Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Some sort of rootkit, redirects google and not detected by avg


  • This topic is locked This topic is locked
No replies to this topic

#1 jdkeric

jdkeric

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:54 PM

Posted 25 February 2014 - 12:11 AM

Mod Edit: Duplicate of http://www.bleepingcomputer.com/forums/t/525638/

I started having strange redirects from google and have done an avg scan with no results.  Also startup is slow and some programs will not start.
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16518
Run by eric at 23:57:58 on 2014-02-24
.
============== Running Processes ================
.
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\eric\Downloads\o6kmeauh.exe
C:\Users\eric\AppData\Local\Temp\2226FAD0-85DE5F10-F9437A0-117FF460\17c50i8x.exe
C:\Users\eric\AppData\Local\Temp\2226FAD0-85DE5F10-F9437A0-117FF460\j1w2r4ix.exe
C:\Users\eric\AppData\Local\Temp\2226FAD0-85DE5F10-F9437A0-117FF460\2wwihj1p.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\eric\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.daum.net/
uSearchURL,(Default) = hxxp://search.daum.net/search?nil_profile=ie&ref_code=ms&q=%s
BHO: IEOptimizer: {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\SavingsBull\IEOptimizer.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{1C631677-F76D-4F07-AFC0-53D8E468AF42} : DHCPNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{1C631677-F76D-4F07-AFC0-53D8E468AF42}\56775626 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{1C631677-F76D-4F07-AFC0-53D8E468AF42}\C4F45535 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{8841162D-77F0-49D5-B54D-AD9E102319DC} : DHCPNameServer = 65.32.5.111 65.32.5.112
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - 
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - 
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - 
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\eric\AppData\Roaming\Mozilla\Firefox\Profiles\7zeq499y.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2014-02-17 11:45; adsremoval@adsremoval.net; C:\Users\eric\AppData\Roaming\Mozilla\Firefox\Profiles\7zeq499y.default\extensions\adsremoval@adsremoval.net
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
============= SERVICES / DRIVERS ===============
.
2 cvhsvc;Client Virtualization Handler
R? AVGIDSAgent;AVGIDSAgent
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? FPLService;TrueSuiteService
R? gfiark;gfiark
R? gfiutil;gfiutil
R? HPAuto;HP Auto
R? HPClientSvc;HP Client Services
R? IEEtwCollectorService;Internet Explorer ETW Collector Service
R? netfilter64;netfilter64
R? Revoflt;Revoflt
R? RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver
R? SrvHsfHDA;SrvHsfHDA
R? SrvHsfV92;SrvHsfV92
R? SrvHsfWinac;SrvHsfWinac
R? TsUsbFlt;TsUsbFlt
R? TsUsbGD;Remote Desktop Generic USB Device
R? WatAdminSvc;Windows Activation Technologies Service
S? !SASCORE;SAS Core Service
S? AMD External Events Utility;AMD External Events Utility
S? AMD FUEL Service;AMD FUEL Service
S? amd_sata;amd_sata
S? amd_xata;amd_xata
S? amdhub30;AMD USB 3.0 Hub Driver
S? amdiox64;AMD IO Driver
S? amdxhc;AMD USB 3.0 Host Controller Driver
S? AtiHDAudioService;ATI Function Driver for HD Audio Service
S? Avgdiska;AVG Disk Driver
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSHA;AVGIDSHA
S? Avgldx64;AVG AVI Loader Driver
S? Avgloga;AVG Logging Driver
S? Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx64;AVG Anti-Rootkit Driver
S? Avgtdia;AVG TDI Driver
S? avgwd;AVG WatchDog
S? clwvd;CyberLink WebCam Virtual Driver
S? ezSharedSvc;Easybits Services for Windows
S? HitmanProScheduler;HitmanPro Scheduler
S? hpsrv;HP Service
S? HPWMISVC;HPWMISVC
S? klkbdflt;Kaspersky Lab KLKBDFLT
S? klmouflt;Kaspersky Lab KLMOUFLT
S? kltdi;kltdi
S? kneps;kneps
S? MpFilter;Microsoft Malware Protection Driver
S? netr28x;Ralink 802.11n Extensible Wireless Driver
S? NisDrv;Microsoft Network Inspection System
S? NisSrv;Microsoft Network Inspection
S? RSPCIESTOR;Realtek PCIE CardReader Driver
S? RTL8167;Realtek 8167 NT Driver
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
S? Sftfs;Sftfs
S? sftlist;Application Virtualization Client
S? Sftplay;Sftplay
S? Sftredir;Sftredir
S? Sftvol;Sftvol
S? sftvsa;Application Virtualization Service Agent
S? usbfilter;AMD USB Filter Driver
.
=============== Created Last 30 ================
.
2014-02-25 04:45:05 -------- d-----w- C:\Users\eric\Doctor Web
2014-02-25 04:33:25 -------- d-sh--w- C:\$RECYCLE.BIN
2014-02-24 23:00:49 10536864 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0499FF4F-988E-4A71-8714-29C09684F601}\mpengine.dll
2014-02-24 22:37:15 -------- d-----w- C:\Users\eric\AppData\Roaming\uTorrent
2014-02-23 16:22:50 10536864 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-22 07:33:08 -------- d-----w- C:\TDSSKiller_Quarantine
2014-02-22 07:22:25 -------- d-----w- C:\Program Files (x86)\NoVirusThanks
2014-02-22 07:15:55 -------- d-----w- C:\Program Files (x86)\SearchProtect
2014-02-22 07:15:53 -------- d-----w- C:\Users\eric\AppData\Local\SearchProtect
2014-02-22 04:29:22 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-22 04:29:22 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-22 04:28:02 -------- d-----w- C:\Program Files\SavingsbullFilter
2014-02-22 04:27:24 -------- d-----w- C:\Program Files (x86)\SavingsBull
2014-02-22 04:27:18 -------- d-----w- C:\Program Files (x86)\PassShow
2014-02-22 04:27:16 -------- d-----w- C:\temp
2014-02-22 04:27:12 -------- d-----w- C:\Program Files\Level Quality Watcher
2014-02-21 06:14:56 -------- d-----w- C:\AdwCleaner
2014-02-21 04:46:59 31264 ----a-w- C:\Windows\System32\drivers\gfiutil.sys
2014-02-21 04:46:56 41032 ----a-w- C:\Windows\System32\drivers\gfiark.sys
2014-02-21 04:46:32 -------- d-----w- C:\VIPRERESCUE
2014-02-21 04:43:33 -------- d-----w- C:\Program Files (x86)\ESET
2014-02-20 07:22:08 -------- d-----w- C:\Users\eric\AppData\Roaming\AVG2014
2014-02-20 06:53:51 -------- d-----w- C:\$AVG
2014-02-20 06:53:50 -------- d-----w- C:\ProgramData\AVG2014
2014-02-20 06:53:02 -------- d-----w- C:\Program Files (x86)\AVG
2014-02-20 06:52:05 -------- d-----w- C:\Users\eric\AppData\Local\Avg2014
2014-02-20 00:54:14 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{913B2DD7-CAD7-491B-B5BF-D8AE2781562E}\gapaengine.dll
2014-02-19 10:43:36 -------- d-----w- C:\Windows\Microsoft Antimalware
2014-02-19 09:36:38 -------- d-----w- C:\Program Files\HitmanPro
2014-02-19 08:30:25 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys
2014-02-19 08:30:25 108440 ----a-w- C:\Windows\System32\drivers\avgntflt.sys
2014-02-19 08:10:02 -------- d-----w- C:\ProgramData\HitmanPro
2014-02-19 06:50:42 98816 ----a-w- C:\Windows\sed.exe
2014-02-19 06:50:42 256000 ----a-w- C:\Windows\PEV.exe
2014-02-19 06:50:42 208896 ----a-w- C:\Windows\MBR.exe
2014-02-18 18:43:40 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3F43093-7556-4351-8D94-3CD482AB580E}\mpengine.dll
2014-02-17 21:38:23 -------- d-----w- C:\ProgramData\IObit
2014-02-17 21:38:16 -------- d-----w- C:\Users\eric\AppData\Roaming\IObit
2014-02-17 21:38:13 -------- d-----w- C:\Program Files (x86)\IObit
2014-02-17 20:03:41 -------- d-----w- C:\Users\eric\AppData\Local\ElevatedDiagnostics
2014-02-17 19:35:50 -------- d-----w- C:\Users\eric\AppData\Roaming\Malwarebytes
2014-02-17 19:35:40 -------- d-----w- C:\ProgramData\Malwarebytes
2014-02-17 19:04:49 -------- d-----w- C:\Users\eric\AppData\Roaming\Avira
2014-02-17 19:02:23 -------- d-----w- C:\ProgramData\Avira
2014-02-17 18:54:51 -------- d-----w- C:\Program Files\AVAST Software
2014-02-17 18:53:26 -------- d-----w- C:\ProgramData\AVAST Software
2014-02-17 18:48:14 -------- d-----w- C:\ProgramData\Kaspersky Lab Setup Files
2014-02-17 18:26:17 -------- d-----w- C:\Users\eric\AppData\Roaming\SUPERAntiSpyware.com
2014-02-17 18:25:55 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2014-02-17 18:25:55 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2014-02-16 07:16:26 -------- d-----w- C:\Users\eric\AppData\Roaming\Paiduqme
2014-02-16 01:29:27 -------- d-----w- C:\Program Files (x86)\Grotesque-Tactics2
2014-02-14 22:46:21 -------- d-----w- C:\Program Files (x86)\Black Isle
2014-02-14 22:23:53 -------- d-----w- C:\Users\eric\AppData\Local\4kdownload.com
2014-02-14 22:19:38 -------- d-----w- C:\Program Files (x86)\4KDownload
2014-02-12 08:03:01 548864 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-12 08:03:01 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-02-12 01:11:15 -------- d-----w- C:\Users\eric\AppData\Local\Uldmedia
2014-02-12 00:25:55 -------- d-----w- C:\Users\eric\AppData\Local\Deng Team
2014-02-12 00:19:08 -------- d-----w- C:\Program Files (x86)\Doomsday
2014-02-11 23:52:01 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-02-11 23:52:01 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-02-11 23:52:01 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2014-02-11 23:52:01 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-02-11 17:00:14 -------- d-----w- C:\Users\eric\AppData\Roaming\HackSlashLoot
2014-02-11 02:19:28 -------- d-----w- C:\Users\eric\AppData\Roaming\TheBannerSaga
2014-02-06 22:08:25 -------- d-----w- C:\Users\eric\AppData\Roaming\Unity
2014-02-06 22:08:06 -------- d-----w- C:\Users\eric\AppData\Local\Unity
2014-02-05 19:18:48 -------- d-----w- C:\Users\eric\AppData\Local\The Witcher 2
2014-02-05 07:12:54 -------- d-----w- C:\Program Files (x86)\R.G. Catalyst
2014-02-02 23:58:10 -------- d-----w- C:\GDVDSoft
2014-02-02 23:57:59 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
2014-02-02 23:57:58 719872 ----a-w- C:\Windows\SysWow64\devil.dll
2014-02-02 23:57:58 70656 ----a-w- C:\Windows\SysWow64\RLAPEDec.ax
2014-02-02 23:57:58 438272 ----a-w- C:\Windows\SysWow64\Mpeg2DecFilter.ax
2014-02-02 23:57:58 351744 ----a-w- C:\Windows\SysWow64\avisynth.dll
2014-02-02 23:57:58 217088 ----a-w- C:\Windows\SysWow64\CoreFLACDecoder.ax
2014-02-02 23:57:58 175616 ----a-w- C:\Windows\SysWow64\unrar.dll
2014-02-02 23:57:58 1184984 ----a-w- C:\Windows\SysWow64\wvc1dmod.dll
2014-02-02 23:57:58 -------- d-----w- C:\Users\eric\AppData\Roaming\g_youtube_downloader
2014-01-26 08:16:02 -------- d-----w- C:\ProgramData\Orbit
.
==================== Find3M  ====================
.
2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-12-18 11:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-12-04 02:27:33 485888 ----a-w- C:\Windows\System32\secproc_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp.dll
2013-12-04 02:27:16 488448 ----a-w- C:\Windows\System32\secproc.dll
2013-12-04 02:26:32 528384 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 02:16:51 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2013-12-04 02:16:51 626176 ----a-w- C:\Windows\System32\RMActivate.exe
2013-12-04 02:16:50 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe
2013-12-04 02:16:48 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll
2013-12-04 02:03:20 423936 ----a-w- C:\Windows\SysWow64\secproc_isv.dll
2013-12-04 02:03:08 428032 ----a-w- C:\Windows\SysWow64\secproc.dll
2013-12-04 02:02:06 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll
2013-12-04 01:54:14 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe
2013-12-04 01:54:10 594944 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe
2013-12-04 01:54:09 572416 ----a-w- C:\Windows\SysWow64\RMActivate.exe
2013-12-04 01:54:06 508928 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
2013-11-29 19:36:43 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2013-11-29 19:36:43 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2013-11-29 19:36:43 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2013-11-29 19:36:43 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2009-12-06 16:18:14 26624 --sh--w- C:\Windows\bfcs2.dll
.
============= FINISH: 23:58:32.21 ===============

Attached Files


Edited by Blade, 25 February 2014 - 02:32 AM.


BC AdBot (Login to Remove)

 


m



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users