Results 1 to 1 of 1

Thread: Reposted properly - Cool remote installed, can't uninstall.

  1. #1
    Junior Member
    Join Date
    Nov 2013
    Posts
    2

    Exclamation Reposted properly - Cool remote installed, can't uninstall.

    I recently downloaded an app called Cool remote on my WP8 phone, and then downloaded the respective server file on my PC, with the intention of controlling my PC via my phone. it wasn't until I decided that I didn't like it that I realized I couldn't find it's uninstall or files on my PC. It then occurred to me that I had likely just opened my PC up to RAT access. Please help me secure and eliminate this problem and I will DEFINITELY donate to SpyBot:S&D development, as I've been using it for a while anyway. Thanks for any and all help. Here's a link to the download site that I got the PC side program from:

    http: // coolremote.wordpress.com/download/ Edit- Disabled link

    Here's my dds log and zip:

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2
    Run by Mike at 21:23:29 on 2013-11-12
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8141.5816 [GMT -6:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Windows\system32\IProsetMonitor.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
    C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
    C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Zune\ZuneLauncher.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\Steam\Steam.exe
    C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    c:\Program Files\Microsoft Security Client\NisSrv.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Windows\system32\sppsvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.techadvanced.com
    uDefault_Page_URL = hxxp://www.techadvanced.com
    mWinlogon: Userinit = userinit.exe
    BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    uRun: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
    uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
    uRunOnce: [Application Restart #0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- https://battlelog.battlefield.com/bf...K3A4OzTSrC9RpA..
    mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
    mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
    mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
    mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun: [KORG USB-MIDI Driver] C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe /s
    mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    StartupFolder: C:\Users\Mike\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    .
    INFO: HKCU has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    .
    INFO: HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    TCP: NameServer = 192.168.1.254
    TCP: Interfaces\{DC0A90B1-AA2C-4D67-A605-DD3B3153F037} : DHCPNameServer = 192.168.1.254
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
    .
    INFO: x64-HKLM has more than 50 listed domains.
    If you wish to scan all of them, select the 'Force scan all domains' option.
    .
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    x64-SSODL: WebCheck - <orphaned>
    Hosts: 127.0.0.1 www.spywareinfo.com
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\iw7bi6ul.default\
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
    FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
    FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
    FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
    FF - ExtSQL: 2013-10-27 05:56; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\iw7bi6ul.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    FF - ExtSQL: 2013-10-27 05:57; jid1-AusxzKACE9lLYQ@jetpack; C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\iw7bi6ul.default\extensions\jid1-AusxzKACE9lLYQ@jetpack.xpi
    FF - ExtSQL: 2013-10-27 05:59; sumeetkpatel@gmail.com; C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\iw7bi6ul.default\extensions\sumeetkpatel@gmail.com.xpi
    FF - ExtSQL: 2013-10-27 06:38; {73a6fe31-595d-460b-a920-fcc0f8843232}; C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\iw7bi6ul.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
    FF - ExtSQL: 2013-10-27 06:39; {158d7cb3-7039-4a75-8e0b-3bd0a464edd2}; C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\iw7bi6ul.default\extensions\{158d7cb3-7039-4a75-8e0b-3bd0a464edd2}.xpi
    FF - ExtSQL: 2013-10-27 06:39; jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack; C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\iw7bi6ul.default\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-3-13 652344]
    R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-3-13 28216]
    R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-3-13 20024]
    R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-3-13 14904]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-6-19 634632]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-3-13 129824]
    R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-11-20 182088]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-3-13 166688]
    R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2012-2-1 214896]
    R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 139616]
    R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-3-13 365344]
    R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-3-13 358456]
    R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-3-13 791608]
    R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2013-7-24 44928]
    R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2013-1-31 28160]
    R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-8-12 366600]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-4-5 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
    S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-3-13 169752]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-11 111616]
    S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2013-2-1 40144]
    S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2013-2-1 42192]
    S3 KORGUMDS;KORG USB-MIDI Driver for Windows;C:\Windows\System32\drivers\KORGUM64.SYS [2013-5-31 34136]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-13 19456]
    S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-3-13 29696]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-13 57856]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-3-13 30208]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-3-13 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2013-11-12 03:08:50 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{30A39B2C-2864-4205-9CD5-28CFAB13C9D0}\mpengine.dll
    2013-11-11 10:11:22 -------- d-----r- C:\Users\Mike\Podcasts
    2013-11-11 10:11:14 -------- d-----w- C:\Windows\System32\drivers\UMDF\ko-KR
    2013-11-11 10:11:12 -------- d-----w- C:\Windows\System32\drivers\UMDF\ms-MY
    2013-11-11 10:11:10 -------- d-----w- C:\Windows\System32\drivers\UMDF\id-ID
    2013-11-11 10:11:09 -------- d-----w- C:\Windows\System32\drivers\UMDF\sv-SE
    2013-11-11 10:11:08 -------- d-----w- C:\Windows\System32\drivers\UMDF\nb-NO
    2013-11-11 10:11:07 -------- d-----w- C:\Windows\System32\drivers\UMDF\hu-HU
    2013-11-11 10:11:06 -------- d-----w- C:\Windows\System32\drivers\UMDF\fi-FI
    2013-11-11 10:11:05 -------- d-----w- C:\Windows\System32\drivers\UMDF\el-GR
    2013-11-11 10:11:04 -------- d-----w- C:\Windows\System32\drivers\UMDF\da-DK
    2013-11-11 10:11:03 -------- d-----w- C:\Windows\System32\drivers\UMDF\cs-CZ
    2013-11-11 10:11:01 -------- d-----w- C:\Windows\System32\drivers\UMDF\zh-TW
    2013-11-11 10:11:00 -------- d-----w- C:\Windows\System32\drivers\UMDF\ru-RU
    2013-11-11 10:10:59 -------- d-----w- C:\Windows\System32\drivers\UMDF\pl-PL
    2013-11-11 10:10:58 -------- d-----w- C:\Windows\System32\drivers\UMDF\zh-CN
    2013-11-11 10:10:57 -------- d-----w- C:\Windows\System32\drivers\UMDF\ja-JP
    2013-11-11 10:10:56 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-BR
    2013-11-11 10:10:55 -------- d-----w- C:\Windows\System32\drivers\UMDF\pt-PT
    2013-11-11 10:10:54 -------- d-----w- C:\Windows\System32\drivers\UMDF\nl-NL
    2013-11-11 10:10:52 -------- d-----w- C:\Windows\System32\drivers\UMDF\it-IT
    2013-11-11 10:10:51 -------- d-----w- C:\Windows\System32\drivers\UMDF\de-DE
    2013-11-11 10:10:50 -------- d-----w- C:\Windows\System32\drivers\UMDF\fr-FR
    2013-11-11 10:10:49 -------- d-----w- C:\Windows\System32\drivers\UMDF\es-ES
    2013-11-11 08:07:11 -------- d-----w- C:\Users\Mike\AppData\Local\{813682E0-7746-4E8D-8392-27E78AAAD039}
    2013-11-11 05:17:56 10280728 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2013-11-07 03:26:32 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DB49498F-6022-41F3-8584-99426A53A86B}\gapaengine.dll
    2013-11-05 06:29:36 -------- d-----w- C:\Users\Mike\AppData\Roaming\PC Remote
    2013-11-05 06:29:26 -------- d-----w- C:\Program Files (x86)\PC Remote
    2013-11-05 03:40:16 -------- d-----w- C:\Program Files (x86)\Windows Phone
    2013-11-05 03:34:54 -------- d-----w- C:\ProgramData\Applications
    2013-10-29 10:12:40 -------- d--h--w- C:\Program Files (x86)\Zero G Registry
    2013-10-29 10:12:40 -------- d-----w- C:\Program Files (x86)\CodeSourcery
    2013-10-29 10:12:02 -------- d--h--w- C:\Users\Mike\InstallAnywhere
    2013-10-29 10:09:21 -------- d-----w- C:\Users\Mike\.Nokia
    2013-10-29 10:07:27 -------- d-----w- C:\Program Files (x86)\Common Files\Symbian
    2013-10-29 10:04:34 -------- d-----w- C:\Nokia
    2013-10-29 10:00:08 -------- d-----w- C:\Perl
    2013-10-27 11:29:46 -------- d-----w- C:\ProgramData\Oracle
    2013-10-27 11:28:11 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2013-10-27 10:52:52 -------- d-----w- C:\Users\Mike\AppData\Local\Macromedia
    2013-10-23 09:02:36 589600 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
    2013-10-20 11:27:52 -------- d-----w- C:\Users\Mike\AppData\Local\{8E00EC5D-29F6-43BD-9730-D9EA2338101F}
    2013-10-19 03:39:20 -------- d-----w- C:\Program Files (x86)\MacroRecorder
    2013-10-18 09:33:20 -------- d-----w- C:\Users\Mike\AppData\Local\Diagnostics
    2013-10-18 08:50:32 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
    2013-10-18 08:50:32 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
    2013-10-18 08:50:32 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
    2013-10-18 08:50:32 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
    2013-10-18 08:50:31 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
    2013-10-18 08:50:31 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
    2013-10-18 08:50:31 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
    .
    ==================== Find3M ====================
    .
    2013-10-27 15:12:52 18286416 ----a-w- C:\Windows\System32\nvwgf2umx.dll
    2013-10-23 08:20:08 6669600 ----a-w- C:\Windows\System32\nvcpl.dll
    2013-10-23 08:20:07 3489568 ----a-w- C:\Windows\System32\nvsvc64.dll
    2013-10-23 08:20:05 922912 ----a-w- C:\Windows\System32\nvvsvc.exe
    2013-10-23 08:20:05 63776 ----a-w- C:\Windows\System32\nvshext.dll
    2013-10-23 08:20:05 2559776 ----a-w- C:\Windows\System32\nvsvcr.dll
    2013-10-23 08:20:05 219424 ----a-w- C:\Windows\System32\nvmctray.dll
    2013-10-23 08:20:03 3426956 ----a-w- C:\Windows\System32\nvcoproc.bin
    2013-10-09 18:27:54 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-10-09 18:27:54 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-09-18 03:22:42 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
    2013-09-18 03:22:42 196384 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
    2013-09-18 03:22:42 1884448 ----a-w- C:\Windows\System32\nvdispco6432723.dll
    2013-09-18 03:22:42 1511712 ----a-w- C:\Windows\System32\nvdispgenco6432723.dll
    2013-09-18 03:22:42 1510176 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
    2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
    2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll
    2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
    2013-09-06 17:59:50 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
    2013-09-06 17:59:50 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
    2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll
    2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll
    2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll
    2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll
    2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
    2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll
    2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll
    2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys
    2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll
    2013-08-20 11:24:08 447752 ----a-w- C:\Windows\SysWow64\vp6vfw.dll
    .
    ============= FINISH: 21:24:17.87 ===============

    Attach.zip




    And here's my aswMBR full scan log:

    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2013-11-12 22:19:43
    -----------------------------
    22:19:43.333 OS Version: Windows x64 6.1.7601 Service Pack 1
    22:19:43.333 Number of processors: 4 586 0x3A09
    22:19:43.334 ComputerName: BEAST3 UserName: Mike
    22:19:44.623 Initialize success
    22:19:58.401 AVAST engine defs: 13111200
    22:20:01.524 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061
    22:20:01.525 Disk 0 Vendor: ATA_____ 1H15 Size: 476940MB BusType: 11
    22:20:01.820 Disk 0 MBR read successfully
    22:20:01.821 Disk 0 MBR scan
    22:20:01.824 Disk 0 Windows 7 default MBR code
    22:20:01.848 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476938 MB offset 2048
    22:20:02.104 Disk 0 scanning C:\Windows\system32\drivers
    22:20:24.936 Service scanning
    22:20:46.360 Modules scanning
    22:20:46.366 Disk 0 trace - called modules:
    22:20:46.386 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
    22:20:46.388 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007765060]
    22:20:46.390 3 CLASSPNP.SYS[fffff880014c143f] -> nt!IofCallDriver -> [0xfffffa8007639b50]
    22:20:46.714 5 iaStorF.sys[fffff8800188f9a0] -> nt!IofCallDriver -> \Device\00000061[0xfffffa800716d060]
    22:20:48.394 AVAST engine scan C:\
    01:55:57.966 File: C:\Users\Mike\Desktop\Mike\Music\DUB\A1 Russko\21 2 N A Q.mp3 **SUSPICIOUS**
    02:03:18.413 File: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\UsrClass.dat{93981612-b341-11e2-b76b-7054d21a5901}.TM.blf **SUSPICIOUS**
    02:03:59.819 File: C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini **SUSPICIOUS**
    02:07:16.852 File: C:\Windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\345567d66d56f40d81d3c9369a8c1b18\ReachFramework.ni.dll **SUSPICIOUS**
    02:07:56.352 File: C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef36f3c4cd9ee00b718011b9c873720c\System.Web.ni.dll **SUSPICIOUS**
    02:27:41.308 File: C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\Flash.mpp **SUSPICIOUS**
    02:27:53.195 File: C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\MCIMPP.mpp **SUSPICIOUS**
    02:28:40.307 File: C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\WindowsMedia.mpp **SUSPICIOUS**
    02:43:45.064 File: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Xaml.targets **SUSPICIOUS**
    02:46:55.293 File: C:\Windows\Prefetch\ISMAGENT.EXE-486EC459.pf **SUSPICIOUS**
    02:48:08.629 File: C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{939815fa-b341-11e2-b76b-806e6f6e6963}.TM.blf **SUSPICIOUS**
    02:48:12.170 File: C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{939815fa-b341-11e2-b76b-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms **SUSPICIOUS**
    02:48:17.848 File: C:\Windows\ServiceProfiles\NetworkService\ntuser.dat{b4ab0466-db41-11e2-8053-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms **SUSPICIOUS**
    02:52:02.069 File: C:\Windows\servicing\Packages\Package_13_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    02:52:05.330 File: C:\Windows\servicing\Packages\Package_13_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.mum **SUSPICIOUS**
    02:53:10.680 File: C:\Windows\servicing\Packages\Package_2_for_KB2799926~31bf3856ad364e35~amd64~~6.1.1.0.cat **SUSPICIOUS**
    02:53:14.144 File: C:\Windows\servicing\Packages\Package_2_for_KB2799926~31bf3856ad364e35~amd64~~6.1.1.0.mum **SUSPICIOUS**
    02:53:18.714 File: C:\Windows\servicing\Packages\Package_2_for_KB2808735~31bf3856ad364e35~amd64~~6.1.1.2.cat **SUSPICIOUS**
    02:53:22.521 File: C:\Windows\servicing\Packages\Package_2_for_KB2808735~31bf3856ad364e35~amd64~~6.1.1.2.mum **SUSPICIOUS**
    02:53:25.984 File: C:\Windows\servicing\Packages\Package_2_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    02:53:29.369 File: C:\Windows\servicing\Packages\Package_2_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.mum **SUSPICIOUS**
    02:53:33.597 File: C:\Windows\servicing\Packages\Package_2_for_KB2823324~31bf3856ad364e35~amd64~~6.1.1.1.cat **SUSPICIOUS**
    02:53:36.966 File: C:\Windows\servicing\Packages\Package_2_for_KB2823324~31bf3856ad364e35~amd64~~6.1.1.1.mum **SUSPICIOUS**
    02:54:20.955 File: C:\Windows\servicing\Packages\Package_3_for_KB2808735~31bf3856ad364e35~amd64~~6.1.1.2.cat **SUSPICIOUS**
    02:54:24.356 File: C:\Windows\servicing\Packages\Package_3_for_KB2808735~31bf3856ad364e35~amd64~~6.1.1.2.mum **SUSPICIOUS**
    02:54:28.361 File: C:\Windows\servicing\Packages\Package_3_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    02:54:31.640 File: C:\Windows\servicing\Packages\Package_3_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.mum **SUSPICIOUS**
    02:54:47.881 File: C:\Windows\servicing\Packages\Package_4_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    02:54:51.136 File: C:\Windows\servicing\Packages\Package_4_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.mum **SUSPICIOUS**
    02:56:47.620 File: C:\Windows\servicing\Packages\Package_for_KB2799926_SP1~31bf3856ad364e35~amd64~~6.1.1.0.cat **SUSPICIOUS**
    02:56:50.914 File: C:\Windows\servicing\Packages\Package_for_KB2799926_SP1~31bf3856ad364e35~amd64~~6.1.1.0.mum **SUSPICIOUS**
    02:56:54.280 File: C:\Windows\servicing\Packages\Package_for_KB2799926~31bf3856ad364e35~amd64~~6.1.1.0.cat **SUSPICIOUS**
    02:56:57.678 File: C:\Windows\servicing\Packages\Package_for_KB2799926~31bf3856ad364e35~amd64~~6.1.1.0.mum **SUSPICIOUS**
    02:57:06.407 File: C:\Windows\servicing\Packages\Package_for_KB2808735_SP1~31bf3856ad364e35~amd64~~6.1.1.2.cat **SUSPICIOUS**
    02:57:09.540 File: C:\Windows\servicing\Packages\Package_for_KB2808735_SP1~31bf3856ad364e35~amd64~~6.1.1.2.mum **SUSPICIOUS**
    02:57:12.837 File: C:\Windows\servicing\Packages\Package_for_KB2808735~31bf3856ad364e35~amd64~~6.1.1.2.cat **SUSPICIOUS**
    02:57:16.172 File: C:\Windows\servicing\Packages\Package_for_KB2808735~31bf3856ad364e35~amd64~~6.1.1.2.mum **SUSPICIOUS**
    02:57:20.252 File: C:\Windows\servicing\Packages\Package_for_KB2813170_RTM~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    02:57:23.618 File: C:\Windows\servicing\Packages\Package_for_KB2813170_RTM~31bf3856ad364e35~amd64~~6.1.1.3.mum **SUSPICIOUS**
    02:57:27.060 File: C:\Windows\servicing\Packages\Package_for_KB2813170_SP1~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    02:57:30.517 File: C:\Windows\servicing\Packages\Package_for_KB2813170_SP1~31bf3856ad364e35~amd64~~6.1.1.3.mum **SUSPICIOUS**
    02:57:33.909 File: C:\Windows\servicing\Packages\Package_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    02:57:37.275 File: C:\Windows\servicing\Packages\Package_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.mum **SUSPICIOUS**
    02:57:41.283 File: C:\Windows\servicing\Packages\Package_for_KB2813347~31bf3856ad364e35~amd64~~6.1.1.0.cat **SUSPICIOUS**
    02:57:53.883 File: C:\Windows\servicing\Packages\Package_for_KB2823324_SP1~31bf3856ad364e35~amd64~~6.1.1.1.cat **SUSPICIOUS**
    02:57:57.262 File: C:\Windows\servicing\Packages\Package_for_KB2823324_SP1~31bf3856ad364e35~amd64~~6.1.1.1.mum **SUSPICIOUS**
    02:58:00.853 File: C:\Windows\servicing\Packages\Package_for_KB2823324~31bf3856ad364e35~amd64~~6.1.1.1.mum **SUSPICIOUS**
    02:58:11.047 File: C:\Windows\servicing\Packages\Package_for_KB2835361~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    03:06:13.389 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_13_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    03:07:11.540 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2799926~31bf3856ad364e35~amd64~~6.1.1.0.cat **SUSPICIOUS**
    03:07:16.124 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2808735~31bf3856ad364e35~amd64~~6.1.1.2.cat **SUSPICIOUS**
    03:07:19.624 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    03:07:24.112 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2_for_KB2823324~31bf3856ad364e35~amd64~~6.1.1.1.cat **SUSPICIOUS**
    03:07:41.310 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2808735~31bf3856ad364e35~amd64~~6.1.1.2.cat **SUSPICIOUS**
    03:07:44.583 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    03:07:52.415 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    03:08:49.170 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB2799926_SP1~31bf3856ad364e35~amd64~~6.1.1.0.cat **SUSPICIOUS**
    03:08:52.397 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB2799926~31bf3856ad364e35~amd64~~6.1.1.0.cat **SUSPICIOUS**
    03:08:57.069 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB2808735_SP1~31bf3856ad364e35~amd64~~6.1.1.2.cat **SUSPICIOUS**
    03:09:00.325 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB2808735~31bf3856ad364e35~amd64~~6.1.1.2.cat **SUSPICIOUS**
    03:09:04.106 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB2813170_RTM~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    03:09:07.710 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB2813170_SP1~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    03:09:11.067 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB2813170~31bf3856ad364e35~amd64~~6.1.1.3.cat **SUSPICIOUS**
    03:09:17.707 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB2823324_SP1~31bf3856ad364e35~amd64~~6.1.1.1.cat **SUSPICIOUS**
    03:09:21.127 File: C:\Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_for_KB2823324~31bf3856ad364e35~amd64~~6.1.1.1.cat **SUSPICIOUS**
    04:25:36.030 File: C:\Windows\SysWOW64\Macromed\Flash\plugin.vch **SUSPICIOUS**
    04:28:48.443 File: C:\Windows\SysWOW64\msvcp71.dll **SUSPICIOUS**
    06:45:54.340 File: C:\Windows\winsxs\Catalogs\1966ef76654c75dce21dc56abef0abd7892f572af9d084abe580867652431a80.cat **SUSPICIOUS**
    06:46:02.545 File: C:\Windows\winsxs\Catalogs\2e949dd00cfa531ace75fa4dd19e918ea2f33ae8cdb6c58a67d1742f8278b517.cat **SUSPICIOUS**
    06:46:10.595 File: C:\Windows\winsxs\Catalogs\46db34684aa9afe79c9fa7822e9258ae9426e6724b78088034e88330c1593089.cat **SUSPICIOUS**
    06:46:19.300 File: C:\Windows\winsxs\Catalogs\7b5960d7654c4f451e3e098b371d354ca69c1f591ee612de3eae2b81c985ecd5.cat **SUSPICIOUS**
    06:46:25.181 File: C:\Windows\winsxs\Catalogs\9e12c1238312748772cf53dfc9bfa5b6a2e7e58ba553979b2fe5201392f6ba6d.cat **SUSPICIOUS**
    06:46:32.529 File: C:\Windows\winsxs\Catalogs\a86b3589cd4cc20b8d300c1d7599ecbe8df5005c4bef0c4f38dc0bfeebf01d7a.cat **SUSPICIOUS**
    06:46:35.836 File: C:\Windows\winsxs\Catalogs\a937ac3d50c197a59686a54a456d6961e2c51381af3da8f7fae1d1ed102019ac.cat **SUSPICIOUS**
    06:46:45.305 File: C:\Windows\winsxs\Catalogs\c1f304f9f3a77d01372748ace4180630d1f0713ba3517c5bc5a03ffa2e834a11.cat **SUSPICIOUS**
    06:47:05.320 File: C:\Windows\winsxs\Manifests\amd64_10c62133ba63b71681cb70136c1dc157_31bf3856ad364e35_6.1.7601.22280_none_1a52f731ad79c8a4.manifest **SUSPICIOUS**
    06:47:09.719 File: C:\Windows\winsxs\Manifests\amd64_1b1a122ae4155daceb8549a97531a576_31bf3856ad364e35_6.1.7601.18062_none_87494051e6d620d0.manifest **SUSPICIOUS**
    06:47:12.777 File: C:\Windows\winsxs\Manifests\amd64_1bb1c59d97b21750cc1dfd22877138a1_b77a5c561934e089_6.1.7601.22326_none_1d651898ef676862.manifest **SUSPICIOUS**
    06:47:16.084 File: C:\Windows\winsxs\Manifests\amd64_1dafdd3989752adc59acb3169cb4c4ca_31bf3856ad364e35_6.1.7601.22280_none_7f36d293a4b52176.manifest **SUSPICIOUS**
    06:47:19.875 File: C:\Windows\winsxs\Manifests\amd64_241e1ee2bc1643b4a2ec4177ad2bf0ba_31bf3856ad364e35_6.1.7601.18113_none_3f9428536788d6b4.manifest **SUSPICIOUS**
    06:47:23.666 File: C:\Windows\winsxs\Manifests\amd64_2b03690b944e6c639dc5890b9f674381_31bf3856ad364e35_6.1.7601.22271_none_719df1a0be23859c.manifest **SUSPICIOUS**
    06:47:27.503 File: C:\Windows\winsxs\Manifests\amd64_2fb4dd3305498855e571310baf4f17f5_31bf3856ad364e35_6.1.7601.22341_none_b1f6719c6bd9322c.manifest **SUSPICIOUS**
    06:47:37.924 File: C:\Windows\winsxs\Manifests\amd64_5bb0419bc2dceec16d00cd2d62bab32f_31bf3856ad364e35_6.1.7601.22272_none_e05cc17eba7595fd.manifest **SUSPICIOUS**
    06:47:43.977 File: C:\Windows\winsxs\Manifests\amd64_6e5c77c60b15e5a92b72778653deb5b7_31bf3856ad364e35_6.1.7601.22280_none_ad3b7086e31fb242.manifest **SUSPICIOUS**
    06:47:48.438 File: C:\Windows\winsxs\Manifests\amd64_78d2045fb8484c7bf8d18743f80c16d5_31bf3856ad364e35_6.1.7601.18113_none_96d5490de788ee80.manifest **SUSPICIOUS**
    06:47:51.855 File: C:\Windows\winsxs\Manifests\amd64_7ae4c1b47fdddb78a37e462ec12ca455_31bf3856ad364e35_6.1.7601.18106_none_735340ae444f203e.manifest **SUSPICIOUS**
    06:48:02.369 File: C:\Windows\winsxs\Manifests\amd64_984020bc4647e0133fced4aef3b9012b_31bf3856ad364e35_6.1.7601.22280_none_2032ed9f7e23079e.manifest **SUSPICIOUS**
    06:48:05.458 File: C:\Windows\winsxs\Manifests\amd64_986fa3455dc58c289eaf32f8b1784a3e_31bf3856ad364e35_6.1.7600.21490_none_a4537a84316c1e06.manifest **SUSPICIOUS**
    06:48:10.450 File: C:\Windows\winsxs\Manifests\amd64_a450469bb87393ab2ebb048302914a92_31bf3856ad364e35_6.1.7601.18105_none_457be4edb908bc15.manifest **SUSPICIOUS**
    06:48:18.281 File: C:\Windows\winsxs\Manifests\amd64_cac2d332d342168b2f40290894950ec0_31bf3856ad364e35_6.1.7601.18113_none_37b2b5764a38e39f.manifest **SUSPICIOUS**
    06:48:22.119 File: C:\Windows\winsxs\Manifests\amd64_cdec8e4c241d347be214eea8a628418b_31bf3856ad364e35_6.1.7601.22230_none_c288eaaba7849758.manifest **SUSPICIOUS**
    06:48:25.801 File: C:\Windows\winsxs\Manifests\amd64_d1e8f71baf4110a55326bcfa6bc80851_31bf3856ad364e35_6.1.7601.22280_none_9e8bad72111f2ec6.manifest **SUSPICIOUS**
    06:48:28.999 File: C:\Windows\winsxs\Manifests\amd64_d2c24c62af255ae3fd036cce87cdb2af_31bf3856ad364e35_6.1.7601.18113_none_6a233932bf2c9ae5.manifest **SUSPICIOUS**
    06:48:34.895 File: C:\Windows\winsxs\Manifests\amd64_ed5477768951d6b2166332818c455eb9_31bf3856ad364e35_6.1.7601.22271_none_1d3e82ea3c3a1673.manifest **SUSPICIOUS**
    06:48:38.561 File: C:\Windows\winsxs\Manifests\amd64_f0624721ed4bcc699fb5852e4c775a18_31bf3856ad364e35_6.1.7600.16977_none_4ac4fe930db2c49f.manifest **SUSPICIOUS**
    06:48:43.288 File: C:\Windows\winsxs\Manifests\amd64_fe88709a8deb4f278e87f6a2c5ddce66_31bf3856ad364e35_6.1.7601.18113_none_7ac0716bc806da6f.manifest **SUSPICIOUS**
    06:48:48.358 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_b5abe389e220f951.manifest **SUSPICIOUS**
    06:48:54.988 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-csrsrv_31bf3856ad364e35_6.1.7601.18113_none_27ac1dcabbfe37b8.manifest **SUSPICIOUS**
    06:48:58.077 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-csrsrv_31bf3856ad364e35_6.1.7601.22280_none_27e70a43d5574f14.manifest **SUSPICIOUS**
    06:49:25.939 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-ie-versioninfo_31bf3856ad364e35_9.4.8112.16476_none_73930f4107c1ebe2.manifest **SUSPICIOUS**
    06:49:29.215 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-ie-versioninfo_31bf3856ad364e35_9.4.8112.20586_none_7411dc2020e7a79d.manifest **SUSPICIOUS**
    06:49:32.693 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-ie-vgx_31bf3856ad364e35_9.4.8112.16476_none_61a44182bb82c495.manifest **SUSPICIOUS**
    06:49:35.907 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-ie-vgx_31bf3856ad364e35_9.4.8112.20586_none_62230e61d4a88050.manifest **SUSPICIOUS**
    06:49:39.230 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_9.4.8112.16476_none_6498015e30922da3.manifest **SUSPICIOUS**
    06:49:43.021 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-ieframe_31bf3856ad364e35_9.4.8112.16476_none_d90f9cb780e6d65c.manifest **SUSPICIOUS**
    06:49:46.312 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-ieframe_31bf3856ad364e35_9.4.8112.20586_none_d98e69969a0c9217.manifest **SUSPICIOUS**
    06:50:02.115 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18113_none_ca554865cac3a857.manifest **SUSPICIOUS**
    06:50:05.235 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22280_none_ca9034dee41cbfb3.manifest **SUSPICIOUS**
    06:50:10.352 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-r..gistry-trustedtypes_31bf3856ad364e35_6.1.7600.16977_none_dfffc71e480f2950.manifest **SUSPICIOUS**
    06:50:13.581 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-r..gistry-trustedtypes_31bf3856ad364e35_6.1.7600.21490_none_e06c9fdf61437a52.manifest **SUSPICIOUS**
    06:50:19.291 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-s..tartup-filterdriver_31bf3856ad364e35_6.1.7601.18062_none_8c724c74f6b7b8c3.manifest **SUSPICIOUS**
    06:50:22.380 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-s..tartup-filterdriver_31bf3856ad364e35_6.1.7601.22230_none_8d1a5a560fbecf33.manifest **SUSPICIOUS**
    06:50:25.921 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-scripting-jscript_31bf3856ad364e35_9.4.8112.16476_none_f74d18aec9ec2420.manifest **SUSPICIOUS**
    06:50:29.212 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-scripting-jscript_31bf3856ad364e35_9.4.8112.20586_none_f7cbe58de311dfdb.manifest **SUSPICIOUS**
    06:50:32.598 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-scripting-vbscript_31bf3856ad364e35_9.4.8112.16476_none_bcc7336700aed05c.manifest **SUSPICIOUS**
    06:50:35.967 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-scripting-vbscript_31bf3856ad364e35_9.4.8112.20586_none_bd46004619d48c17.manifest **SUSPICIOUS**
    06:50:41.318 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9.manifest **SUSPICIOUS**
    06:50:44.391 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05.manifest **SUSPICIOUS**
    06:50:53.470 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18105_none_172530ffb11d766c.manifest **SUSPICIOUS**
    06:50:56.653 File: C:\Windows\winsxs\Manifests\amd64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22271_none_175f1d2eca777471.manifest **SUSPICIOUS**
    06:51:39.834 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c.manifest **SUSPICIOUS**
    06:51:43.328 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-csrsrv_31bf3856ad364e35_6.1.7601.18113_none_3200c81cf05ef9b3.manifest **SUSPICIOUS**
    06:51:46.432 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-csrsrv_31bf3856ad364e35_6.1.7601.22280_none_323bb49609b8110f.manifest **SUSPICIOUS**
    06:51:50.520 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16476_none_177836c3b4ee56e2.manifest **SUSPICIOUS**
    06:51:53.749 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20586_none_17f703a2ce14129d.manifest **SUSPICIOUS**
    06:51:58.647 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_9.4.8112.16476_none_dea864b6419ef3ac.manifest **SUSPICIOUS**
    06:52:01.892 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_9.4.8112.20586_none_df2731955ac4af67.manifest **SUSPICIOUS**
    06:52:05.371 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-ie-htmlediting_31bf3856ad364e35_9.4.8112.16476_none_c6eac3d14a8d5402.manifest **SUSPICIOUS**
    06:52:08.553 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-ie-htmlediting_31bf3856ad364e35_9.4.8112.20586_none_c76990b063b30fbd.manifest **SUSPICIOUS**
    06:52:12.001 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16476_none_9204ed0629520a2a.manifest **SUSPICIOUS**
    06:52:15.246 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.20586_none_9283b9e54277c5e5.manifest **SUSPICIOUS**
    06:52:18.803 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_9.4.8112.16476_none_ae23da7321270fd7.manifest **SUSPICIOUS**
    06:52:22.001 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_9.4.8112.20586_none_aea2a7523a4ccb92.manifest **SUSPICIOUS**
    06:52:25.635 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-ieframe_31bf3856ad364e35_9.4.8112.16476_none_e3644709b5479857.manifest **SUSPICIOUS**
    06:52:29.005 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-ieframe_31bf3856ad364e35_9.4.8112.20586_none_e3e313e8ce6d5412.manifest **SUSPICIOUS**
    06:52:41.454 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-scripting-jscript_31bf3856ad364e35_9.4.8112.16476_none_01a1c300fe4ce61b.manifest **SUSPICIOUS**
    06:52:44.699 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-scripting-jscript_31bf3856ad364e35_9.4.8112.20586_none_02208fe01772a1d6.manifest **SUSPICIOUS**
    06:52:48.037 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-scripting-vbscript_31bf3856ad364e35_9.4.8112.16476_none_c71bddb9350f9257.manifest **SUSPICIOUS**
    06:52:51.282 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-scripting-vbscript_31bf3856ad364e35_9.4.8112.20586_none_c79aaa984e354e12.manifest **SUSPICIOUS**
    06:52:55.119 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_14b439146432f7a4.manifest **SUSPICIOUS**
    06:52:58.208 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_14ef258d7d8c0f00.manifest **SUSPICIOUS**
    06:53:01.640 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_6.1.7601.22252_none_b6b33b7d8557de1f.manifest **SUSPICIOUS**
    06:53:05.556 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.18105_none_2179db51e57e3867.manifest **SUSPICIOUS**
    06:53:08.723 File: C:\Windows\winsxs\Manifests\wow64_microsoft-windows-win32k_31bf3856ad364e35_6.1.7601.22271_none_21b3c780fed8366c.manifest **SUSPICIOUS**
    06:53:19.440 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_9.4.8112.16476_none_cd31ac6ff1344730.manifest **SUSPICIOUS**
    06:53:22.653 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_9.4.8112.20586_none_cdb0794f0a5a02eb.manifest **SUSPICIOUS**
    06:53:26.507 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_9.4.8112.16476_none_a7883aa46c42ec54.manifest **SUSPICIOUS**
    06:53:29.720 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-i..nternetcontrolpanel_31bf3856ad364e35_9.4.8112.20586_none_a80707838568a80f.manifest **SUSPICIOUS**
    06:53:34.572 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16476_none_1a378811bc3d6dc3.manifest **SUSPICIOUS**
    06:53:37.817 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20586_none_1ab654f0d563297e.manifest **SUSPICIOUS**
    06:53:41.654 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_9.4.8112.16476_none_53f3a1645a40ba04.manifest **SUSPICIOUS**
    06:53:44.868 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_9.4.8112.20586_none_54726e43736675bf.manifest **SUSPICIOUS**
    06:53:48.206 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-extcompat_31bf3856ad364e35_9.4.8112.16476_none_54fe4096f10461f7.manifest **SUSPICIOUS**
    06:53:51.389 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-extcompat_31bf3856ad364e35_9.4.8112.20586_none_557d0d760a2a1db2.manifest **SUSPICIOUS**
    06:53:55.679 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_9.4.8112.16476_none_a87d78f364faf842.manifest **SUSPICIOUS**
    06:53:58.877 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_9.4.8112.20586_none_a8fc45d27e20b3fd.manifest **SUSPICIOUS**
    06:54:02.215 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_9.4.8112.16476_none_5fdbc489b4a35eb0.manifest **SUSPICIOUS**
    06:54:05.397 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_9.4.8112.20586_none_605a9168cdc91a6b.manifest **SUSPICIOUS**
    06:54:09.079 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-jscriptdebugui_31bf3856ad364e35_9.4.8112.16476_none_d2bae371e80f98ac.manifest **SUSPICIOUS**
    06:54:12.324 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-jscriptdebugui_31bf3856ad364e35_9.4.8112.20586_none_d339b05101355467.manifest **SUSPICIOUS**
    06:54:16.193 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.16476_none_5ff23eeda6ee8c20.manifest **SUSPICIOUS**
    06:54:19.500 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_9.4.8112.20586_none_60710bccc01447db.manifest **SUSPICIOUS**
    06:54:23.244 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-versioninfo_31bf3856ad364e35_9.4.8112.16476_none_177473bd4f647aac.manifest **SUSPICIOUS**
    06:54:26.442 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-versioninfo_31bf3856ad364e35_9.4.8112.20586_none_17f3409c688a3667.manifest **SUSPICIOUS**
    06:54:29.765 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-vgx_31bf3856ad364e35_9.4.8112.16476_none_0585a5ff0325535f.manifest **SUSPICIOUS**
    06:54:32.994 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-vgx_31bf3856ad364e35_9.4.8112.20586_none_060472de1c4b0f1a.manifest **SUSPICIOUS**
    06:54:36.364 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_9.4.8112.16476_none_087965da7834bc6d.manifest **SUSPICIOUS**
    06:54:39.577 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_9.4.8112.20586_none_08f832b9915a7828.manifest **SUSPICIOUS**
    06:54:46.769 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.18113_none_6e36ace212663721.manifest **SUSPICIOUS**
    06:54:50.076 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.22280_none_6e71995b2bbf4e7d.manifest **SUSPICIOUS**
    06:54:56.378 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-t..s-clientactivexcore_31bf3856ad364e35_6.1.7601.18079_none_31b9734c24169dbf.manifest **SUSPICIOUS**
    06:54:59.467 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-t..s-clientactivexcore_31bf3856ad364e35_6.1.7601.22252_none_3251afcf3d2a516d.manifest **SUSPICIOUS**
    06:55:02.650 File: C:\Windows\winsxs\Manifests\x86_microsoft-windows-t..tivexcore.resources_31bf3856ad364e35_6.1.7601.22252_en-us_76255923fe006e76.manifest **SUSPICIOUS**
    06:55:08.266 File: C:\Windows\winsxs\Manifests\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c.manifest **SUSPICIOUS**
    06:55:34.552 File: C:\Windows\winsxs\Manifests\x86_system.printing_31bf3856ad364e35_6.1.7601.22309_none_75e11e57ed6f8b6a.manifest **SUSPICIOUS**
    06:55:41.228 File: C:\Windows\winsxs\Manifests\x86_wpf-presentationframework_31bf3856ad364e35_6.1.7601.18140_none_706936a5b4549430.manifest **SUSPICIOUS**
    07:00:01.827 File: C:\Windows\wmsetup.log **SUSPICIOUS**
    07:00:01.889 Scan finished successfully
    07:00:57.394 Disk 0 MBR has been saved successfully to "C:\Users\Mike\Desktop\MBR.dat"
    07:00:57.441 The log file has been saved successfully to "C:\Users\Mike\Desktop\aswMBR.txt"

    Anyone? :-)
    -----------------------------------------------

    Waiting for help in the Malware Forum FOUR days or longer?
    Last edited by tashi; 2013-11-16 at 06:48. Reason: Merged two posts, please see FAQ :-)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •