Jump to content

Dann427

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Also there is an adloader installed so whenever he goes on firefox the ads keep coming up in a different tab
  2. Ok so my friend has been infected with a virus that I cannot remove and from what I know, keeps duplicating itself. There is also a file that cannot be removed and says it is innaccessable, I am using teamviewer on his computer to try and help him but I cannot solve it. I also do not want to risk getting anything so I have pasted the notepads that the DDS has come up with. I am really confused at the moment, please help me fix this problem! First Notepad - DDS, as instructed I have only put this one on. If needed I will post the second one. Thank you for helping me! . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_31 Run by Ariya at 16:00:14 on 2012-05-06 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.2047.449 [GMT 1:00] . SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\TEMP\cqsaht\setup.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\AVG\AVG2012\avgidsagent.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\AVG\AVG2012\avgemcx.exe C:\Windows\system32\taskeng.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files\TeamViewer\Version7\TeamViewer.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\TeamViewer\Version7\tv_w32.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\SearchProtocolHost.exe c:\program files\teamviewer\version7\TeamViewer_Desktop.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\AVG\AVG2012\avgui.exe C:\Program Files\AVG\AVG2012\avgscanx.exe C:\Windows\system32\conhost.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\conhost.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\conhost.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://uk.search.yahoo.com/?fr=w3i&type=W3i_SP,204,0_0,StartPage,20110938,16939,0,8,0 mStart Page = hxxp://www.bigseekpro.com/hypercam/{DFA73CFD-DF38-4CD5-899E-CA10D0AAA329} uInternet Settings,ProxyOverride = *.local uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll uURLSearchHooks: NetAssistant: {e38fa08e-f56a-4169-abf5-5c71e3c153a1} - c:\program files\freeze.com\netassistant\NetAssistant.dll uURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - c:\program files\hyperionics db toolbar\tbhelper.dll uURLSearchHooks: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\prxtbPage.dll mURLSearchHooks: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\prxtbPage.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll BHO: Fast Search: {5ab7104a-b71f-49ad-9154-f7f8806ae848} - c:\program files\surf canyon\surfcanyon.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\mif5ba~1\office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\prxtbPage.dll BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.0.0.9\AVG Secure Search_toolbar.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mif5ba~1\office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll" BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: NetAssistant: {e38fa08e-f56a-4169-abf5-5c71e3c153a1} - c:\program files\freeze.com\netassistant\NetAssistant.dll BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\hyperionics db toolbar\tbcore3.dll BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo layers runtime\YontooIEClient.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll" TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll TB: Hyperionics DB Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - c:\program files\hyperionics db toolbar\tbcore3.dll TB: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - c:\program files\pagerage\prxtbPage.dll TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.0.0.9\AVG Secure Search_toolbar.dll uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [Facebook Update] "c:\users\ariya\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE" uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [steam] "c:\program files\steam\Steam.exe" -silent mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [<NO NAME>] mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" mRun: [vProt] "c:\program files\avg secure search\vprot.exe" mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll LSP: mswsock.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{802EF500-5784-4DA0-9324-96140E0408C9} : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\11.0.2\ViProtocol.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: ecojink - c:\windows\system32\config\systemprofile\appdata\local\ecojink.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\mif5ba~1\office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\ariya\appdata\roaming\mozilla\firefox\profiles\lb07dvv8.default\ FF - prefs.js: browser.startup.homepage - hxxp://uk.foxstart.com/?rls=en:uk:zb FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B3d17da72-03e7-4e12-a292-f031bbc784e8%7D&mid=713d8f2f898547d0b036bd2b2ba6d2e1-24bd564ae48e0af08340caeed311517bc1dfc63f&ds=AVG&v=11.0.0.9〈=en&pr=fr&d=2012-05-06%2014%3A27%3A50&sap=ku&q= FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\11.0.2\npsitesafety.dll FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.0.50401.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll FF - plugin: c:\program files\research in motion limited\blackberry app world browser plugin\npappworld.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\ariya\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll . ---- FIREFOX POLICIES ---- . . FF - user.js: extentions.y2layers.installId - 9d506fab-4967-46ed-867b-83020c78f632 FF - user.js: extentions.y2layers.defaultEnableAppsList - PageRage,PageRageGlobal,Buzzdock,BuzzdockTease,PageRage,PageRageGlobal, . ============= SERVICES / DRIVERS =============== . R?2 AMService;AMService;c:\windows\temp\cqsaht\setup.exe run --> c:\windows\temp\cqsaht\setup.exe run [?] R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-8-26 176128] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-4-30 5106744] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288] R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\common files\magix services\database\bin\FABS.exe [2009-8-27 1253376] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-5-6 654408] R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-5-6 2666880] R2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\common files\avg secure search\vtoolbarupdater\11.0.2\ToolbarUpdater.exe [2012-5-6 932736] R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-8-26 6380032] R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-8-26 221696] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-8-15 101904] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-5-6 22344] R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2009-6-10 657408] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-8-15 136176] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-4-1 183560] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\common files\magix services\database\bin\fbserver.exe [2008-8-7 3276800] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-8-18 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-8-15 136176] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-6 129976] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] . =============== Created Last 30 ================ . 2012-05-06 14:35:19 -------- d-----w- c:\users\ariya\appdata\local\{AE2CC03D-4AC1-43CF-9561-E8A6F5DE3E0B} 2012-05-06 14:34:58 -------- d-----w- c:\users\ariya\appdata\local\{F49C6BE8-D3E7-4677-A27C-0279D2E3C45E} 2012-05-06 13:29:13 -------- d-----w- c:\users\ariya\appdata\roaming\AVG2012 2012-05-06 13:28:27 -------- d-----w- c:\users\ariya\appdata\local\AVG Secure Search 2012-05-06 13:27:49 -------- d-----w- c:\programdata\AVG Secure Search 2012-05-06 13:27:43 -------- d-----w- c:\program files\common files\AVG Secure Search 2012-05-06 13:27:42 -------- d-----w- c:\program files\AVG Secure Search 2012-05-06 13:26:49 -------- d--h--w- c:\programdata\Common Files 2012-05-06 13:24:01 -------- d--h--w- C:\$AVG 2012-05-06 13:23:59 -------- d-----w- c:\windows\system32\drivers\AVG 2012-05-06 13:23:59 -------- d-----w- c:\programdata\AVG2012 2012-05-06 13:22:54 -------- d-----w- c:\program files\AVG 2012-05-06 13:19:24 -------- d-----w- c:\programdata\MFAData 2012-05-06 13:13:21 -------- d-----w- c:\program files\CCleaner 2012-05-06 13:09:34 -------- d-----w- c:\users\ariya\appdata\roaming\Malwarebytes 2012-05-06 13:09:24 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-06 13:09:24 -------- d-----w- c:\programdata\Malwarebytes 2012-05-06 13:09:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-05-06 10:37:31 -------- d-----w- c:\program files\TeamViewer 2012-05-06 08:30:00 -------- d-----w- c:\users\ariya\appdata\local\{013C2E10-695B-4A43-9878-80109372A96E} 2012-05-06 08:29:46 -------- d-----w- c:\users\ariya\appdata\local\{D9651F86-7A68-4D29-AD86-EDA0C3DB8CAC} 2012-05-05 23:28:31 0 --sha-w- c:\windows\system32\dds_trash_log.cmd 2012-05-05 23:28:26 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-05 21:58:05 -------- d-----w- c:\users\ariya\appdata\local\{F1208264-1248-4679-9FA9-AE063CE3F95A} 2012-05-05 21:57:53 -------- d-----w- c:\users\ariya\appdata\local\{A3F1BC28-D34E-4003-B376-C2F57D57662E} 2012-05-05 10:07:57 -------- d-----w- c:\users\ariya\appdata\local\{E850923D-B67C-4B02-8388-67009D2C68B8} 2012-05-05 10:07:41 -------- d-----w- c:\users\ariya\appdata\local\{AF521640-C121-44DE-BFBA-AE8D9DED5D5C} 2012-05-04 15:49:17 -------- d-----w- c:\users\ariya\appdata\local\{0CF04481-1AC8-418C-9C4B-244B8349B598} 2012-05-04 15:49:00 -------- d-----w- c:\users\ariya\appdata\local\{A793C59B-E656-4B86-9975-0DD84C98DCE1} 2012-05-03 15:33:33 -------- d-----w- c:\users\ariya\appdata\local\{CB756D30-D079-4AE1-AA69-E1512AC36B0D} 2012-05-03 15:33:20 -------- d-----w- c:\users\ariya\appdata\local\{2D28E324-9CAF-41EB-8E5E-3DBB0CABDFED} 2012-05-02 18:47:17 -------- d-----w- c:\users\ariya\appdata\local\{5619EDD7-562E-47DD-9250-63B6A93A6CA4} 2012-05-02 18:47:06 -------- d-----w- c:\users\ariya\appdata\local\{D769BD59-BF8F-4610-A1D0-919A8FDA830C} 2012-05-01 16:24:49 -------- d-----w- c:\users\ariya\appdata\roaming\LolClient 2012-05-01 15:13:05 -------- d-----w- c:\users\ariya\appdata\local\{14AECAC7-4434-4D64-A6C4-8211D14D260F} 2012-05-01 15:12:51 -------- d-----w- c:\users\ariya\appdata\local\{4A98DA7F-3669-4148-81F1-41C1FE7B5072} 2012-04-30 21:53:24 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll 2012-04-30 21:53:24 509448 ----a-w- c:\windows\system32\XAudio2_2.dll 2012-04-30 21:53:24 467984 ----a-w- c:\windows\system32\d3dx10_39.dll 2012-04-30 21:53:24 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll 2012-04-30 21:53:24 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll 2012-04-30 21:50:19 -------- d-----w- C:\Riot Games 2012-04-30 21:05:30 -------- d-----w- c:\users\ariya\appdata\local\PMB Files 2012-04-30 21:05:29 -------- d-----w- c:\programdata\PMB Files 2012-04-30 21:05:17 -------- d-----w- c:\program files\Pando Networks 2012-04-30 20:49:57 -------- d-----w- c:\users\ariya\appdata\local\{1DCB7A99-5FC7-46CA-9417-1AECA9F2C602} 2012-04-30 20:49:39 -------- d-----w- c:\users\ariya\appdata\local\{DA64DFE1-5F32-4C3C-9285-E33E89F6845F} 2012-04-29 10:19:46 -------- d-----w- c:\users\ariya\appdata\local\{78579D77-DA73-4369-81E9-8F037AC619B3} 2012-04-29 10:19:32 -------- d-----w- c:\users\ariya\appdata\local\{BAD46870-F7EE-4550-917A-3AE412514140} 2012-04-28 17:07:40 -------- d-----w- c:\users\ariya\appdata\local\{66A26ADC-A33F-4328-9247-6EFF46CFD3D5} 2012-04-28 17:07:17 -------- d-----w- c:\users\ariya\appdata\local\{2F32907E-C7A8-472E-BB3B-5FD09FAF499E} 2012-04-27 19:20:52 -------- d-----w- c:\users\ariya\appdata\local\{E4DC4BC2-EEF3-4725-9660-29C5D6F650C5} 2012-04-27 19:20:39 -------- d-----w- c:\users\ariya\appdata\local\{E70989F3-D23A-4411-8BC2-185046B953E3} 2012-04-26 17:59:19 -------- d-----w- c:\users\ariya\appdata\local\{66551C86-D07B-4372-B619-8FD6CDF5B433} 2012-04-26 17:59:06 -------- d-----w- c:\users\ariya\appdata\local\{DA3C227C-ED97-457E-9BDB-638FBF0A923A} 2012-04-25 16:16:18 -------- d-----w- c:\users\ariya\appdata\local\{2C40B425-2E08-4C58-81CB-D6372E8F2D31} 2012-04-25 16:16:01 -------- d-----w- c:\users\ariya\appdata\local\{5193273A-E37F-4CEB-90AB-D149A6D49576} 2012-04-24 19:58:50 -------- d-----w- c:\users\ariya\appdata\local\{678866A6-C6B8-44EF-BF9F-98F0F39A7A7A} 2012-04-24 19:58:35 -------- d-----w- c:\users\ariya\appdata\local\{65C30C1C-72B7-4CB4-9F32-6A181F915FB3} 2012-04-23 14:51:37 -------- d-----w- c:\users\ariya\appdata\local\{D3EA5405-C14D-48D5-993D-77B31E3E2503} 2012-04-23 14:51:24 -------- d-----w- c:\users\ariya\appdata\local\{A904C416-6BB1-45FE-AE54-58DF7C029F64} 2012-04-22 15:35:55 -------- d-----w- c:\users\ariya\appdata\local\{5E06A41B-57E1-4CA1-86B1-D8B04401860D} 2012-04-22 15:35:37 -------- d-----w- c:\users\ariya\appdata\local\{0EF008EA-92FC-4D78-9F64-83556CDAB6D4} 2012-04-21 10:06:09 -------- d-----w- c:\users\ariya\appdata\local\{9A1737FD-007A-49E7-A9B5-F268F3D295D3} 2012-04-21 10:05:56 -------- d-----w- c:\users\ariya\appdata\local\{A663394F-5F1F-4738-AD60-74C25DC587D4} 2012-04-20 20:07:05 -------- d-----w- c:\users\ariya\appdata\local\{569AD7BE-6DAB-47B3-B129-1D977BBB7E53} 2012-04-20 20:06:51 -------- d-----w- c:\users\ariya\appdata\local\{C08B9172-4AB6-4A95-A621-D03E7502090F} 2012-04-20 19:34:26 -------- d-----w- c:\users\ariya\appdata\local\{A74DC77F-54BC-438F-BE7D-93D5B3900F3F} 2012-04-20 19:34:14 -------- d-----w- c:\users\ariya\appdata\local\{C28B479A-8396-4916-B8B4-F9ADA39E395A} 2012-04-19 15:34:09 -------- d-----w- c:\users\ariya\appdata\local\{D0308067-965B-46F4-BA0D-CC1A3DA40FB8} 2012-04-19 15:33:50 -------- d-----w- c:\users\ariya\appdata\local\{C5A7D9E8-981D-487F-9250-D94B7D1502C4} 2012-04-19 03:50:26 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2012-04-18 17:58:47 -------- d-----w- c:\users\ariya\appdata\local\{A0ABF289-76DB-4E0B-A2A6-19F9417970CE} 2012-04-18 17:58:29 -------- d-----w- c:\users\ariya\appdata\local\{1B63D34E-4219-4BFB-BB44-0DA3E7E933AA} 2012-04-17 14:43:01 -------- d-----w- c:\users\ariya\appdata\local\{456F586D-91C4-4C1A-806B-3A7A3A500731} 2012-04-17 14:42:49 -------- d-----w- c:\users\ariya\appdata\local\{CAF030CE-56AA-4328-95CE-D52C9C6DAB84} 2012-04-16 19:45:52 -------- d-----w- c:\users\ariya\appdata\local\{88A16200-463C-491B-9555-258031D6D8BA} 2012-04-16 19:45:40 -------- d-----w- c:\users\ariya\appdata\local\{F20AF46B-BE86-4117-BD26-19746177E777} 2012-04-15 12:57:46 -------- d-----w- c:\users\ariya\appdata\local\{1E46989A-C42B-4F77-B3CE-79DEF9938711} 2012-04-15 12:57:34 -------- d-----w- c:\users\ariya\appdata\local\{AA34E097-F0B4-4284-BB29-476105E75659} 2012-04-14 22:23:16 -------- d-----w- c:\users\ariya\appdata\local\{EDCE1BC3-4CC5-4604-AA9C-0FD78BE9FAF3} 2012-04-14 22:23:03 -------- d-----w- c:\users\ariya\appdata\local\{2F91A007-1FDD-4AF1-8A8D-A6F6192F9090} 2012-04-14 15:06:33 -------- d-----w- c:\users\ariya\appdata\local\{FCB99D93-4400-477C-8388-3B1A9D7FF99B} 2012-04-14 15:06:17 -------- d-----w- c:\users\ariya\appdata\local\{870CB96D-E90D-4191-A60A-371F8148F302} 2012-04-14 13:32:27 -------- d-----w- c:\users\ariya\PwnXileHD 2012-04-14 13:13:03 -------- d-----w- c:\users\ariya\appdata\local\{F4EEC25A-F677-48EB-B626-41B3AA7F6DCD} 2012-04-14 13:12:47 -------- d-----w- c:\users\ariya\appdata\local\{8521045B-891C-4411-9181-586A8A98BE86} 2012-04-14 02:24:52 -------- d-----w- c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A} 2012-04-14 02:24:01 -------- d-----w- c:\windows\system32\appmgmt 2012-04-13 14:35:32 -------- d-----w- c:\users\ariya\appdata\local\{32DF2CE5-6084-4E98-99DE-053B980DEE38} 2012-04-13 14:35:18 -------- d-----w- c:\users\ariya\appdata\local\{E63597E5-3223-40B0-8813-45D87F152900} 2012-04-13 02:08:01 -------- d-----w- c:\users\ariya\appdata\local\{AD2E601A-39F3-41D4-95C2-961D92638936} 2012-04-13 02:07:25 -------- d-----w- c:\users\ariya\appdata\local\{16EE44AB-CDEB-4992-9C0E-6603B772CEC8} 2012-04-12 15:32:25 -------- d-----w- c:\users\ariya\appdata\local\{C1621D9B-8779-42A5-84D0-DCD73B5ECCA5} 2012-04-12 15:32:12 -------- d-----w- c:\users\ariya\appdata\local\{0BE73C1A-9967-4194-8749-C40D4A065E2C} 2012-04-11 16:19:32 -------- d-----w- c:\users\ariya\appdata\local\{B66D043C-424B-4944-A4C3-E53E04089935} 2012-04-11 16:19:21 -------- d-----w- c:\users\ariya\appdata\local\{F1ADB503-FE11-4800-85DC-D3E4A6A7567A} 2012-04-11 16:16:40 -------- d-----w- c:\users\ariya\appdata\local\{6BCD0C81-3CA1-42BD-A604-FE61ECCC1847} 2012-04-11 11:27:28 -------- d-----w- c:\users\ariya\appdata\local\{2E718E14-E385-4A4F-8891-C70E7B1C0F1A} 2012-04-11 11:27:16 -------- d-----w- c:\users\ariya\appdata\local\{E1C97042-D154-4714-BC12-1DCFF9175426} 2012-04-10 15:53:31 -------- d-----w- c:\users\ariya\appdata\local\{CF92AE4A-3664-4175-962E-B6851DAA943C} 2012-04-10 15:53:19 -------- d-----w- c:\users\ariya\appdata\local\{50C6711D-C833-4BC8-BFD3-F08F78D68399} 2012-04-10 15:51:35 -------- d-----w- c:\users\ariya\appdata\local\{18A88A12-3B04-4F07-BF0B-9DAE566468FB} 2012-04-10 15:51:23 -------- d-----w- c:\users\ariya\appdata\local\{F246B0BA-AE09-4B07-80F5-EFC52EAAB154} 2012-04-10 13:35:52 -------- d-----w- c:\users\ariya\appdata\local\{D9E9A2B9-C4A1-43CF-B3D3-3D732BFA9BBF} 2012-04-10 13:35:40 -------- d-----w- c:\users\ariya\appdata\local\{48B7DA48-C77E-4CFB-8900-D48338FBC17C} 2012-04-09 20:15:19 -------- d-----w- c:\users\ariya\appdata\local\{29EB0134-A781-4393-BF78-EBA9EFB03931} 2012-04-09 20:15:07 -------- d-----w- c:\users\ariya\appdata\local\{B40E6705-2ECA-4269-9719-F92F8FB55F0C} 2012-04-09 19:28:28 -------- d-----w- c:\users\ariya\appdata\local\{C68D5361-B5E5-4C81-9B69-C5057C97818F} 2012-04-09 19:28:14 -------- d-----w- c:\users\ariya\appdata\local\{84C66F07-8E17-48D8-9414-8AF4D571D93A} 2012-04-08 10:59:53 -------- d-----w- c:\users\ariya\appdata\local\{C33C9AD7-1DCD-44FA-9883-439C8141D83D} 2012-04-08 10:59:39 -------- d-----w- c:\users\ariya\appdata\local\{0E7AA9AB-9F0A-4597-8658-52D6491C8987} 2012-04-07 11:08:12 -------- d-----w- c:\users\ariya\appdata\local\{1F1EE7E5-3E28-4C0F-9B12-9C9D2867AE29} 2012-04-07 11:07:51 -------- d-----w- c:\users\ariya\appdata\local\{24E75807-D61A-4103-943A-A4739A687A9C} . ==================== Find3M ==================== . 2012-05-05 23:28:26 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-02 19:35:30 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-19 04:17:28 301248 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2012-02-22 04:25:32 235216 ----a-w- c:\windows\system32\drivers\avgldx86.sys . ============= FINISH: 16:01:10.74 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.