Suspected Key-logger-compromised account

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

helpvirusme

Thread Starter
Joined
Jun 5, 2012
Messages
1
Hi, please look over the following logs, I had a game account compromised and I can find no key-logger or any malicious programs, any help appreciated.


Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i7-2720QM CPU @ 2.20GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 8
RAM: 16361 Mb
Graphics Card: NVIDIA GeForce GTX 580M, -2048 Mb
Hard Drives: C: Total - 114220 MB, Free - 63002 MB; D: Total - 715401 MB, Free - 224201 MB;
Motherboard: CLEVO, P170HMx
Antivirus: Microsoft Security Essentials, Disabled


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:54:59, on 05/06/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6288 bytes

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Vulcan at 22:55:51 on 2012-06-05
Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.16361.14802 [GMT 2:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Protector Suite\upeksvr.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
TB: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
LSA: Notification Packages = scecli C:\Program Files\Protector Suite\psqlpwd.dll
BHO-X64: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-X64: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
TB-X64: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-2-25 13592]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-2-25 2656280]
S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;C:\Windows\system32\DRIVERS\BazisVirtualCDBus.sys --> C:\Windows\system32\DRIVERS\BazisVirtualCDBus.sys [?]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\Windows\system32\DRIVERS\ladfGSCamd64.sys --> C:\Windows\system32\DRIVERS\ladfGSCamd64.sys [?]
S3 LADF_RenderOnly;LADF Render Filter Driver;C:\Windows\system32\DRIVERS\ladfGSRamd64.sys --> C:\Windows\system32\DRIVERS\ladfGSRamd64.sys [?]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\Windows\system32\DRIVERS\LGSHidFilt.Sys --> C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [?]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?]
S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 teVirtualMIDI64;teVirtualMIDI - Virtual MIDI Driver x64;C:\Windows\system32\DRIVERS\teVirtualMIDI64.sys --> C:\Windows\system32\DRIVERS\teVirtualMIDI64.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VBoxUSB;VirtualBox USB;C:\Windows\system32\Drivers\VBoxUSB.sys --> C:\Windows\system32\Drivers\VBoxUSB.sys [?]
S3 vJoyMobiMotion;vJoy Device for MobiMotion;C:\Windows\system32\DRIVERS\vJoyMobiMotion.sys --> C:\Windows\system32\DRIVERS\vJoyMobiMotion.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-11 654408]
S4 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-4-6 2348352]
S4 RsFx0105;RsFx0105 Driver;C:\Windows\system32\DRIVERS\RsFx0105.sys --> C:\Windows\system32\DRIVERS\RsFx0105.sys [?]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]
.
=============== Created Last 30 ================
.
2012-06-05 20:26:37 -------- d-----w- C:\Users\Vulcan\AppData\Local\{EFC85208-DFE0-4970-AA53-1BA6A53D1485}
2012-06-05 18:17:56 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{250DD2AB-8CCD-4A5B-AE28-49DCA92C98DE}\offreg.dll
2012-06-05 18:01:38 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{250DD2AB-8CCD-4A5B-AE28-49DCA92C98DE}\mpengine.dll
2012-06-05 14:47:14 -------- d-----w- C:\Users\Vulcan\AppData\Local\Google
2012-06-04 22:55:04 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-04 18:20:10 -------- d-----w- C:\Users\Vulcan\AppData\Local\{DF122C8E-D4F2-43A1-9484-25C721816D9B}
2012-06-03 15:34:00 -------- d-----w- C:\Users\Vulcan\AppData\Local\{6576CC05-2E9A-40CB-806A-317549B51D3A}
2012-06-03 15:33:38 -------- d-----w- C:\Users\Vulcan\AppData\Local\{C27FA114-0CB2-42E9-AB45-5EB70D2913AD}
2012-05-30 15:28:07 -------- d-----w- C:\Users\Vulcan\.thumbnails
2012-05-30 15:25:01 -------- d-----w- C:\Users\Vulcan\AppData\Local\{24BEA54C-AA9F-4951-A03D-B3AD82D5456C}
2012-05-30 15:24:37 -------- d-----w- C:\Users\Vulcan\AppData\Local\{776867A2-4144-48EE-8759-6BC402E8188D}
2012-05-30 15:10:49 -------- d-----w- C:\Users\Vulcan\AppData\Local\{963CFFFD-D4E8-4625-A129-59BD9FAAAD64}
2012-05-30 15:10:26 -------- d-----w- C:\Users\Vulcan\AppData\Local\{0BFD21DC-8895-470C-AAC8-B98ACC6EA86B}
2012-05-29 22:18:43 -------- d-----w- C:\Users\Vulcan\AppData\Local\{F4E8777F-54C5-4DFE-96AF-D0238DC7CF5F}
2012-05-29 22:18:21 -------- d-----w- C:\Users\Vulcan\AppData\Local\{A3912A47-46C6-4489-8A9C-48C53F64F353}
2012-05-25 14:53:11 -------- d-----w- C:\Users\Vulcan\AppData\Local\{34B89207-638F-42FC-9FAE-C2227020A792}
2012-05-25 14:53:00 -------- d-----w- C:\Users\Vulcan\AppData\Local\{9A00847E-E9FB-4A89-B836-045A5630ADB7}
2012-05-25 14:27:54 -------- d-----w- C:\Users\Vulcan\AppData\Local\{AD7BAB13-F33B-4AA1-AE38-29D18F0663E8}
2012-05-25 14:27:43 -------- d-----w- C:\Users\Vulcan\AppData\Local\{8F95873D-BA9A-47E3-9F6E-E7F1B1DD8734}
2012-05-16 11:41:17 -------- d-----w- C:\Users\Vulcan\AppData\Local\{D00F9BCC-7411-4957-9687-C946C601F242}
2012-05-16 11:40:55 -------- d-----w- C:\Users\Vulcan\AppData\Local\{CB3E2DF4-13D4-4615-AB0E-9644942958F0}
2012-05-14 15:22:50 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2012-05-14 13:45:03 388096 ----a-r- C:\Users\Vulcan\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-05-14 13:45:03 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-05-14 13:16:43 -------- d-----w- C:\Users\Vulcan\.VirtualBox
2012-05-12 01:28:01 235520 ----a-w- C:\Windows\SysWow64\wmp.oca
2012-05-12 01:18:23 43008 ----a-w- C:\Windows\SysWow64\tabctl32.oca
2012-05-09 20:53:41 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 20:53:41 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-09 20:53:41 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-09 20:53:41 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-09 20:53:41 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 20:53:40 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-09 20:53:40 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-09 20:53:40 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-09 20:53:39 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-09 20:53:25 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-09 20:52:57 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-09 20:52:57 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-09 20:52:38 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-09 19:47:36 -------- d-----w- C:\Users\Vulcan\AppData\Local\Mozilla
2012-05-09 19:30:23 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C7344730-360D-4B5C-93BD-D56DD6F78D0E}\mpengine.dll
2012-05-09 01:46:18 25600 ----a-w- C:\Windows\SysWow64\MSCOMM32.oca
2012-05-08 22:34:57 -------- d-----w- C:\Users\Vulcan\AppData\Local\APN
2012-05-08 19:46:52 35840 ----a-w- C:\Windows\SysWow64\comdlg32.oca
2012-05-08 19:38:12 45056 ----a-w- C:\Program Files\ComPlus Applications\{21D61CE6-A517-11D1-9D8B-0020781039AF}\AEMTSSvc.dll
2012-05-08 19:36:21 -------- d-----w- C:\Windows\msapps
2012-05-08 13:41:36 -------- d--h--w- C:\ProgramData\Common Files
2012-05-08 02:53:52 -------- d-----w- C:\Program Files\AVAST Software
2012-05-08 00:07:38 -------- d-----w- C:\Users\Vulcan\AppData\Local\Diagnostics
2012-05-07 23:48:54 -------- d-----w- C:\Users\Vulcan\AppData\Roaming\Mael
2012-05-06 22:35:48 -------- d-----w- C:\Program Files (x86)\Web Publish
2012-05-06 21:47:31 -------- d-----w- C:\Users\Vulcan\AppData\Local\CRE
.
==================== Find3M ====================
.
2012-04-12 17:12:56 147248 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys
2012-04-12 17:12:54 224048 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2012-04-12 17:12:54 130864 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
2012-04-12 17:12:54 117040 ----a-w- C:\Windows\System32\drivers\VBoxUSB.sys
2012-04-04 14:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-04-02 16:46:37 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2012-03-28 19:43:22 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-03-28 19:43:22 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2012-03-28 19:43:22 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
2012-03-21 03:41:49 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2012-03-21 03:41:49 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2012-03-20 19:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-03-20 19:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
.
============= FINISH: 22:56:02.92 ===============
 

Attachments

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top