54 -------- d-----w- C:\Users\Zach\AppData\Local\Sniper Elite Nazi Zombie Army
2013-03-02 21:06:40 -------- d-----w- C:\Program Files (x86)\Flawless Widescreen
2013-03-02 18:34:22 -------- d-----w- C:\Users\Zach\AppData\Local\Plex Media Server
2013-03-02 18:34:22 -------- d-----w- C:\Users\Zach\AppData\Local\Apple Computer
2013-03-02 18:34:11 -------- d-----w- C:\Program Files (x86)\Plex
2013-03-02 18:34:03 -------- d-----w- C:\Program Files\Bonjour
2013-03-02 18:34:03 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-03-02 06:18:19 -------- d-----w- C:\Users\Zach\AppData\Roaming\PowerUp Software
2013-03-02 06:17:31 -------- d-----w- C:\ProgramData\PowerUp Software
2013-03-02 04:45:59 -------- d-sh--w- C:\ProgramData\SecuROM
2013-02-28 23:56:13 -------- d-----w- C:\Users\Zach\AppData\Roaming\GameFly
2013-02-28 23:36:13 447752 ----a-r- C:\Windows\SysWow64\vp6vfw.dll
2013-02-28 23:36:11 -------- d-----w- C:\Program Files (x86)\Microsoft WSE
2013-02-28 00:16:26 443392 ----a-w- C:\Windows\System32\ReAgent.dll
2013-02-28 00:16:26 375808 ----a-w- C:\Windows\SysWow64\ReAgent.dll
2013-02-28 00:16:26 1010688 ----a-w- C:\Windows\System32\reseteng.dll
2013-02-27 01:01:49 -------- d-----w- C:\Users\Zach\AppData\Local\WBFSManager
2013-02-27 01:01:19 -------- d-----w- C:\Program Files\WBFS
2013-02-25 15:25:31 -------- d-----w- C:\Program Files (x86)\Siber Systems
2013-02-23 22:49:56 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-23 21:40:58 -------- d-----w- C:\Program Files (x86)\EaseUS
2013-02-23 00:45:49 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller
2013-02-22 03:40:05 -------- d-----w- C:\ProgramData\Electronic Arts
2013-02-22 03:40:05 -------- d-----w- C:\ProgramData\EA Core
2013-02-20 05:54:18 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2013-02-20 05:54:18 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2013-02-20 05:53:11 -------- d-----w- C:\ProgramData\Battle.net
2013-02-16 20:43:59 1690624 ----a-w- C:\Windows\System32\GdiPlus.dll
2013-02-16 20:43:59 1437696 ----a-w- C:\Windows\SysWow64\GdiPlus.dll
2013-02-16 03:17:32 -------- d-----w- C:\Users\Zach\AppData\Local\Activision
2013-02-16 02:46:36 -------- d-----w- C:\Users\Zach\AppData\Local\Logitech
2013-02-16 02:46:19 -------- d-----w- C:\Program Files\Logitech Gaming Software
2013-02-16 02:45:59 -------- d-----w- C:\Users\Zach\AppData\Roaming\Logishrd
2013-02-16 00:17:41 -------- d-----w- C:\Windows\8A809006C25A4A3A9DAB94659BCDB107.TMP
2013-02-16 00:17:41 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2013-02-16 00:13:24 -------- d-----w- C:\Windows\SysWow64\xlive
2013-02-16 00:13:22 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-02-14 21:35:29 -------- d-----r- C:\Program Files (x86)\Skype
2013-02-14 19:30:37 4055552 ----a-w- C:\Windows\System32\win32k.sys
2013-02-14 17:07:38 1002728 ----a-w- C:\Windows\System32\WinUSBCoInstaller2.dll
2013-02-14 17:07:16 -------- d-----w- C:\Program Files (x86)\WugFresh Development
2013-02-14 08:40:02 6967016 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-02-14 05:43:30 2226408 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-13 23:50:51 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 23:50:51 1084416 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-12 04:28:18 -------- d-----w- C:\Users\Zach\AppData\Local\FLT
2013-02-11 06:46:01 -------- d-----w- C:\Users\Zach\AppData\Local\Two Worlds II
2013-02-09 02:56:17 -------- d-----w- C:\Users\Zach\AppData\Roaming\Bitcoin
2013-02-09 02:56:17 -------- d-----w- C:\ProgramData\boost_interprocess
2013-02-09 02:54:43 -------- d-----w- C:\Program Files (x86)\Bitcoin
.
==================== Find3M  ====================
.
2013-03-09 17:26:27 119296 ----a-w- C:\Windows\SysWow64\zlib.dll
2013-02-28 09:29:41 6398240 ----a-w- C:\Windows\System32\nvcpl.dll
2013-02-28 09:29:41 3477280 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-02-28 09:29:35 877856 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-02-28 09:29:35 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-02-28 09:29:35 2555680 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-02-28 09:29:35 237856 ----a-w- C:\Windows\System32\nvmctray.dll
2013-02-25 15:35:33 3044665 ----a-w- C:\Windows\System32\nvcoproc.bin
2013-02-23 22:49:53 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-02-23 22:49:53 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-02-21 07:29:31 78168 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-21 07:29:30 692568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-30 10:53:22 273840 ------w- C:\Windows\System32\MpSigStub.exe
2013-01-24 07:28:43 564824 ----a-w- C:\Windows\System32\drivers\sptd.sys
2013-01-24 07:01:04 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-01-24 07:01:03 960416 ----a-w- C:\Windows\System32\deployJava1.dll
2013-01-24 07:01:03 1081760 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-01-24 06:56:30 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2013-01-24 06:56:30 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2013-01-24 06:56:30 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2013-01-24 06:56:29 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2013-01-16 00:35:49 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2013-01-16 00:31:26 53760 ----a-w- C:\Windows\System32\UXInit.dll
2013-01-10 01:53:32 28904 ----a-w- C:\Windows\System32\drivers\msgpiowin32.sys
2013-01-10 01:40:39 1448168 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-01-10 01:40:38 303848 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-01-10 01:39:29 194280 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2013-01-10 01:39:22 124648 ----a-w- C:\Windows\System32\drivers\dumpsd.sys
2013-01-10 01:29:56 91880 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2013-01-10 01:29:54 1934056 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-01-10 01:29:21 785504 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-01-09 23:26:53 83968 ----a-w- C:\Windows\SysWow64\wiaacmgr.exe
2013-01-09 23:26:46 1611776 ----a-w- C:\Windows\SysWow64\mmc.exe
2013-01-09 23:26:35 410624 ----a-w- C:\Windows\SysWow64\Windows.Networking.dll
2013-01-09 23:26:35 261120 ----a-w- C:\Windows\SysWow64\Windows.Media.dll
2013-01-09 23:26:25 278528 ----a-w- C:\Windows\SysWow64\srm.dll
2013-01-09 23:26:25 202752 ----a-w- C:\Windows\SysWow64\srmstormod.dll
2013-01-09 23:26:23 1752064 ----a-w- C:\Windows\SysWow64\setupapi.dll
2013-01-09 23:26:20 67584 ----a-w- C:\Windows\SysWow64\samlib.dll
2013-01-09 23:26:08 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll
2013-01-09 23:26:04 890880 ----a-w- C:\Windows\SysWow64\msctf.dll
2013-01-09 23:26:03 436736 ----a-w- C:\Windows\SysWow64\MP4SDECD.DLL
2013-01-09 23:25:55 582144 ----a-w- C:\Windows\SysWow64\gpprefcl.dll
2013-01-09 23:23:32 95232 ----a-w- C:\Windows\System32\wiaacmgr.exe
2013-01-09 23:23:25 2094592 ----a-w- C:\Windows\System32\mmc.exe
2013-01-09 23:23:23 240640 ----a-w- C:\Windows\System32\fsquirt.exe
2013-01-09 23:23:18 256000 ----a-w- C:\Windows\System32\WSDMon.dll
2013-01-09 23:23:16 1964544 ----a-w- C:\Windows\System32\wlidsvc.dll
2013-01-09 23:23:14 594944 ----a-w- C:\Windows\System32\Windows.Networking.dll
2013-01-09 23:23:14 406016 ----a-w- C:\Windows\System32\Windows.Media.dll
2013-01-09 23:23:09 274432 ----a-w- C:\Windows\System32\srmstormod.dll
2013-01-09 23:23:08 279040 ----a-w- C:\Windows\System32\srm.dll
2013-01-09 23:23:07 1886208 ----a-w- C:\Windows\System32\setupapi.dll
2013-01-09 23:23:05 728064 ----a-w- C:\Windows\System32\samsrv.dll
2013-01-09 23:22:53 464384 ----a-w- C:\Windows\System32\netprofmsvc.dll
2013-01-09 23:22:53 151040 ----a-w- C:\Windows\System32\netprofm.dll
2013-01-09 23:22:43 1120768 ----a-w- C:\Windows\System32\msctf.dll
2013-01-09 23:22:41 666112 ----a-w- C:\Windows\System32\MP4SDECD.DLL
2013-01-09 23:22:35 438272 ----a-w- C:\Windows\System32\lsm.dll
2013-01-09 23:22:29 894464 ----a-w- C:\Windows\System32\iphlpsvc.dll
2013-01-09 23:22:29 159232 ----a-w- C:\Windows\System32\inetpp.dll
2013-01-09 23:22:26 49152 ----a-w- C:\Windows\System32\drivers\UMDF\HidBthLE.dll
2013-01-09 23:22:25 820736 ----a-w- C:\Windows\System32\gpprefcl.dll
2013-01-09 23:22:05 1918464 ----a-w- C:\Windows\System32\wbem\cimwin32.dll
2013-01-09 03:59:47 341504 ----a-w- C:\Windows\System32\drivers\HdAudio.sys
2013-01-09 03:59:16 74752 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
2013-01-09 03:58:34 51712 ----a-w- C:\Windows\System32\drivers\bthenum.sys
2013-01-09 03:57:50 1175040 ----a-w- C:\Windows\System32\drivers\bthport.sys
2013-01-04 05:32:36 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-01-04 04:19:53 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2012-12-20 00:37:37 1775616 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-12-20 00:37:04 2881536 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-12-20 00:37:02 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2012-12-20 00:37:02 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2012-12-20 00:36:50 431616 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2012-12-20 00:29:16 2246656 ----a-w- C:\Windows\System32\wininet.dll
2012-12-20 00:29:11 907776 ----a-w- C:\Windows\System32\uxtheme.dll
2012-12-20 00:28:29 3966464 ----a-w- C:\Windows\System32\jscript9.dll
2012-12-20 00:28:26 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2012-12-20 00:28:04 39936 ----a-w- C:\Windows\apppatch\apppatch64\acspecfc.dll
2012-12-18 01:56:27 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2012-12-16 08:28:20 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 08:20:01 35328 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-16 08:08:33 362496 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 07:57:09 300032 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-14 22:49:28 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 21:52:01.58 ===============
 
 

Attached Files


Edited by RedWinDefender, 09 March 2013 - 11:01 PM.


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:10:01 PM

Posted 12 March 2013 - 08:13 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.
  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.
  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:10:01 PM

Posted 18 March 2013 - 07:52 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users