Jump to content

Calum

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

Reputation

0 Neutral

About Calum

  • Birthday 03/26/1994

Profile Information

  • Location
    London
  1. Calum
    Hello, I keep getting the following: 2012/12/04 16:53:12 GMT CALUM-PC Calum IP-BLOCK 58.240.163.101 (Type: outgoing, Port: 57959, Process: svchost.exe) Is this bad or can I ignore it? Thanks for your help! The IP address belongs to a known Chinese spam mail server so my guess is that you are infected and you should follow the instructions here Done I read in other topics that I wasn't allowed uTorrent and to post logs directly into the post. attach . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 8 Pro Boot Device: \Device\HarddiskVolume4 Install Date: 26/11/2012 21:37:29 System Uptime: 28/11/2012 21:31:58 (141 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | Z68XP-UD4 Processor: Intel® Core i7-2600K CPU @ 3.40GHz | Socket 1155 | 3701/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 112 GiB total, 68.54 GiB free. D: is FIXED (NTFS) - 111 GiB total, 108.678 GiB free. E: is FIXED (NTFS) - 930 GiB total, 919.055 GiB free. G: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1: 26/11/2012 23:25:17 - Installed Microsoft Office Home and Student 2010 RP2: 01/12/2012 09:58:04 - Installed Adobe Reader XI. RP3: 02/12/2012 17:01:57 - Installed Java 7 Update 9 (64-bit) . ==== Installed Programs ====================== . 7-Zip 9.20 (x64 edition) Adobe Flash Player 11 Plugin Adobe Reader XI Amazon MP3 Downloader 1.0.17 AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager Anki Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition Google Chrome Google Update Helper Intel® Processor Graphics Malwarebytes Anti-Malware version 1.65.1.1000 Microsoft Mathematics Add-in (64-bit) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 32-bit MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Mozilla Firefox 17.0 (x86 en-US) Mozilla Maintenance Service Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2553488) 64-Bit Edition Sublime Text 2.0.1 Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition VLC media player 2.0.4 . ==== Event Viewer Messages From Past Week ======== . 27/11/2012 01:05:46, Error: Microsoft-Windows-WMPNSS-Service [14353] - A media delivery engine with ID '0' was not initialised due to error '0x80070005' when adding the URL 'http://+:10243/WMPNSSv4/1287810425/'. Restart your computer, then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible. 27/11/2012 01:05:46, Error: Microsoft-Windows-WMPNSS-Service [14349] - A new media server was not initialised because the Windows Media Delivery Engine did not initialise due to error '0x80070005'. Restart your computer, then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible. 03/12/2012 23:27:13, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. 01/12/2012 16:22:51, Error: Schannel [36887] - A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20. . ==== End Of File ========================= dds DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16442 Run by Calum at 18:52:47 on 2012-12-04 Microsoft Windows 8 Pro 6.2.9200.0.1252.44.2057.18.16301.13697 [GMT 0:00] . AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\system32\atiesrxx.exe C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\System32\dwm.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\taskhostex.exe C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe C:\Windows\System32\RuntimeBroker.exe C:\WINDOWS\system32\wwahost.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\WINDOWS\system32\atieclxx.exe C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_110.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\vssvc.exe C:\WINDOWS\System32\svchost.exe -k swprv C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchFilterHost.exe C:\WINDOWS\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\Users\Calum\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{3284CA4D-1C05-482F-AD55-506A3411AC6A} : DHCPNameServer = 194.168.4.100 194.168.8.100 TCP: Interfaces\{DAA5DE5E-72FD-443E-BDDB-B9CF0C888463} : DHCPNameServer = 194.168.4.100 194.168.8.100 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL SSODL: WebCheck - <orphaned> x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Calum\AppData\Roaming\Mozilla\Firefox\Profiles\txu8b47a.default-1354553513147\ FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll FF - ExtSQL: 2012-12-03 16:52; omnibar@ajitk.com; C:\Users\Calum\AppData\Roaming\Mozilla\Firefox\Profiles\txu8b47a.default-1354553513147\extensions\omnibar@ajitk.com.xpi FF - ExtSQL: 2012-12-03 16:53; {73a6fe31-595d-460b-a920-fcc0f8843232}; C:\Users\Calum\AppData\Roaming\Mozilla\Firefox\Profiles\txu8b47a.default-1354553513147\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi FF - ExtSQL: 2012-12-03 16:55; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Calum\AppData\Roaming\Mozilla\Firefox\Profiles\txu8b47a.default-1354553513147\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi . ============= SERVICES / DRIVERS =============== . R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2012-10-18 239616] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-26 399432] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-26 676936] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\Drivers\AtihdW86.sys [2012-8-21 91648] R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\Drivers\mbam.sys [2012-11-26 25928] R3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-9 174440] R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\Drivers\Rt630x64.sys [2012-6-2 589824] S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-26 117248] S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\Drivers\WUDFRd.sys [2012-7-26 198656] S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\WINDOWS\System32\Drivers\xusb22.sys [2012-7-26 89088] . =============== Created Last 30 ================ . 2012-12-04 18:46:13 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C112CEF5-8CA1-4D11-9B23-85FDA31458AC}\mpengine.dll 2012-12-03 16:05:32 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2012-12-03 14:01:54 -------- d-----w- C:\Program Files (x86)\xampp 2012-12-02 17:02:51 -------- d-----w- C:\Users\Calum\AppData\Roaming\.minecraft 2012-12-01 19:15:55 -------- d-----w- C:\WINDOWS\System32\appmgmt 2012-12-01 19:08:53 916456 ----a-w- C:\WINDOWS\System32\deployJava1.dll 2012-12-01 19:08:53 1034216 ----a-w- C:\WINDOWS\System32\npDeployJava1.dll 2012-12-01 09:58:34 -------- d-----w- C:\Users\Calum\AppData\Local\Adobe 2012-11-30 18:27:14 -------- d-----w- C:\Program Files (x86)\Amazon 2012-11-27 21:38:01 405504 ----a-w- C:\WINDOWS\System32\pcasvc.dll 2012-11-27 21:38:01 31232 ----a-w- C:\WINDOWS\System32\pcadm.dll 2012-11-27 21:38:01 13312 ----a-w- C:\WINDOWS\System32\pcalua.exe 2012-11-27 21:38:01 11776 ----a-w- C:\WINDOWS\System32\pcaevts.dll 2012-11-27 16:03:04 -------- d-----w- C:\Users\Calum\AppData\Roaming\aacs 2012-11-27 16:01:02 -------- d-----w- C:\Program Files\VideoLAN 2012-11-27 15:26:26 -------- d-----w- C:\Program Files (x86)\VideoLAN 2012-11-27 14:31:38 -------- d-----w- C:\Users\Calum\AppData\Local\Diagnostics 2012-11-27 14:18:32 -------- d-----w- C:\ProgramData\AMD 2012-11-27 14:18:32 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies 2012-11-27 14:18:32 -------- d-----w- C:\Program Files (x86)\AMD AVT 2012-11-27 14:18:30 -------- d-----w- C:\Program Files (x86)\AMD APP 2012-11-27 14:18:03 -------- d-----w- C:\Program Files\ATI Technologies 2012-11-27 14:18:01 -------- d-----w- C:\Program Files\ATI 2012-11-27 14:17:28 -------- d-----w- C:\AMD 2012-11-27 13:55:42 -------- d-----w- C:\Users\Calum\AppData\Local\ATI 2012-11-27 13:55:00 114704 ----a-w- C:\WINDOWS\System32\drivers\AtihdW76.sys 2012-11-27 13:54:52 462848 ----a-w- C:\WINDOWS\System32\ATIDEMGX.dll 2012-11-27 13:54:13 -------- d-----w- C:\Program Files (x86)\ATI Technologies 2012-11-27 13:49:12 -------- d-----w- C:\Program Files\Common Files\ATI Technologies 2012-11-27 13:46:00 0 ----a-w- C:\WINDOWS\ativpsrm.bin 2012-11-27 11:05:20 -------- d-----w- C:\Program Files (x86)\Anki 2012-11-27 01:26:57 -------- d-----w- C:\Program Files\Microsoft Mathematics Add-in 2012-11-27 01:24:10 5425496 ----a-w- C:\WINDOWS\System32\D3DX9_41.dll 2012-11-27 01:24:10 4178264 ----a-w- C:\WINDOWS\SysWow64\D3DX9_41.dll 2012-11-27 01:18:49 778856 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll 2012-11-27 01:18:49 35400 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe 2012-11-27 01:18:49 35400 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe 2012-11-27 01:18:49 124040 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll 2012-11-27 01:18:49 1166440 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll 2012-11-27 01:18:49 102528 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll 2012-11-27 01:07:49 80728 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl 2012-11-27 01:07:49 695648 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe 2012-11-27 01:02:36 -------- d-----r- C:\WINDOWS\BrowserChoice 2012-11-27 00:59:34 11272192 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll 2012-11-27 00:59:34 10768384 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll 2012-11-27 00:55:51 279656 ------w- C:\WINDOWS\System32\MpSigStub.exe 2012-11-27 00:50:59 80896 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe 2012-11-27 00:48:33 98304 ----a-w- C:\WINDOWS\System32\wudriver.dll 2012-11-27 00:47:50 8856576 ----a-w- C:\WINDOWS\SysWow64\twinui.dll 2012-11-26 23:28:51 -------- d-----w- C:\WINDOWS\PCHEALTH 2012-11-26 23:26:21 -------- d-----w- C:\Program Files\Microsoft Analysis Services 2012-11-26 23:26:21 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2012-11-26 23:26:06 -------- d-----w- C:\Users\Calum\AppData\Local\Microsoft Help 2012-11-26 23:25:42 -------- d-----w- C:\Users\Calum\AppData\Local\Google 2012-11-26 22:45:07 -------- d-----w- C:\Users\Calum\AppData\Roaming\Sublime Text 2 2012-11-26 22:43:07 -------- d-----w- C:\Program Files\Sublime Text 2 2012-11-26 22:04:31 206528 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10186.bin 2012-11-26 22:03:42 -------- d-----w- C:\Users\Calum\AppData\Local\Macromedia 2012-11-26 21:52:13 -------- d-----w- C:\Intel 2012-11-26 21:48:30 -------- d-----w- C:\Users\Calum\AppData\Local\Mozilla 2012-11-26 21:48:00 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service 2012-11-26 21:46:15 -------- d-----w- C:\Users\Calum\AppData\Roaming\Malwarebytes 2012-11-26 21:46:12 -------- d-----w- C:\ProgramData\Malwarebytes 2012-11-26 21:46:11 25928 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys 2012-11-26 21:46:11 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-11-26 21:43:38 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin 2012-11-26 21:43:37 18528 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm2.bin 2012-11-26 21:34:07 -------- d-----w- C:\WINDOWS\Panther 2012-11-26 21:33:25 -------- d-sh--w- C:\Boot . ==================== Find3M ==================== . 2012-11-02 05:22:08 34304 ----a-w- C:\WINDOWS\SysWow64\wuapp.exe 2012-11-02 05:21:44 83968 ----a-w- C:\WINDOWS\SysWow64\wudriver.dll 2012-11-02 05:21:44 125952 ----a-w- C:\WINDOWS\SysWow64\wuwebv.dll 2012-11-02 05:21:28 246784 ----a-w- C:\WINDOWS\SysWow64\ubpm.dll 2012-11-02 05:20:31 39424 ----a-w- C:\WINDOWS\System32\wuapp.exe 2012-11-02 05:20:28 77824 ----a-w- C:\WINDOWS\System32\taskhost.exe 2012-11-02 05:20:28 72192 ----a-w- C:\WINDOWS\System32\taskhostex.exe 2012-11-02 05:20:10 141824 ----a-w- C:\WINDOWS\System32\wuwebv.dll 2012-11-02 05:20:09 251904 ----a-w- C:\WINDOWS\System32\WUSettingsProvider.dll 2012-11-02 05:20:09 17408 ----a-w- C:\WINDOWS\System32\wuaext.dll 2012-11-02 05:20:09 1619968 ----a-w- C:\WINDOWS\System32\wucltux.dll 2012-11-02 05:19:50 318464 ----a-w- C:\WINDOWS\System32\ubpm.dll 2012-11-02 05:01:27 99328 ----a-w- C:\WINDOWS\System32\wushareduxresources.dll 2012-11-02 04:55:32 212992 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys 2012-11-02 04:53:13 366080 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys 2012-10-29 05:04:47 522640 ----a-w- C:\WINDOWS\System32\AUDIOKSE.dll 2012-10-29 05:04:47 490064 ----a-w- C:\WINDOWS\System32\AudioEng.dll 2012-10-29 05:04:47 447792 ----a-w- C:\WINDOWS\System32\AudioSes.dll 2012-10-29 05:04:47 253512 ----a-w- C:\WINDOWS\System32\audiodg.exe 2012-10-29 03:21:53 1526784 ----a-w- C:\WINDOWS\System32\mfcore.dll 2012-10-29 03:21:21 267264 ----a-w- C:\WINDOWS\System32\EncDump.dll 2012-10-29 03:20:49 785920 ----a-w- C:\WINDOWS\System32\audiosrv.dll 2012-10-29 03:20:49 169472 ----a-w- C:\WINDOWS\System32\AudioEndpointBuilder.dll 2012-10-29 03:19:08 463768 ----a-w- C:\WINDOWS\SysWow64\AUDIOKSE.dll 2012-10-29 03:19:08 427568 ----a-w- C:\WINDOWS\SysWow64\AudioEng.dll 2012-10-29 03:19:08 324344 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll 2012-10-29 02:46:23 1451520 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll 2012-10-24 04:54:06 6972136 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe 2012-10-24 03:25:41 26624 ----a-w- C:\WINDOWS\System32\ReAgentc.exe 2012-10-24 03:24:42 439296 ----a-w- C:\WINDOWS\System32\ReAgent.dll 2012-10-24 03:06:12 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb 2012-10-24 02:48:12 24064 ----a-w- C:\WINDOWS\SysWow64\ReAgentc.exe 2012-10-24 02:47:29 371712 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll 2012-10-24 02:27:01 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb 2012-10-20 03:22:05 39936 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll 2012-10-20 02:44:53 431104 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll 2012-10-20 02:25:35 310784 ----a-w- C:\WINDOWS\apppatch\AcRes.dll 2012-10-19 04:59:28 4056576 ----a-w- C:\WINDOWS\System32\win32k.sys 2012-10-18 06:17:18 69864 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys 2012-10-18 03:20:46 10096640 ----a-w- C:\WINDOWS\System32\twinui.dll 2012-10-18 03:18:40 2302464 ----a-w- C:\WINDOWS\System32\authui.dll 2012-10-18 03:18:33 2146816 ----a-w- C:\WINDOWS\System32\actxprxy.dll 2012-10-18 02:44:38 2033664 ----a-w- C:\WINDOWS\SysWow64\authui.dll 2012-10-18 02:44:33 753664 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll 2012-10-17 04:32:52 1172992 ----a-w- C:\WINDOWS\System32\mfnetsrc.dll 2012-10-17 04:32:51 677888 ----a-w- C:\WINDOWS\System32\mfnetcore.dll 2012-10-17 04:32:51 673280 ----a-w- C:\WINDOWS\System32\mfmpeg2srcsnk.dll 2012-10-17 04:32:50 1048064 ----a-w- C:\WINDOWS\System32\mfasfsrcsnk.dll 2012-10-17 03:57:37 929792 ----a-w- C:\WINDOWS\SysWow64\mfnetsrc.dll 2012-10-17 03:57:37 568832 ----a-w- C:\WINDOWS\SysWow64\mfnetcore.dll 2012-10-17 03:57:37 513024 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll 2012-10-17 03:57:36 850944 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll 2012-10-12 08:08:01 27880 ----a-w- C:\WINDOWS\System32\drivers\rdpvideominiport.sys 2012-10-12 06:14:54 87040 ----a-w- C:\WINDOWS\System32\srmtrace.dll 2012-10-12 06:14:54 652800 ----a-w- C:\WINDOWS\System32\srmscan.dll 2012-10-12 06:14:54 30720 ----a-w- C:\WINDOWS\System32\srm_ps.dll 2012-10-12 06:14:54 279040 ----a-w- C:\WINDOWS\System32\srm.dll 2012-10-12 06:14:54 274432 ----a-w- C:\WINDOWS\System32\srmstormod.dll 2012-10-12 06:14:54 172032 ----a-w- C:\WINDOWS\System32\srmshell.dll 2012-10-12 06:14:54 1347072 ----a-w- C:\WINDOWS\System32\srmclient.dll 2012-10-12 06:14:54 134144 ----a-w- C:\WINDOWS\System32\adrclient.dll 2012-10-12 06:14:40 36352 ----a-w- C:\WINDOWS\System32\rfxvmt.dll 2012-10-12 06:14:39 3244032 ----a-w- C:\WINDOWS\System32\rdpcorets.dll 2012-10-12 06:14:34 115712 ----a-w- C:\WINDOWS\System32\wbem\PolicMan.dll 2012-10-12 06:13:32 109568 ----a-w- C:\WINDOWS\System32\dskquota.dll 2012-10-12 05:50:01 235520 ----a-w- C:\WINDOWS\System32\rdpudd.dll 2012-10-12 05:46:28 618496 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys 2012-10-12 05:41:02 987648 ----a-w- C:\WINDOWS\SysWow64\srmclient.dll 2012-10-12 05:41:02 68096 ----a-w- C:\WINDOWS\SysWow64\srmtrace.dll 2012-10-12 05:41:02 487936 ----a-w- C:\WINDOWS\SysWow64\srmscan.dll 2012-10-12 05:41:02 278528 ----a-w- C:\WINDOWS\SysWow64\srm.dll 2012-10-12 05:41:02 202240 ----a-w- C:\WINDOWS\SysWow64\srmstormod.dll 2012-10-12 05:41:02 15872 ----a-w- C:\WINDOWS\SysWow64\srm_ps.dll 2012-10-12 05:41:02 128000 ----a-w- C:\WINDOWS\SysWow64\srmshell.dll 2012-10-12 05:41:02 104448 ----a-w- C:\WINDOWS\SysWow64\adrclient.dll 2012-10-12 05:40:49 84992 ----a-w- C:\WINDOWS\SysWow64\wbem\PolicMan.dll 2012-10-12 05:39:54 82944 ----a-w- C:\WINDOWS\SysWow64\dskquota.dll 2012-10-11 07:47:18 793200 ----a-w- C:\WINDOWS\System32\mfplat.dll 2012-10-11 07:35:16 2380944 ----a-w- C:\WINDOWS\explorer.exe 2012-10-11 07:26:44 336104 ----a-w- C:\WINDOWS\System32\drivers\Classpnp.sys 2012-10-11 07:25:48 56552 ----a-w- C:\WINDOWS\System32\drivers\sdstor.sys 2012-10-11 07:23:33 1001192 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys 2012-10-11 07:23:32 441576 ----a-w- C:\WINDOWS\System32\drivers\netio.sys 2012-10-11 07:18:25 172264 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys 2012-10-11 07:16:20 1403784 ----a-w- C:\WINDOWS\System32\winload.efi 2012-10-11 07:16:20 1267424 ----a-w- C:\WINDOWS\System32\winload.exe 2012-10-11 07:16:20 1217328 ----a-w- C:\WINDOWS\System32\winresume.efi 2012-10-11 07:16:19 1093880 ----a-w- C:\WINDOWS\System32\winresume.exe 2012-10-11 07:13:54 194280 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys 2012-10-11 07:13:51 124648 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys 2012-10-11 07:13:49 58088 ----a-w- C:\WINDOWS\System32\drivers\dam.sys 2012-10-11 07:13:37 33512 ----a-w- C:\WINDOWS\System32\drivers\battc.sys 2012-10-11 07:08:41 562392 ----a-w- C:\WINDOWS\System32\drivers\cng.sys 2012-10-11 07:02:27 1636672 ----a-w- C:\WINDOWS\System32\WMALFXGFXDSP.dll 2012-10-11 07:01:47 503080 ----a-w- C:\WINDOWS\System32\ci.dll 2012-10-11 05:56:41 2115952 ----a-w- C:\WINDOWS\SysWow64\explorer.exe 2012-10-11 05:45:58 907776 ----a-w- C:\WINDOWS\System32\uxtheme.dll 2012-10-11 05:45:58 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll 2012-10-11 05:45:58 1045504 ----a-w- C:\WINDOWS\System32\usercpl.dll 2012-10-11 05:45:53 3554304 ----a-w- C:\WINDOWS\System32\tquery.dll . ============= FINISH: 18:52:52.77 =============== </orphaned></orphaned> attach.txt dds.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.