Jump to content

BitCoin Miner discovered


Recommended Posts

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

------->Your topic will be closed if you haven't replied within 3 days!<--------

Link to post
Share on other sites

Here is the RK report:

RogueKiller V8.2.3 [11/07/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website: http://tigzy.geekstogo.com/roguekiller.php

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : D [Admin rights]

Mode : Scan -- Date : 11/08/2012 19:40:57

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤

[TASK][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-1804918099-1875049135-4154871575-1002UA.job : C:\Users\D\AppData\Local\Google\Update\GoogleUpdate.exe -> FOUND

[TASK][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-1804918099-1875049135-4154871575-1002Core.job : C:\Users\D\AppData\Local\Google\Update\GoogleUpdate.exe -> FOUND

[TASK][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-1804918099-1875049135-4154871575-1002Core : C:\Users\D\AppData\Local\Google\Update\GoogleUpdate.exe /c -> FOUND

[TASK][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-1804918099-1875049135-4154871575-1002UA : C:\Users\D\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD50 00BPVT-55A1YT0 SATA Disk Device +++++

--- User ---

[MBR] 10c509676154ddd88fb8763d843b3091

[bSP] 700782a0c7cf193014bea9e1d19cc03b : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15589 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31928320 | Size: 350 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 32645120 | Size: 460997 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_11082012_02d1940.txt >>

RKreport[1]_S_11082012_02d1940.txt

Link to post
Share on other sites

Please read the directions carefully so you don't end up deleting something that is good!!

Please note that TDSSKiller can be run in safe mode if needed.

Here's a video that explains how to run it if needed:

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    clip.jpg
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
    Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose Skip.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here. There may be 3 logs > so post or attach all of them.
  • Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose Skip.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

~~~~~~~~~~~~~~~~~~~~

You can attach the logs if they're too long:

Bottom right corner of this page.

more-reply-options.jpg

New window that comes up.

choose-files1.jpg

MrC

Link to post
Share on other sites

Can you post the log showing the malware.

------------------------------

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites

Malware log:

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.11.02.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

D :: D-VAIO [administrator]

08/11/2012 20:45:39

mbam-log-2012-11-08 (22-57-02).txt

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 373489

Time elapsed: 2 hour(s), 11 minute(s), 5 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 2

C:\Users\D\Desktop\Hack\OFWGKTA\processing-2.0b5\modes\java\libraries\video\library\windows32\plugins\libgsth264parse.dll (PUP.BitCoinMiner) -> No action taken.

C:\Users\D\Desktop\Hack\OFWGKTA\processing-2.0b5\modes\java\libraries\video\library\windows32\plugins\libgstrawparse.dll (PUP.BitCoinMiner) -> No action taken.

(end)

Link to post
Share on other sites

Files Detected: 2

C:\Users\D\Desktop\Hack\OFWGKTA\processing-2.0b5\modes\java\libraries\video\library\windows32\plugins\libgsth264parse.dll (PUP.BitCoinMiner) -> No action taken.

C:\Users\D\Desktop\Hack\OFWGKTA\processing-2.0b5\modes\java\libraries\video\library\windows32\plugins\libgstrawparse.dll (PUP.BitCoinMiner) -> No action taken.

Can you have MB "Remove" these.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Did you run ComboFix and can you post the log, MrC

Link to post
Share on other sites

Combo Fix log:

ComboFix 12-11-08.01 - D 09/11/2012 9:12.2.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.3689.2074 [GMT 0:00]

Running from: c:\users\D\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

---- Previous Run -------

.

C:\install.exe

c:\windows\SysWow64\d2d1debug1.dll

.

----- File Replicators -----

.

c:\msysgit\bin\git-receive-pack.exe

c:\msysgit\bin\git-upload-archive.exe

c:\msysgit\bin\git.exe

c:\msysgit\git\git-add.exe

c:\msysgit\git\git-annotate.exe

c:\msysgit\git\git-apply.exe

c:\msysgit\git\git-archive.exe

c:\msysgit\git\git-bisect--helper.exe

c:\msysgit\git\git-blame.exe

c:\msysgit\git\git-branch.exe

c:\msysgit\git\git-bundle.exe

c:\msysgit\git\git-cat-file.exe

c:\msysgit\git\git-check-attr.exe

c:\msysgit\git\git-check-ref-format.exe

c:\msysgit\git\git-checkout-index.exe

c:\msysgit\git\git-checkout.exe

c:\msysgit\git\git-cherry-pick.exe

c:\msysgit\git\git-cherry.exe

c:\msysgit\git\git-clean.exe

c:\msysgit\git\git-clone.exe

c:\msysgit\git\git-column.exe

c:\msysgit\git\git-commit-tree.exe

c:\msysgit\git\git-commit.exe

c:\msysgit\git\git-config.exe

c:\msysgit\git\git-count-objects.exe

c:\msysgit\git\git-credential.exe

c:\msysgit\git\git-describe.exe

c:\msysgit\git\git-diff-files.exe

c:\msysgit\git\git-diff-index.exe

c:\msysgit\git\git-diff-tree.exe

c:\msysgit\git\git-diff.exe

c:\msysgit\git\git-fast-export.exe

c:\msysgit\git\git-fetch-pack.exe

c:\msysgit\git\git-fetch.exe

c:\msysgit\git\git-fmt-merge-msg.exe

c:\msysgit\git\git-for-each-ref.exe

c:\msysgit\git\git-format-patch.exe

c:\msysgit\git\git-fsck-objects.exe

c:\msysgit\git\git-fsck.exe

c:\msysgit\git\git-gc.exe

c:\msysgit\git\git-get-tar-commit-id.exe

c:\msysgit\git\git-grep.exe

c:\msysgit\git\git-hash-object.exe

c:\msysgit\git\git-help.exe

c:\msysgit\git\git-index-pack.exe

c:\msysgit\git\git-init-db.exe

c:\msysgit\git\git-init.exe

c:\msysgit\git\git-log.exe

c:\msysgit\git\git-ls-files.exe

c:\msysgit\git\git-ls-remote.exe

c:\msysgit\git\git-ls-tree.exe

c:\msysgit\git\git-mailinfo.exe

c:\msysgit\git\git-mailsplit.exe

c:\msysgit\git\git-merge-base.exe

c:\msysgit\git\git-merge-file.exe

c:\msysgit\git\git-merge-index.exe

c:\msysgit\git\git-merge-ours.exe

c:\msysgit\git\git-merge-recursive.exe

c:\msysgit\git\git-merge-subtree.exe

c:\msysgit\git\git-merge-tree.exe

c:\msysgit\git\git-merge.exe

c:\msysgit\git\git-mktag.exe

c:\msysgit\git\git-mktree.exe

c:\msysgit\git\git-mv.exe

c:\msysgit\git\git-name-rev.exe

c:\msysgit\git\git-notes.exe

c:\msysgit\git\git-pack-objects.exe

c:\msysgit\git\git-pack-redundant.exe

c:\msysgit\git\git-pack-refs.exe

c:\msysgit\git\git-patch-id.exe

c:\msysgit\git\git-peek-remote.exe

c:\msysgit\git\git-prune-packed.exe

c:\msysgit\git\git-prune.exe

c:\msysgit\git\git-push.exe

c:\msysgit\git\git-read-tree.exe

c:\msysgit\git\git-receive-pack.exe

c:\msysgit\git\git-reflog.exe

c:\msysgit\git\git-remote-ext.exe

c:\msysgit\git\git-remote-fd.exe

c:\msysgit\git\git-remote.exe

c:\msysgit\git\git-replace.exe

c:\msysgit\git\git-repo-config.exe

c:\msysgit\git\git-rerere.exe

c:\msysgit\git\git-reset.exe

c:\msysgit\git\git-rev-list.exe

c:\msysgit\git\git-rev-parse.exe

c:\msysgit\git\git-revert.exe

c:\msysgit\git\git-rm.exe

c:\msysgit\git\git-send-pack.exe

c:\msysgit\git\git-shortlog.exe

c:\msysgit\git\git-show-branch.exe

c:\msysgit\git\git-show-ref.exe

c:\msysgit\git\git-show.exe

c:\msysgit\git\git-stage.exe

c:\msysgit\git\git-status.exe

c:\msysgit\git\git-stripspace.exe

c:\msysgit\git\git-symbolic-ref.exe

c:\msysgit\git\git-tag.exe

c:\msysgit\git\git-tar-tree.exe

c:\msysgit\git\git-unpack-file.exe

c:\msysgit\git\git-unpack-objects.exe

c:\msysgit\git\git-update-index.exe

c:\msysgit\git\git-update-ref.exe

c:\msysgit\git\git-update-server-info.exe

c:\msysgit\git\git-upload-archive.exe

c:\msysgit\git\git-var.exe

c:\msysgit\git\git-verify-pack.exe

c:\msysgit\git\git-verify-tag.exe

c:\msysgit\git\git-whatchanged.exe

c:\msysgit\git\git-write-tree.exe

c:\msysgit\git\git.exe

c:\msysgit\libexec\git-core\git-add.exe

c:\msysgit\libexec\git-core\git-annotate.exe

c:\msysgit\libexec\git-core\git-apply.exe

c:\msysgit\libexec\git-core\git-archive.exe

c:\msysgit\libexec\git-core\git-bisect--helper.exe

c:\msysgit\libexec\git-core\git-blame.exe

c:\msysgit\libexec\git-core\git-branch.exe

c:\msysgit\libexec\git-core\git-bundle.exe

c:\msysgit\libexec\git-core\git-cat-file.exe

c:\msysgit\libexec\git-core\git-check-attr.exe

c:\msysgit\libexec\git-core\git-check-ref-format.exe

c:\msysgit\libexec\git-core\git-checkout-index.exe

c:\msysgit\libexec\git-core\git-checkout.exe

c:\msysgit\libexec\git-core\git-cherry-pick.exe

c:\msysgit\libexec\git-core\git-cherry.exe

c:\msysgit\libexec\git-core\git-clean.exe

c:\msysgit\libexec\git-core\git-clone.exe

c:\msysgit\libexec\git-core\git-column.exe

c:\msysgit\libexec\git-core\git-commit-tree.exe

c:\msysgit\libexec\git-core\git-commit.exe

c:\msysgit\libexec\git-core\git-config.exe

c:\msysgit\libexec\git-core\git-count-objects.exe

c:\msysgit\libexec\git-core\git-credential.exe

c:\msysgit\libexec\git-core\git-describe.exe

c:\msysgit\libexec\git-core\git-diff-files.exe

c:\msysgit\libexec\git-core\git-diff-index.exe

c:\msysgit\libexec\git-core\git-diff-tree.exe

c:\msysgit\libexec\git-core\git-diff.exe

c:\msysgit\libexec\git-core\git-fast-export.exe

c:\msysgit\libexec\git-core\git-fetch-pack.exe

c:\msysgit\libexec\git-core\git-fetch.exe

c:\msysgit\libexec\git-core\git-fmt-merge-msg.exe

c:\msysgit\libexec\git-core\git-for-each-ref.exe

c:\msysgit\libexec\git-core\git-format-patch.exe

c:\msysgit\libexec\git-core\git-fsck-objects.exe

c:\msysgit\libexec\git-core\git-fsck.exe

c:\msysgit\libexec\git-core\git-gc.exe

c:\msysgit\libexec\git-core\git-get-tar-commit-id.exe

c:\msysgit\libexec\git-core\git-grep.exe

c:\msysgit\libexec\git-core\git-hash-object.exe

c:\msysgit\libexec\git-core\git-help.exe

c:\msysgit\libexec\git-core\git-index-pack.exe

c:\msysgit\libexec\git-core\git-init-db.exe

c:\msysgit\libexec\git-core\git-init.exe

c:\msysgit\libexec\git-core\git-log.exe

c:\msysgit\libexec\git-core\git-ls-files.exe

c:\msysgit\libexec\git-core\git-ls-remote.exe

c:\msysgit\libexec\git-core\git-ls-tree.exe

c:\msysgit\libexec\git-core\git-mailinfo.exe

c:\msysgit\libexec\git-core\git-mailsplit.exe

c:\msysgit\libexec\git-core\git-merge-base.exe

c:\msysgit\libexec\git-core\git-merge-file.exe

c:\msysgit\libexec\git-core\git-merge-index.exe

c:\msysgit\libexec\git-core\git-merge-ours.exe

c:\msysgit\libexec\git-core\git-merge-recursive.exe

c:\msysgit\libexec\git-core\git-merge-subtree.exe

c:\msysgit\libexec\git-core\git-merge-tree.exe

c:\msysgit\libexec\git-core\git-merge.exe

c:\msysgit\libexec\git-core\git-mktag.exe

c:\msysgit\libexec\git-core\git-mktree.exe

c:\msysgit\libexec\git-core\git-mv.exe

c:\msysgit\libexec\git-core\git-name-rev.exe

c:\msysgit\libexec\git-core\git-notes.exe

c:\msysgit\libexec\git-core\git-pack-objects.exe

c:\msysgit\libexec\git-core\git-pack-redundant.exe

c:\msysgit\libexec\git-core\git-pack-refs.exe

c:\msysgit\libexec\git-core\git-patch-id.exe

c:\msysgit\libexec\git-core\git-peek-remote.exe

c:\msysgit\libexec\git-core\git-prune-packed.exe

c:\msysgit\libexec\git-core\git-prune.exe

c:\msysgit\libexec\git-core\git-push.exe

c:\msysgit\libexec\git-core\git-read-tree.exe

c:\msysgit\libexec\git-core\git-receive-pack.exe

c:\msysgit\libexec\git-core\git-reflog.exe

c:\msysgit\libexec\git-core\git-remote-ext.exe

c:\msysgit\libexec\git-core\git-remote-fd.exe

c:\msysgit\libexec\git-core\git-remote.exe

c:\msysgit\libexec\git-core\git-replace.exe

c:\msysgit\libexec\git-core\git-repo-config.exe

c:\msysgit\libexec\git-core\git-rerere.exe

c:\msysgit\libexec\git-core\git-reset.exe

c:\msysgit\libexec\git-core\git-rev-list.exe

c:\msysgit\libexec\git-core\git-rev-parse.exe

c:\msysgit\libexec\git-core\git-revert.exe

c:\msysgit\libexec\git-core\git-rm.exe

c:\msysgit\libexec\git-core\git-send-pack.exe

c:\msysgit\libexec\git-core\git-shortlog.exe

c:\msysgit\libexec\git-core\git-show-branch.exe

c:\msysgit\libexec\git-core\git-show-ref.exe

c:\msysgit\libexec\git-core\git-show.exe

c:\msysgit\libexec\git-core\git-stage.exe

c:\msysgit\libexec\git-core\git-status.exe

c:\msysgit\libexec\git-core\git-stripspace.exe

c:\msysgit\libexec\git-core\git-symbolic-ref.exe

c:\msysgit\libexec\git-core\git-tag.exe

c:\msysgit\libexec\git-core\git-tar-tree.exe

c:\msysgit\libexec\git-core\git-unpack-file.exe

c:\msysgit\libexec\git-core\git-unpack-objects.exe

c:\msysgit\libexec\git-core\git-update-index.exe

c:\msysgit\libexec\git-core\git-update-ref.exe

c:\msysgit\libexec\git-core\git-update-server-info.exe

c:\msysgit\libexec\git-core\git-upload-archive.exe

c:\msysgit\libexec\git-core\git-var.exe

c:\msysgit\libexec\git-core\git-verify-pack.exe

c:\msysgit\libexec\git-core\git-verify-tag.exe

c:\msysgit\libexec\git-core\git-whatchanged.exe

c:\msysgit\libexec\git-core\git-write-tree.exe

c:\msysgit\libexec\git-core\git.exe

c:\program files (x86)\Git\bin\git.exe

c:\program files (x86)\Git\libexec\git-core\git-add.exe

c:\program files (x86)\Git\libexec\git-core\git-annotate.exe

c:\program files (x86)\Git\libexec\git-core\git-apply.exe

c:\program files (x86)\Git\libexec\git-core\git-archive.exe

c:\program files (x86)\Git\libexec\git-core\git-bisect--helper.exe

c:\program files (x86)\Git\libexec\git-core\git-blame.exe

c:\program files (x86)\Git\libexec\git-core\git-branch.exe

c:\program files (x86)\Git\libexec\git-core\git-bundle.exe

c:\program files (x86)\Git\libexec\git-core\git-cat-file.exe

c:\program files (x86)\Git\libexec\git-core\git-check-attr.exe

c:\program files (x86)\Git\libexec\git-core\git-check-ref-format.exe

c:\program files (x86)\Git\libexec\git-core\git-checkout-index.exe

c:\program files (x86)\Git\libexec\git-core\git-checkout.exe

c:\program files (x86)\Git\libexec\git-core\git-cherry-pick.exe

c:\program files (x86)\Git\libexec\git-core\git-cherry.exe

c:\program files (x86)\Git\libexec\git-core\git-clean.exe

c:\program files (x86)\Git\libexec\git-core\git-clone.exe

c:\program files (x86)\Git\libexec\git-core\git-column.exe

c:\program files (x86)\Git\libexec\git-core\git-commit-tree.exe

c:\program files (x86)\Git\libexec\git-core\git-commit.exe

c:\program files (x86)\Git\libexec\git-core\git-config.exe

c:\program files (x86)\Git\libexec\git-core\git-count-objects.exe

c:\program files (x86)\Git\libexec\git-core\git-credential.exe

c:\program files (x86)\Git\libexec\git-core\git-describe.exe

c:\program files (x86)\Git\libexec\git-core\git-diff-files.exe

c:\program files (x86)\Git\libexec\git-core\git-diff-index.exe

c:\program files (x86)\Git\libexec\git-core\git-diff-tree.exe

c:\program files (x86)\Git\libexec\git-core\git-diff.exe

c:\program files (x86)\Git\libexec\git-core\git-fast-export.exe

c:\program files (x86)\Git\libexec\git-core\git-fetch-pack.exe

c:\program files (x86)\Git\libexec\git-core\git-fetch.exe

c:\program files (x86)\Git\libexec\git-core\git-fmt-merge-msg.exe

c:\program files (x86)\Git\libexec\git-core\git-for-each-ref.exe

c:\program files (x86)\Git\libexec\git-core\git-format-patch.exe

c:\program files (x86)\Git\libexec\git-core\git-fsck-objects.exe

c:\program files (x86)\Git\libexec\git-core\git-fsck.exe

c:\program files (x86)\Git\libexec\git-core\git-gc.exe

c:\program files (x86)\Git\libexec\git-core\git-get-tar-commit-id.exe

c:\program files (x86)\Git\libexec\git-core\git-grep.exe

c:\program files (x86)\Git\libexec\git-core\git-hash-object.exe

c:\program files (x86)\Git\libexec\git-core\git-help.exe

c:\program files (x86)\Git\libexec\git-core\git-index-pack.exe

c:\program files (x86)\Git\libexec\git-core\git-init-db.exe

c:\program files (x86)\Git\libexec\git-core\git-init.exe

c:\program files (x86)\Git\libexec\git-core\git-log.exe

c:\program files (x86)\Git\libexec\git-core\git-ls-files.exe

c:\program files (x86)\Git\libexec\git-core\git-ls-remote.exe

c:\program files (x86)\Git\libexec\git-core\git-ls-tree.exe

c:\program files (x86)\Git\libexec\git-core\git-mailinfo.exe

c:\program files (x86)\Git\libexec\git-core\git-mailsplit.exe

c:\program files (x86)\Git\libexec\git-core\git-merge-base.exe

c:\program files (x86)\Git\libexec\git-core\git-merge-file.exe

c:\program files (x86)\Git\libexec\git-core\git-merge-index.exe

c:\program files (x86)\Git\libexec\git-core\git-merge-ours.exe

c:\program files (x86)\Git\libexec\git-core\git-merge-recursive.exe

c:\program files (x86)\Git\libexec\git-core\git-merge-subtree.exe

c:\program files (x86)\Git\libexec\git-core\git-merge-tree.exe

c:\program files (x86)\Git\libexec\git-core\git-merge.exe

c:\program files (x86)\Git\libexec\git-core\git-mktag.exe

c:\program files (x86)\Git\libexec\git-core\git-mktree.exe

c:\program files (x86)\Git\libexec\git-core\git-mv.exe

c:\program files (x86)\Git\libexec\git-core\git-name-rev.exe

c:\program files (x86)\Git\libexec\git-core\git-notes.exe

c:\program files (x86)\Git\libexec\git-core\git-pack-objects.exe

c:\program files (x86)\Git\libexec\git-core\git-pack-redundant.exe

c:\program files (x86)\Git\libexec\git-core\git-pack-refs.exe

c:\program files (x86)\Git\libexec\git-core\git-patch-id.exe

c:\program files (x86)\Git\libexec\git-core\git-peek-remote.exe

c:\program files (x86)\Git\libexec\git-core\git-prune-packed.exe

c:\program files (x86)\Git\libexec\git-core\git-prune.exe

c:\program files (x86)\Git\libexec\git-core\git-push.exe

c:\program files (x86)\Git\libexec\git-core\git-read-tree.exe

c:\program files (x86)\Git\libexec\git-core\git-receive-pack.exe

c:\program files (x86)\Git\libexec\git-core\git-reflog.exe

c:\program files (x86)\Git\libexec\git-core\git-remote-ext.exe

c:\program files (x86)\Git\libexec\git-core\git-remote-fd.exe

c:\program files (x86)\Git\libexec\git-core\git-remote.exe

c:\program files (x86)\Git\libexec\git-core\git-replace.exe

c:\program files (x86)\Git\libexec\git-core\git-repo-config.exe

c:\program files (x86)\Git\libexec\git-core\git-rerere.exe

c:\program files (x86)\Git\libexec\git-core\git-reset.exe

c:\program files (x86)\Git\libexec\git-core\git-rev-list.exe

c:\program files (x86)\Git\libexec\git-core\git-rev-parse.exe

c:\program files (x86)\Git\libexec\git-core\git-revert.exe

c:\program files (x86)\Git\libexec\git-core\git-rm.exe

c:\program files (x86)\Git\libexec\git-core\git-send-pack.exe

c:\program files (x86)\Git\libexec\git-core\git-shortlog.exe

c:\program files (x86)\Git\libexec\git-core\git-show-branch.exe

c:\program files (x86)\Git\libexec\git-core\git-show-ref.exe

c:\program files (x86)\Git\libexec\git-core\git-show.exe

c:\program files (x86)\Git\libexec\git-core\git-stage.exe

c:\program files (x86)\Git\libexec\git-core\git-status.exe

c:\program files (x86)\Git\libexec\git-core\git-stripspace.exe

c:\program files (x86)\Git\libexec\git-core\git-symbolic-ref.exe

c:\program files (x86)\Git\libexec\git-core\git-tag.exe

c:\program files (x86)\Git\libexec\git-core\git-tar-tree.exe

c:\program files (x86)\Git\libexec\git-core\git-unpack-file.exe

c:\program files (x86)\Git\libexec\git-core\git-unpack-objects.exe

c:\program files (x86)\Git\libexec\git-core\git-update-index.exe

c:\program files (x86)\Git\libexec\git-core\git-update-ref.exe

c:\program files (x86)\Git\libexec\git-core\git-update-server-info.exe

c:\program files (x86)\Git\libexec\git-core\git-upload-archive.exe

c:\program files (x86)\Git\libexec\git-core\git-var.exe

c:\program files (x86)\Git\libexec\git-core\git-verify-pack.exe

c:\program files (x86)\Git\libexec\git-core\git-verify-tag.exe

c:\program files (x86)\Git\libexec\git-core\git-whatchanged.exe

c:\program files (x86)\Git\libexec\git-core\git-write-tree.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-10-09 to 2012-11-09 )))))))))))))))))))))))))))))))

.

.

2012-11-09 10:35 . 2012-11-09 10:35 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-11-08 19:12 . 2012-11-08 19:12 -------- d-----w- c:\users\D\AppData\Roaming\AVG2013

2012-11-08 19:11 . 2012-11-08 19:11 -------- d-----w- c:\users\D\AppData\Roaming\TuneUp Software

2012-11-08 19:10 . 2012-11-08 19:11 -------- d-----w- c:\programdata\AVG2013

2012-11-08 19:10 . 2012-11-08 19:10 -------- d-----w- C:\$AVG

2012-11-08 19:09 . 2012-11-08 19:09 -------- d-----w- c:\program files (x86)\AVG

2012-11-08 19:05 . 2012-11-09 09:06 -------- d-----w- c:\programdata\MFAData

2012-11-08 19:05 . 2012-11-08 19:18 -------- d-----w- c:\users\D\AppData\Local\Avg2013

2012-11-08 19:05 . 2012-11-08 19:05 -------- d--h--w- c:\programdata\Common Files

2012-11-08 19:05 . 2012-11-08 19:05 -------- d-----w- c:\users\D\AppData\Local\MFAData

2012-11-08 17:32 . 2012-11-08 17:32 -------- d-----w- c:\program files\Microsoft Synchronization Services

2012-11-08 17:32 . 2012-11-08 17:32 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services

2012-11-08 17:31 . 2012-11-08 17:31 112832 ----a-w- c:\programdata\Microsoft\VCExpress\10.0\1033\ResourceCache.dll

2012-11-08 17:27 . 2012-11-08 17:28 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 10.0

2012-11-08 17:26 . 2012-11-08 17:26 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0

2012-11-08 17:26 . 2012-11-08 17:26 -------- d-----w- c:\program files\Microsoft Help Viewer

2012-10-31 10:48 . 2012-10-31 10:48 -------- d-----w- c:\users\D\AppData\Roaming\Arduino

2012-10-24 14:50 . 2012-10-25 17:23 -------- d-----w- c:\users\D\AppData\Roaming\Processing

2012-10-23 15:17 . 2012-10-23 15:17 -------- d-----w- c:\windows\SysWow64\N360_BACKUP

2012-10-23 14:43 . 2012-10-23 14:43 -------- d-----w- c:\users\D\AppData\Roaming\Microsoft FxCop

2012-10-23 14:17 . 2012-10-23 14:17 -------- d-----w- c:\users\D\AppData\Roaming\NuGet

2012-10-23 13:34 . 2012-10-23 13:34 1066368 ----a-w- c:\programdata\Microsoft\WDExpress\11.0\1033\ResourceCache.dll

2012-10-23 13:32 . 2012-10-23 13:32 -------- d-----w- c:\program files (x86)\NuGet

2012-10-23 13:29 . 2012-10-23 13:29 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules

2012-10-23 13:27 . 2012-10-23 13:27 -------- d-----w- c:\windows\symbols

2012-10-23 13:24 . 2012-10-23 13:24 -------- d-----w- c:\program files (x86)\Common Files\Microsoft

2012-10-23 13:24 . 2012-10-23 13:24 -------- d-----w- c:\program files (x86)\Windows Kits

2012-10-23 13:19 . 2012-10-23 13:19 -------- d-----w- c:\program files (x86)\Microsoft Help Viewer

2012-10-23 13:18 . 2012-10-23 13:18 -------- d-----w- c:\program files (x86)\Microsoft SDKs

2012-10-23 13:17 . 2012-10-23 13:17 -------- d-----w- c:\windows\SysWow64\1033

2012-10-23 13:17 . 2012-10-23 13:17 -------- d-----w- c:\windows\system32\1033

2012-10-23 13:17 . 2012-10-23 13:32 -------- d-----w- c:\program files (x86)\Microsoft SQL Server

2012-10-23 13:17 . 2012-10-23 13:31 -------- d-----w- c:\program files\Microsoft SQL Server

2012-10-23 13:16 . 2012-11-08 17:32 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2012-10-23 13:14 . 2012-10-23 13:22 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 11.0

2012-10-23 12:50 . 2012-10-23 12:55 -------- d-----w- c:\programdata\Package Cache

2012-10-23 12:50 . 2012-10-23 12:50 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft

2012-10-23 12:19 . 2012-10-23 12:37 -------- d-----w- C:\msysgit

2012-10-23 12:18 . 2012-10-23 12:18 -------- d-----w- c:\users\D\New folder

2012-10-23 11:44 . 2012-10-23 11:45 -------- d-----w- c:\program files (x86)\Git

2012-10-23 11:42 . 2012-10-23 11:42 -------- d-----w- c:\users\D\AppData\Local\Programs

2012-10-22 16:22 . 2012-11-02 14:05 -------- d-----w- c:\program files (x86)\Common Files\Adobe

2012-10-22 16:13 . 2012-09-24 22:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-10-22 15:31 . 2012-10-22 15:31 -------- d-----w- C:\AMD

2012-10-22 14:50 . 2012-10-24 17:48 -------- d-----w- c:\users\D\AppData\Roaming\Tropico 3

2012-10-22 14:48 . 2012-10-22 14:50 -------- d-----w- c:\program files (x86)\GOG.com

2012-10-22 13:02 . 2012-10-22 13:02 154464 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys

2012-10-15 03:48 . 2012-10-15 03:48 63328 ----a-w- c:\windows\system32\drivers\avgidsha.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-11 02:06 . 2012-08-15 07:41 65309168 ----a-w- c:\windows\system32\MRT.exe

2012-10-09 17:06 . 2012-09-24 16:50 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-10-09 17:06 . 2012-09-24 16:50 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-10-05 03:32 . 2012-10-05 03:32 111456 ----a-w- c:\windows\system32\drivers\avgmfx64.sys

2012-10-02 03:30 . 2012-10-02 03:30 185696 ----a-w- c:\windows\system32\drivers\avgldx64.sys

2012-09-29 18:54 . 2012-08-15 07:38 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-09-24 11:16 . 2012-09-24 11:17 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-09-24 11:16 . 2012-05-08 04:27 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-09-21 03:46 . 2012-09-21 03:46 200032 ----a-w- c:\windows\system32\drivers\avgtdia.sys

2012-09-21 03:46 . 2012-09-21 03:46 225120 ----a-w- c:\windows\system32\drivers\avgloga.sys

2012-09-14 19:19 . 2012-10-10 08:52 2048 ----a-w- c:\windows\system32\tzres.dll

2012-09-14 18:28 . 2012-10-10 08:52 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2012-09-14 03:05 . 2012-09-14 03:05 40800 ----a-w- c:\windows\system32\drivers\avgrkx64.sys

2012-08-31 18:19 . 2012-10-10 08:54 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys

2012-08-30 18:03 . 2012-10-10 08:54 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-08-30 17:12 . 2012-10-10 08:54 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-08-30 17:12 . 2012-10-10 08:54 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-08-28 14:32 . 2012-08-28 19:19 54728 ----a-w- c:\windows\system32\drivers\Soluto.sys

2012-08-24 18:05 . 2012-10-10 08:53 220160 ----a-w- c:\windows\system32\wintrust.dll

2012-08-24 16:57 . 2012-10-10 08:53 172544 ----a-w- c:\windows\SysWow64\wintrust.dll

2012-08-24 11:15 . 2012-09-24 02:01 17810944 ----a-w- c:\windows\system32\mshtml.dll

2012-08-24 10:39 . 2012-09-24 02:01 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-08-24 10:31 . 2012-09-24 02:01 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-08-24 10:22 . 2012-09-24 02:01 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-08-24 10:21 . 2012-09-24 02:01 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-08-24 10:20 . 2012-09-24 02:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-08-24 10:18 . 2012-09-24 02:01 237056 ----a-w- c:\windows\system32\url.dll

2012-08-24 10:17 . 2012-09-24 02:01 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-08-24 10:14 . 2012-09-24 02:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-08-24 10:14 . 2012-09-24 02:01 816640 ----a-w- c:\windows\system32\jscript.dll

2012-08-24 10:13 . 2012-09-24 02:01 599040 ----a-w- c:\windows\system32\vbscript.dll

2012-08-24 10:12 . 2012-09-24 02:01 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-08-24 10:11 . 2012-09-24 02:01 729088 ----a-w- c:\windows\system32\msfeeds.dll

2012-08-24 10:10 . 2012-09-24 02:01 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-08-24 10:09 . 2012-09-24 02:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-08-24 10:04 . 2012-09-24 02:01 248320 ----a-w- c:\windows\system32\ieui.dll

2012-08-24 06:59 . 2012-09-24 02:01 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-08-24 06:51 . 2012-09-24 02:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-08-24 06:51 . 2012-09-24 02:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-08-24 06:47 . 2012-09-24 02:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-08-24 06:47 . 2012-09-24 02:01 420864 ----a-w- c:\windows\SysWow64\vbscript.dll

2012-08-24 06:43 . 2012-09-24 02:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-08-22 18:12 . 2012-09-12 12:48 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-08-22 18:12 . 2012-09-12 12:48 950128 ----a-w- c:\windows\system32\drivers\ndis.sys

2012-08-22 18:12 . 2012-09-12 12:48 376688 ----a-w- c:\windows\system32\drivers\netio.sys

2012-08-22 18:12 . 2012-09-12 12:48 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-08-21 21:01 . 2012-09-26 08:11 245760 ----a-w- c:\windows\system32\OxpsConverter.exe

2012-08-20 18:48 . 2012-10-10 08:54 362496 ----a-w- c:\windows\system32\wow64win.dll

2012-08-20 18:48 . 2012-10-10 08:54 243200 ----a-w- c:\windows\system32\wow64.dll

2012-08-20 18:48 . 2012-10-10 08:54 13312 ----a-w- c:\windows\system32\wow64cpu.dll

2012-08-20 18:48 . 2012-10-10 08:54 215040 ----a-w- c:\windows\system32\winsrv.dll

2012-08-20 18:48 . 2012-10-10 08:54 16384 ----a-w- c:\windows\system32\ntvdm64.dll

2012-08-20 18:48 . 2012-10-10 08:54 424448 ----a-w- c:\windows\system32\KernelBase.dll

2012-08-20 18:48 . 2012-10-10 08:54 1162240 ----a-w- c:\windows\system32\kernel32.dll

2012-08-20 18:46 . 2012-10-10 08:54 338432 ----a-w- c:\windows\system32\conhost.exe

2012-08-20 18:38 . 2012-10-10 08:54 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2012-08-20 18:38 . 2012-10-10 08:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll

2012-08-20 17:40 . 2012-10-10 08:54 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll

2012-08-20 17:38 . 2012-10-10 08:54 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2012-08-20 17:38 . 2012-10-10 08:54 25600 ----a-w- c:\windows\SysWow64\setup16.exe

2012-08-20 17:37 . 2012-10-10 08:54 5120 ----a-w- c:\windows\SysWow64\wow32.dll

2012-08-20 17:37 . 2012-10-10 08:54 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll

2012-08-20 17:32 . 2012-10-10 08:54 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 08:54 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 08:54 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 08:54 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 08:54 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 08:54 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 08:54 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 08:54 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 08:54 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 08:54 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 08:54 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll

2012-08-20 17:32 . 2012-10-10 08:54 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-11-06 3143800]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 0087401344948174mcinstcleanup;McAfee Application Installer Cleanup (0087401344948174);c:\users\D\AppData\Local\Temp\008740~1.EXE [x]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-06 5814392]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]

R3 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-12 235520]

R3 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-03-06 361984]

R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [2012-03-29 52352]

R3 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2012-03-29 107648]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]

R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [2012-03-21 112256]

R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

R3 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-03-02 2429544]

R3 lehidmini;Bluetooth Low Energy Hid Device;c:\windows\system32\drivers\leath_hid.sys [2012-03-29 36608]

R3 MOBK649backup;McAfee Online Backup Service;c:\program files (x86)\McAfee Online Backup\MOBK649backup.exe [2011-04-18 223544]

R3 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-02-21 473960]

R3 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-11-30 260768]

R3 SmbDrv;SmbDrv;c:\windows\system32\drivers\Smb_driver.sys [2012-04-12 21264]

R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-01-06 138392]

R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-01-06 74904]

R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-01 289952]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]

R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2012-01-10 535688]

R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]

R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]

R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-12-21 382720]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-08-26 101600]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-15 1255736]

R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]

R3 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-03-29 163456]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [2012-03-28 82048]

S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [2012-03-28 42624]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]

S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]

S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-10-05 111456]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]

S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys [2012-08-28 54728]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0604000.009\SYMDS64.SYS [2012-03-29 451192]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0604000.009\SYMEFA64.SYS [2012-05-22 1129120]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20121030.002\BHDrvx64.sys [2012-10-05 1385632]

S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys [2012-06-07 167072]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20121107.001\IDSvia64.sys [2012-09-01 513184]

S1 MOBK649Filter;MOBK649Filter;c:\windows\system32\DRIVERS\MOBK649.sys [2011-04-18 66040]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS [2012-03-29 190072]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0604000.009\SYMNETS.SYS [2012-03-29 405624]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]

S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe [2012-06-16 138272]

S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2012-08-28 598032]

S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\drivers\amdhub30.sys [2012-04-12 103552]

S3 amdiox64;AMD IO Driver;c:\windows\system32\drivers\amdiox64.sys [2010-02-18 46136]

S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\drivers\amdxhc.sys [2012-04-12 220288]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]

S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2012-03-29 36480]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-04-12 95248]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2012-03-29 340608]

S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2012-03-29 111232]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [2012-03-29 30848]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [2012-03-29 168064]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2012-03-29 68736]

S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [2012-03-29 281472]

S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2012-03-29 550528]

S3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-14 138912]

S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2012-03-02 340072]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-03-02 676968]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2012-01-16 14336]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2012-04-12 56448]

S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2012-01-20 54432]

S3 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2012-03-26 978056]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 10610568

*NewlyCreated* - 56335879

*NewlyCreated* - AVGIDSHA

*Deregistered* - 10610568

*Deregistered* - 56335879

.

Contents of the 'Scheduled Tasks' folder

.

2012-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-24 17:06]

.

2012-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1804918099-1875049135-4154871575-1002Core.job

- c:\users\D\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-14 12:16]

.

2012-11-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1804918099-1875049135-4154871575-1002UA.job

- c:\users\D\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-14 12:16]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK649]

@="{7d7a9cff-a4c1-f2b8-7421-c722f7eac08a}"

[HKEY_CLASSES_ROOT\CLSID\{7d7a9cff-a4c1-f2b8-7421-c722f7eac08a}]

2011-04-18 21:00 4734264 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK6492]

@="{658e5c17-2ba4-ed79-d884-37ebe15e7b9b}"

[HKEY_CLASSES_ROOT\CLSID\{658e5c17-2ba4-ed79-d884-37ebe15e7b9b}]

2011-04-18 21:00 4734264 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK6493]

@="{22f1b264-d4dd-ef46-08eb-3eb0c80441ba}"

[HKEY_CLASSES_ROOT\CLSID\{22f1b264-d4dd-ef46-08eb-3eb0c80441ba}]

2011-04-18 21:00 4734264 ----a-w- c:\program files (x86)\McAfee Online Backup\MOBK649shell.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-04-12 1158248]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://vaioportal.sony.eu

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = <local>

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.1.254

.

- - - - ORPHANS REMOVED - - - -

.

SafeBoot-56335879.sys

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]

"ImagePath"="\"c:\program files (x86)\Norton 360\Engine\6.4.0.9\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\6.4.0.9\diMaster.dll\" /prefetch:1"

--

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&_\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 &_ Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-11-09 10:39:59

ComboFix-quarantined-files.txt 2012-11-09 10:39

.

Pre-Run: 402,790,477,824 bytes free

Post-Run: 402,169,495,552 bytes free

.

- - End Of File - - 5BBD2FB13350BD714307C6B5B174D809

Link to post
Share on other sites

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

~~~~~~~~~~~~~~~~~

Next.....

Please download AdwCleaner from here and save it on your Desktop.

  1. Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
  2. Now click on the Search tab.
  3. Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

MrC

Link to post
Share on other sites

Log attached.

# AdwCleaner v2.007 - Logfile created 11/09/2012 at 13:28:19

# Updated 06/11/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : D - D-VAIO

# Boot Mode : Normal

# Running from : C:\Users\D\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.64

File : C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [738 octets] - [09/11/2012 13:28:19]

########## EOF - C:\AdwCleaner[R1].txt - [797 octets] ##########

Link to post
Share on other sites

Did your run Malwarebytes? Log?

~~~~~~~~~~~~~~~~~~~~~~~~

  1. Please re-run AdwCleaner
  2. Click on Delete button.
  3. Confirm each time with OK if asked.
  4. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

MrC

Link to post
Share on other sites

Have we broken it?

I don't see how???

System restore didn't work either??

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender

    [*]Press "Scan".

    [*]It will create a log (FSS.txt) in the same directory the tool is run.

    [*]Please copy and paste the log to your reply.

MrC

Link to post
Share on other sites

Farbar Service Scanner Version: 09-11-2012

Ran by D (administrator) on 09-11-2012 at 20:06:16

Running from "C:\Users\D\Desktop"

Windows 7 Home Premium Service Pack 1 (X64)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Google.com is accessible.

Yahoo IP is accessible.

Yahoo.com is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

System Restore:

============

System Restore Disabled Policy:

========================

Action Center:

============

Windows Update:

============

Windows Autoupdate Disabled Policy:

============================

Windows Defender:

==============

WinDefend Service is not running. Checking service configuration:

The start type of WinDefend service is set to Demand. The default start type is Auto.

The ImagePath of WinDefend service is OK.

The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:

==========================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]

"DisableAntiSpyware"=DWORD:1

Other Services:

==============

File Check:

========

C:\Windows\System32\nsisvc.dll => MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit

C:\Windows\System32\dhcpcore.dll => MD5 is legit

C:\Windows\System32\drivers\afd.sys => MD5 is legit

C:\Windows\System32\drivers\tdx.sys => MD5 is legit

C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\System32\dnsrslvr.dll => MD5 is legit

C:\Windows\System32\mpssvc.dll => MD5 is legit

C:\Windows\System32\bfe.dll => MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit

C:\Windows\System32\SDRSVC.dll => MD5 is legit

C:\Windows\System32\vssvc.exe => MD5 is legit

C:\Windows\System32\wscsvc.dll => MD5 is legit

C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\System32\wuaueng.dll => MD5 is legit

C:\Windows\System32\qmgr.dll => MD5 is legit

C:\Windows\System32\es.dll => MD5 is legit

C:\Windows\System32\cryptsvc.dll => MD5 is legit

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit

C:\Windows\System32\ipnathlp.dll => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.