Jump to content

phyrephreak2008

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi, I'm receiving this message: 'Malwarebytes' Anti-Malware has successfully blocked access to malicious IP: 66.150.14.111 or something like that i am currently doing a sweep with ad-aware and everytime i scan with malwarebytes i get nothing so please help its starting to drive me mad and plus is affecting my youtube making it so that i have to maximize my video player every video please help me tell me if im infected or something . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Demyx at 22:37:35 on 2012-05-14 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3561.472 [GMT -4:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} AV: AVG Anti-Virus 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bluetooth Suite\adminservice.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Program Files (x86)\AVG\AVG2012\avgemca.exe C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\AVG\AVG2012\avgui.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\AUDIODG.EXE C:\Windows\ehome\mcupdate.EXE C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\Demyx\Downloads\VisualBoyAdvance-1.8.0-beta3\VisualBoyAdvance.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskmgr.exe C:\Windows\ehome\ehsched.exe C:\Windows\eHome\EhTray.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://xfinity.comcast.net/?cid=insDate02052012 uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe, BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll BHO: {1036AD63-AEAC-460B-9060-C96005D4DC86} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\IPS\IPSBHO.DLL BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [Google Update] "C:\Users\Demyx\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 mRun: [intel AppUp(SM) center Systray] "C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe" --domain F0399437-FD0C-4A48-B101-F0314A6172E4 --openmode trayicon mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" StartupFolder: C:\Users\Demyx\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe StartupFolder: C:\Users\Demyx\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUDIBL~1.LNK - C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 75.75.76.76 75.75.75.75 TCP: Interfaces\{67F36A91-4EFF-4F2B-AE24-7B9F8E3D6A59} : DhcpNameServer = 75.75.76.76 75.75.75.75 TCP: Interfaces\{67F36A91-4EFF-4F2B-AE24-7B9F8E3D6A59}\0757467656 : DhcpNameServer = 10.0.0.1 TCP: Interfaces\{67F36A91-4EFF-4F2B-AE24-7B9F8E3D6A59}\2416B65627 : DhcpNameServer = 10.8.32.15 158.80.1.42 158.80.1.142 TCP: Interfaces\{67F36A91-4EFF-4F2B-AE24-7B9F8E3D6A59}\E49636567596C6C6F677D27657563747 : DhcpNameServer = 75.75.76.76 75.75.75.75 TCP: Interfaces\{EE9C52F3-DCA7-4C86-87D4-7C0B3742E3EB} : DhcpNameServer = 68.87.66.252 68.87.64.248 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll BHO-X64: 0x1 - No File BHO-X64: {1036AD63-AEAC-460B-9060-C96005D4DC86} - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll BHO-X64: Norton Identity Protection - No File BHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll BHO-X64: AMD SteadyVideo BHO - No File BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\IPS\IPSBHO.DLL BHO-X64: Norton Vulnerability Protection - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll BHO-X64: IESpeakDoc - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe mRun-x64: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 mRun-x64: [intel AppUp(SM) center Systray] "C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe" --domain F0399437-FD0C-4A48-B101-F0314A6172E4 --openmode trayicon mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?] R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?] R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?] R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928] R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?] R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?] R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120507.001\BHDrvx64.sys [2012-5-8 1160824] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?] R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\system32\drivers\btath_avdt.sys --> C:\Windows\system32\drivers\btath_avdt.sys [?] R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?] R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?] R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?] R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?] R3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?] R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1307000.009\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1307000.009\ccSetx64.sys [?] R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-4-7 138360] R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120511.001\IDSviA64.sys [2012-5-12 488568] R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2012-4-22 17152] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] . =============== Created Last 30 ================ . 2012-05-14 19:29:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{A1334931-BA8E-4F94-A660-D9DA5D647CFC} 2012-05-14 19:29:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{440A544B-E046-47D3-BDFF-7A48F1DBD8B6} 2012-05-14 19:29:17 -------- d-----w- C:\Users\Demyx\AppData\Local\{F0FFA090-E15D-4B2B-B013-F067C74F68D3} 2012-05-14 19:29:03 -------- d-----w- C:\Users\Demyx\AppData\Local\{A836A342-9376-49D7-B7DC-C5787A96A23F} 2012-05-14 16:44:03 -------- d--h--w- C:\$AVG 2012-05-14 16:09:13 -------- d-----w- C:\Users\Demyx\AppData\Roaming\AVG2012 2012-05-14 16:07:17 -------- d-----w- C:\Windows\SysWow64\drivers\AVG 2012-05-14 16:01:09 -------- d-----w- C:\Windows\System32\drivers\AVG 2012-05-14 16:01:09 -------- d-----w- C:\ProgramData\AVG2012 2012-05-14 15:59:41 -------- d-----w- C:\Program Files (x86)\AVG 2012-05-14 15:55:15 -------- d--h--w- C:\ProgramData\Common Files 2012-05-14 15:54:48 -------- d-----w- C:\ProgramData\MFAData 2012-05-14 07:28:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{D9A3D10D-B090-46C4-8D7E-02FCD0AB756C} 2012-05-14 07:28:08 -------- d-----w- C:\Users\Demyx\AppData\Local\{6E5C05F0-8221-4EBF-A837-A9935551F6FF} 2012-05-14 07:27:57 -------- d-----w- C:\Users\Demyx\AppData\Local\{388090E9-FB50-47D6-A115-962D54A1EF3C} 2012-05-14 07:27:44 -------- d-----w- C:\Users\Demyx\AppData\Local\{DA170A9C-A7B8-4B90-9811-37F489E41D32} 2012-05-13 19:26:07 -------- d-----w- C:\Users\Demyx\AppData\Local\{C8573169-3603-4D62-BBA9-F2D203BA082A} 2012-05-13 19:25:36 -------- d-----w- C:\Users\Demyx\AppData\Local\{D2C965C8-2AF4-4C78-8172-22DF3740A867} 2012-05-13 16:24:27 16432 ----a-w- C:\Windows\System32\lsdelete.exe 2012-05-13 07:19:46 -------- d-----w- C:\Users\Demyx\AppData\Local\{3A7F7304-47BB-426B-8BD0-7F2C1DF7F1FA} 2012-05-13 07:19:28 -------- d-----w- C:\Users\Demyx\AppData\Local\{9FBA19F1-2D3E-4F23-921B-26AD0CDC6262} 2012-05-12 19:19:02 -------- d-----w- C:\Users\Demyx\AppData\Local\{7F26E1F6-C8E4-49C9-BCE8-8D2576BCFD9D} 2012-05-12 19:18:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{2B530271-3AC7-4E9D-AC0B-07AFDE5B08EE} 2012-05-12 07:17:01 -------- d-----w- C:\Users\Demyx\AppData\Local\{76841504-B96C-45AB-BFA5-7B9A3FA4281F} 2012-05-12 07:16:35 -------- d-----w- C:\Users\Demyx\AppData\Local\{C8B9CB4E-CC4C-488D-9FBE-FD4E4A0FEAD9} 2012-05-11 19:16:17 -------- d-----w- C:\Users\Demyx\AppData\Local\{9FA6875A-48A0-470A-95FB-08971A87F622} 2012-05-11 19:16:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{D7AE6B39-DAE8-498C-9EB5-3B396A2299C0} 2012-05-11 07:15:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{3B8EA98C-BC0D-4619-BB19-8664055BB7BD} 2012-05-11 07:15:37 -------- d-----w- C:\Users\Demyx\AppData\Local\{BEC762CB-A5B7-4C5B-8503-A72866F8DCA8} 2012-05-10 19:21:51 -------- d-----w- C:\Users\Demyx\AppData\Roaming\.minecraft 2012-05-10 19:14:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{25A359B3-5115-4237-A61F-C212971544F8} 2012-05-10 19:14:38 -------- d-----w- C:\Users\Demyx\AppData\Local\{2F93A7FE-A667-4DA7-B19F-8E49A73E8423} 2012-05-10 19:14:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{604ACE81-AB18-4BDC-88C7-FD484478F545} 2012-05-10 19:13:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{8F19188A-53E1-4421-A4D9-1CFF99A7BD34} 2012-05-10 14:27:30 -------- d-----w- C:\Users\Demyx\AppData\Local\WinZip 2012-05-10 14:03:25 137000 ----a-w- C:\Windows\SysWow64\MSMAPI32.OCX 2012-05-10 14:03:24 87040 ----a-w- C:\Windows\System32\pdfcmnnt.dll 2012-05-10 14:03:21 23552 ----a-w- C:\Windows\SysWow64\MSMPIDE.DLL 2012-05-10 14:03:20 -------- d-----w- C:\Program Files (x86)\PDFCreator 2012-05-10 14:03:01 -------- d-----w- C:\Program Files (x86)\PricePeep 2012-05-10 14:02:38 -------- d-----w- C:\Users\Demyx\AppData\Local\Wajam 2012-05-10 14:02:32 -------- d-----w- C:\Program Files (x86)\Wajam 2012-05-10 14:02:14 -------- d-----w- C:\Program Files\PrivacySafeGuard 2012-05-10 14:01:56 -------- d-----w- C:\Program Files (x86)\Yontoo 2012-05-10 14:01:52 -------- d-----w- C:\ProgramData\Tarma Installer 2012-05-10 13:58:08 -------- d-----w- C:\Users\Demyx\AppData\Roaming\DAEMON Tools Lite 2012-05-10 13:56:33 -------- d-----w- C:\ProgramData\DAEMON Tools Lite 2012-05-10 13:50:53 -------- d-----w- C:\Users\Demyx\AppData\Roaming\DAEMON Tools Pro 2012-05-10 13:49:53 -------- d-----w- C:\ProgramData\DAEMON Tools Pro 2012-05-10 04:48:34 -------- d-----w- C:\Users\Demyx\AppData\Local\{839B19D4-F958-4E98-8B74-1922777F37F8} 2012-05-10 04:48:24 -------- d-----w- C:\Users\Demyx\AppData\Local\{96D07156-9928-4FD6-A605-27F80270F7F2} 2012-05-10 04:48:03 -------- d-----w- C:\Users\Demyx\AppData\Local\{929F4F3D-3911-473C-A937-44A86AE36655} 2012-05-09 16:47:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{451A71E3-1AD2-4DF8-AFE8-67865AD32517} 2012-05-09 16:47:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{ADE9BC15-79D4-4791-8B87-8F10D70BFE68} 2012-05-09 16:47:29 -------- d-----w- C:\Users\Demyx\AppData\Local\{E5A246C7-FDE1-4853-8C2C-D8A32BF03952} 2012-05-09 16:47:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{0F2ABD84-9836-4406-A522-8AF1C5A7F9C9} 2012-05-09 15:22:13 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-05-09 07:07:45 -------- d-sh--w- C:\Windows\System32\%APPDATA% 2012-05-09 07:03:46 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA% 2012-05-09 04:46:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{B893594B-D352-46DD-B862-FA7A68A06D15} 2012-05-09 04:46:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{49CFCA07-A200-44F8-B662-F7F608A572D1} 2012-05-09 04:46:32 -------- d-----w- C:\Users\Demyx\AppData\Local\{1F103556-10B0-4702-886D-35EB03A0FD9B} 2012-05-09 04:46:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{36ECC975-F653-4001-AF6D-0A6E91CD3124} 2012-05-08 19:00:43 1544704 ----a-w- C:\Windows\System32\DWrite.dll 2012-05-08 19:00:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-05-08 19:00:40 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-08 19:00:39 3146240 ----a-w- C:\Windows\System32\win32k.sys 2012-05-08 19:00:38 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-08 19:00:38 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-08 19:00:07 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2012-05-08 18:59:53 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-05-08 18:59:50 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-08 18:59:50 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-08 16:46:07 -------- d-----w- C:\Users\Demyx\AppData\Local\{6857868F-6AC7-4687-882B-B42A90F4162F} 2012-05-08 16:45:56 -------- d-----w- C:\Users\Demyx\AppData\Local\{4EC73978-A238-4A57-87D7-6B965AAEC2C8} 2012-05-08 16:45:47 -------- d-----w- C:\Users\Demyx\AppData\Local\{E28F463A-A279-4C28-9EB5-BDFC6F465418} 2012-05-08 16:45:36 -------- d-----w- C:\Users\Demyx\AppData\Local\{77F790EB-B64B-4C47-A628-98055381AE16} 2012-05-08 04:45:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{4641EA0E-4BFD-411C-A9B1-E9B9D5F5D294} 2012-05-08 04:44:56 -------- d-----w- C:\Users\Demyx\AppData\Local\{F0F24B8D-8A80-42C1-8B99-304273ABFB36} 2012-05-08 04:44:44 -------- d-----w- C:\Users\Demyx\AppData\Local\{D277B4B7-7A25-4406-91DC-4CF7951E098D} 2012-05-08 04:44:31 -------- d-----w- C:\Users\Demyx\AppData\Local\{9C43978F-A172-4222-A92E-41D56C93B351} 2012-05-07 16:44:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{B3446AFA-77B4-4C44-B617-B14124D91591} 2012-05-07 16:44:08 -------- d-----w- C:\Users\Demyx\AppData\Local\{CB272766-61A6-4DA7-9DA2-44D83CF52A78} 2012-05-07 16:43:58 -------- d-----w- C:\Users\Demyx\AppData\Local\{9600590C-335B-492A-95FC-6615234B9CD6} 2012-05-07 16:43:47 -------- d-----w- C:\Users\Demyx\AppData\Local\{CDD6D7BC-B8C6-4125-8F6A-E6B0208FCE5C} 2012-05-07 04:43:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{215B4932-A1EE-441B-BC89-F25542548BD2} 2012-05-07 04:43:23 -------- d-----w- C:\Users\Demyx\AppData\Local\{64A8C5C4-A6F9-4933-8B46-C4854F5745D2} 2012-05-07 04:43:13 -------- d-----w- C:\Users\Demyx\AppData\Local\{AD723E7E-C84C-4CE5-BD6C-CB618341B4FF} 2012-05-07 04:43:02 -------- d-----w- C:\Users\Demyx\AppData\Local\{D7477B4C-32ED-4413-A5C6-40E1E75F9E75} 2012-05-06 16:42:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{D16EB94D-B9C4-4654-9599-56B04927F0C4} 2012-05-06 16:42:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{41902ED0-AC9D-4F58-9AF5-130B4394D5B2} 2012-05-06 16:42:28 -------- d-----w- C:\Users\Demyx\AppData\Local\{81385381-4807-4774-8F40-545A0808A0BD} 2012-05-06 16:42:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{284EBC90-08CC-4FDD-8911-DF7A308494D1} 2012-05-06 04:42:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{3A73CEAF-EFD1-4610-B190-2DED6549F0A2} 2012-05-06 04:41:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{CC51F412-1071-4372-8B04-22432CB13F7F} 2012-05-06 04:41:36 -------- d-----w- C:\Users\Demyx\AppData\Local\{5D11D48D-2FE1-4ADF-B447-85A0DF8ED33F} 2012-05-06 04:41:24 -------- d-----w- C:\Users\Demyx\AppData\Local\{9889D904-281C-4529-960F-5D0A95E02BB1} 2012-05-05 16:41:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{F2274B87-3019-4234-8CCD-7729CF049A76} 2012-05-05 16:41:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{C3129DD6-130F-4B36-BCE1-CCE8D49F3F46} 2012-05-05 16:40:50 -------- d-----w- C:\Users\Demyx\AppData\Local\{BA66B652-0BBC-4512-9C9B-938660C2ED78} 2012-05-05 16:40:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{2204355E-3288-449A-B605-A0748A3C162A} 2012-05-05 04:40:26 -------- d-----w- C:\Users\Demyx\AppData\Local\{0C3D572F-814C-4D74-8902-8EF326E542E0} 2012-05-05 04:40:16 -------- d-----w- C:\Users\Demyx\AppData\Local\{885BEEBB-499B-49F7-A127-4873B8CD3B6E} 2012-05-05 04:40:05 -------- d-----w- C:\Users\Demyx\AppData\Local\{36445122-DBD4-4382-9A1F-5472CBB775E8} 2012-05-04 16:39:25 -------- d-----w- C:\Users\Demyx\AppData\Local\{7F4E3E60-117F-450E-8248-E974483DE06F} 2012-05-04 16:38:57 -------- d-----w- C:\Users\Demyx\AppData\Local\{12A61E7B-39B6-43AC-B33E-9E0A9114F2B7} 2012-05-04 10:57:35 -------- d-----w- C:\Users\Demyx\AppData\Local\{BB916F87-AEA3-4186-8FBB-5384BAA795AF} 2012-05-04 10:51:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{BC593CF6-1EEE-4152-9EAC-B57F698E6E9D} 2012-05-03 22:51:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{62AAF4FF-AA0A-4EF5-A055-E86B80BDED56} 2012-05-03 22:50:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{1C763580-B92A-4B10-9DEC-A86790C4A5BC} 2012-05-03 22:50:44 -------- d-----w- C:\Users\Demyx\AppData\Local\{49B02279-5B13-49E9-9EAB-9EC833089468} 2012-05-03 22:50:30 -------- d-----w- C:\Users\Demyx\AppData\Local\{F51FDE34-E410-414D-8097-9B0D2FCC408E} 2012-05-03 22:50:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{53BB17D1-E5E3-47C6-A3F9-9E07611D58BC} 2012-05-03 10:49:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{C59FD62D-05E7-4BFA-BB90-698BEAC5E3B8} 2012-05-03 10:49:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{DAF0F4F4-53A4-4A92-BD43-F6715919D5B7} 2012-05-03 10:49:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{0F849FFC-9380-478D-9334-BAD47B1C009C} 2012-05-03 10:49:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{F0B6BF73-732A-4134-BF5A-AEF1839A44DA} 2012-05-03 05:11:56 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll 2012-05-03 05:11:39 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2012-05-03 05:11:29 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2012-05-03 05:11:25 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2012-05-02 22:48:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{A905842C-619B-4DAA-8D34-56E977E15585} 2012-05-02 22:48:40 -------- d-----w- C:\Users\Demyx\AppData\Local\{DA1F5EDF-CBB4-4858-8705-3AA8A9B1E521} 2012-05-02 21:05:08 -------- d-----w- C:\Users\Demyx\AppData\Local\Xfinity.com 2012-05-02 18:48:50 -------- d-----w- C:\Users\Demyx\AppData\Local\{52769A47-358E-4574-9ABB-4A2288AA580A} 2012-05-02 16:36:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{DB7D82CF-6BC8-4107-80F3-8CC3350C9C52} 2012-05-02 10:52:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{89649BFB-0A86-480F-A556-CE4F20A3BD19} 2012-05-02 10:49:23 -------- d-----w- C:\Users\Demyx\AppData\Local\{70484D52-CE16-4B8F-8BDF-DAFB23C69A51} 2012-05-01 22:49:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{AB5BAE97-2284-4B48-BAFE-E9C27702F20A} 2012-05-01 22:48:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{375F2271-01EC-4287-8E43-F8A0DF76061D} 2012-05-01 22:48:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{A36D9145-15DB-4F64-ABEB-8CB971FAF2B8} 2012-05-01 18:48:50 -------- d-----w- C:\Users\Demyx\AppData\Local\{217B9F1D-A781-41AB-8798-FFBF6DF6D469} 2012-05-01 10:55:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{ABF8B9CA-6514-4CDB-90D3-D274EA99F0D1} 2012-05-01 10:52:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{7E67C96A-C307-4F43-9665-5AE9583701EA} 2012-05-01 10:48:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{6431E5BF-8BDD-4B33-B6F2-ABA29AE8A6C3} 2012-04-30 23:00:16 82944 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPP9D.DLL 2012-04-30 23:00:16 27648 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPD9D.DLL 2012-04-30 22:59:54 279040 ----a-w- C:\Windows\System32\CNMLM9D.DLL 2012-04-30 22:59:51 92672 ----a-w- C:\Windows\System32\CNC620I.DLL 2012-04-30 22:59:51 293888 ----a-w- C:\Windows\System32\CNC620L.DLL 2012-04-30 22:59:51 229888 ----a-w- C:\Windows\System32\CNC620O.DLL 2012-04-30 22:59:51 1354240 ----a-w- C:\Windows\System32\CNC620C.DLL 2012-04-30 22:07:20 -------- d-----w- C:\Users\Demyx\AppData\Local\{6B88EC67-CC26-4338-9092-0FA7B3A2F00A} 2012-04-30 22:07:07 -------- d-----w- C:\Users\Demyx\AppData\Local\{CE3FF77D-F103-4FD8-A546-050E19B15C53} 2012-04-30 18:43:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{90A1051C-660D-4CFA-A8AF-5943730269A0} 2012-04-30 14:22:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{1BDC2C15-AEF9-480C-89A1-6D5EC3B1CA90} 2012-04-29 21:03:58 -------- d-----w- C:\Users\Demyx\AppData\Local\{2F4E9815-9AB5-4987-9C34-3D00F9FFE948} 2012-04-29 21:03:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{332D7D9D-CE75-47B6-AAEE-F2205E7EDE0D} 2012-04-29 09:07:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{1D1989B2-3FC0-40FA-BC3D-436718646505} 2012-04-29 09:04:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{451C3E06-956A-4AF2-8F93-752B86A8C215} 2012-04-28 21:03:53 -------- d-----w- C:\Users\Demyx\AppData\Local\{99316C63-4EAC-42D0-8717-D9E1A3A6FD7B} 2012-04-28 21:03:40 -------- d-----w- C:\Users\Demyx\AppData\Local\{28E98E46-99DE-4F89-91A9-67AD5AEA5A35} 2012-04-28 09:15:03 -------- d-----w- C:\Users\Demyx\AppData\Local\{67CA83C5-B4B1-41DB-B2C3-2236A4363FBD} 2012-04-28 09:07:26 -------- d-----w- C:\Users\Demyx\AppData\Local\{51908CF7-0503-4CC6-ADC6-DC2AC579A6B7} 2012-04-27 21:07:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{874CC700-A1B3-4A02-85F3-D8D962C1D69C} 2012-04-27 21:07:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{1AFDD7BA-0783-4465-BAC4-D87E2BEEA2BE} 2012-04-27 21:06:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{F18F5C71-7169-4E53-AC86-E0DD3FECC9D5} 2012-04-27 21:06:37 -------- d-----w- C:\Users\Demyx\AppData\Local\{87672E33-5694-457C-99DC-3B2EED8A51AA} 2012-04-27 09:06:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{B199A96D-052E-4606-8DDE-7181DAE19566} 2012-04-27 09:06:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{D889AE72-D202-4647-8A43-15FF584069BC} 2012-04-27 09:05:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{66FD4498-D0D3-4377-BB78-6F0B2899D60B} 2012-04-27 09:05:47 -------- d-----w- C:\Users\Demyx\AppData\Local\{DECA59E9-42F1-422E-8549-6BE01E354DA9} 2012-04-26 21:05:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{E6507184-2DB5-403D-8C8C-07BF1A223229} 2012-04-26 21:05:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{2FE363AC-B2C9-4A37-9537-892CAA00BAC4} 2012-04-26 21:05:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{3FD35FB9-552E-420E-A606-62B10326CF61} 2012-04-26 21:04:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{5E95CD9A-29F0-4A18-A5F5-1C2BF8805D7B} 2012-04-26 09:04:44 -------- d-----w- C:\Users\Demyx\AppData\Local\{76F1D76F-7CA7-4624-8634-2314A1C4BB1A} 2012-04-26 09:04:32 -------- d-----w- C:\Users\Demyx\AppData\Local\{6B1D5FBA-32FD-42F8-BDA8-50245A294CC0} 2012-04-26 09:04:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{59C2E6BD-1283-4677-BCA8-A5370F27D21C} 2012-04-26 09:04:08 -------- d-----w- C:\Users\Demyx\AppData\Local\{9E195217-26BC-4228-ABB4-F5D712DBCEA3} 2012-04-25 21:03:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{9F2ABA51-237F-4A93-B76E-46E66984E1D0} 2012-04-25 21:03:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{400623D6-5185-4721-A02E-29F8020F5003} 2012-04-25 09:03:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{9C084ADC-1E66-4F03-9642-56C232E3CBFE} 2012-04-25 09:03:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{F793E6B7-BF05-4BD9-AE9B-3FAD1E2F1109} 2012-04-25 09:02:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{7FD2D151-F4FB-4912-82D9-E2ACDC9E3776} 2012-04-25 09:02:36 -------- d-----w- C:\Users\Demyx\AppData\Local\{87F33B53-1AEE-448D-BD43-27F7767C0449} 2012-04-24 21:02:05 -------- d-----w- C:\Users\Demyx\AppData\Local\{2F1F749A-9212-449C-AC77-81A87542FAC9} 2012-04-24 21:01:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{B13D0550-87B8-4A90-9E49-4B1379FF1960} 2012-04-24 21:01:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{44C9B653-E237-4069-B567-F118FA327546} 2012-04-24 21:01:29 -------- d-----w- C:\Users\Demyx\AppData\Local\{5B215AA5-A38D-455F-821E-F146F3EB66E8} 2012-04-24 09:01:14 -------- d-----w- C:\Users\Demyx\AppData\Local\{8B1095F3-6F90-4355-91F8-861A30233F32} 2012-04-24 09:01:03 -------- d-----w- C:\Users\Demyx\AppData\Local\{2195C883-6895-425A-9696-A7D709B5C73B} 2012-04-24 09:00:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{8FC3579E-8319-4031-B6F8-1A5C4189466D} 2012-04-24 09:00:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{929E99FF-3F4A-4A2A-AC18-5EEB6B99A3C1} 2012-04-24 00:02:30 737912 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\srtsp64.sys 2012-04-24 00:02:30 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1307000.009\symds64.sys 2012-04-24 00:02:30 405624 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\symnets.sys 2012-04-24 00:02:30 37496 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\srtspx64.sys 2012-04-24 00:02:30 190072 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\ironx64.sys 2012-04-24 00:02:30 167048 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\ccsetx64.sys 2012-04-24 00:02:30 1092728 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\symefa64.sys 2012-04-24 00:02:07 -------- d-----w- C:\Windows\System32\drivers\NISx64\1307000.009 2012-04-23 21:00:23 -------- d-----w- C:\Users\Demyx\AppData\Local\{E01173F3-3C7F-47EB-BE53-D6C1AE65E35C} 2012-04-23 21:00:12 -------- d-----w- C:\Users\Demyx\AppData\Local\{95CA540D-0F96-4F8C-B343-44A7DDB89E45} 2012-04-23 21:00:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{61D787E8-65CE-4C50-A670-9912A7A952B9} 2012-04-23 20:59:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{5FF85788-BF09-4C15-90F4-BE66D2418170} 2012-04-23 08:59:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{488528E3-CA41-4422-B3A5-320D6F60A16F} 2012-04-23 08:59:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{7DA8ED4B-F143-411D-AF0A-953DF763C26F} 2012-04-23 08:59:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{4870E45B-39B8-418C-AB3C-2F98FE8799A5} 2012-04-23 08:58:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{1F2BE1CD-E742-4FA3-ADEA-78E22A431CA7} 2012-04-23 00:48:24 -------- d-----w- C:\Users\Demyx\AppData\Local\LogMeIn 2012-04-23 00:48:09 59776 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll 2012-04-23 00:48:08 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll 2012-04-23 00:48:08 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys 2012-04-23 00:48:08 34688 ----a-w- C:\Windows\System32\LMIport.dll 2012-04-23 00:48:06 80768 ----a-w- C:\Windows\System32\LMIinit.dll 2012-04-23 00:47:59 -------- d-----w- C:\ProgramData\LogMeIn 2012-04-23 00:47:45 -------- d-----w- C:\Program Files (x86)\LogMeIn 2012-04-23 00:39:32 -------- d-----w- C:\Users\Demyx\AppData\Roaming\GlarySoft 2012-04-23 00:36:10 -------- d-----w- C:\Users\Demyx\AppData\Roaming\Auslogics 2012-04-23 00:35:53 -------- d-----w- C:\Users\Demyx\AppData\Roaming\Malwarebytes 2012-04-23 00:35:09 -------- d-----w- C:\Users\Demyx\AppData\Roaming\SUPERAntiSpyware.com 2012-04-23 00:11:07 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys 2012-04-23 00:10:48 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2012-04-23 00:10:48 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-04-23 00:10:27 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2012-04-23 00:10:27 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2012-04-23 00:10:07 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys 2012-04-23 00:09:59 -------- d-----w- C:\Program Files (x86)\Lavasoft 2012-04-23 00:09:46 -------- d-----w- C:\ProgramData\Malwarebytes 2012-04-23 00:09:45 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-04-23 00:09:45 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-04-23 00:06:40 -------- d-----w- C:\Program Files (x86)\VideoLAN 2012-04-23 00:06:01 86608 ----a-w- C:\Windows\System32\cpwmon64.dll 2012-04-23 00:05:59 -------- d-----w- C:\Program Files (x86)\Acro Software 2012-04-23 00:05:40 -------- d-----w- C:\Program Files (x86)\GPLGS 2012-04-23 00:05:27 -------- d-----w- C:\Program Files (x86)\Glary Utilities 2012-04-23 00:05:19 -------- d-----w- C:\Program Files (x86)\Auslogics 2012-04-23 00:04:55 -------- d-----w- C:\Users\Demyx\AppData\Local\HuluDesktop 2012-04-23 00:04:29 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-04-22 20:58:30 -------- d-----w- C:\Users\Demyx\AppData\Local\{F63B5415-AD25-4B37-900E-76BF6AB66A05} 2012-04-22 20:58:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{92A46E77-4D99-40E0-A75A-EEB931254BD6} 2012-04-22 20:58:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{2C5D9250-2BF8-43BF-A0B1-F2A6BCC042DC} 2012-04-22 20:57:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{DB5DA79D-BFBC-48E2-966E-B843936FBCFD} 2012-04-22 08:57:40 -------- d-----w- C:\Users\Demyx\AppData\Local\{144BA7E5-3D85-4F8C-9C4E-C08382576E18} 2012-04-22 08:57:29 -------- d-----w- C:\Users\Demyx\AppData\Local\{6AFB6545-246D-44EE-BD48-0773BE01810D} 2012-04-22 08:57:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{417A4686-34F9-44A0-85CE-3ECE1D97BA92} 2012-04-22 08:57:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{7B8FC20F-A71D-48FB-BFF8-B59ABA18BCFF} 2012-04-21 21:00:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{76AD2207-3A8D-4605-91BB-912325C5E6BD} 2012-04-21 20:57:13 -------- d-----w- C:\Users\Demyx\AppData\Local\{9C449E44-FFEB-4CB3-BBC4-1F80B5341BB7} 2012-04-21 07:48:15 -------- d-----w- C:\Users\Demyx\AppData\Local\{FC1F7457-1234-40B2-9417-3BF35240A4A4} 2012-04-21 07:48:02 -------- d-----w- C:\Users\Demyx\AppData\Local\{CD9863FC-DD8A-4A33-9A54-A849BDE4A257} 2012-04-21 07:47:50 -------- d-----w- C:\Users\Demyx\AppData\Local\{52F9221B-283A-4A0C-A29D-6D3685211650} 2012-04-21 07:47:38 -------- d-----w- C:\Users\Demyx\AppData\Local\{294C3DD7-69BF-4E40-837A-DAFB627175DE} 2012-04-20 19:47:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{CFEAFF7D-106B-4DA7-BB2C-F36527FC17F4} 2012-04-20 19:47:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{A07E2869-8880-4F12-8FB9-5AB79BA9B1E7} 2012-04-20 19:46:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{929B1C99-384F-4869-9865-0BD5ECF97115} 2012-04-20 19:46:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{C820C565-020B-4C34-B417-0CB1A4CCB93F} 2012-04-20 07:46:32 -------- d-----w- C:\Users\Demyx\AppData\Local\{DD5DED35-0C57-4402-A8AA-64D7C947A7CD} 2012-04-20 07:46:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{AF0E8C6F-6AD2-4231-98F1-931AA4F77FAD} 2012-04-20 07:46:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{CCF3582B-B50A-48A0-A1B1-CD10856025CA} 2012-04-20 07:45:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{0A3AF78B-6A00-498B-8161-C1EAE9AF0CF1} 2012-04-20 07:43:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{98CBD638-2C84-4396-88DD-E4270D58834F} 2012-04-20 02:54:17 -------- d-----w- C:\Users\Demyx\AppData\Roaming\e-academy Inc 2012-04-20 02:54:17 -------- d-----w- C:\Users\Demyx\AppData\Local\e-academy Inc 2012-04-20 01:29:37 -------- d-----w- C:\ProgramData\Package Cache 2012-04-19 19:45:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{2B3137B6-1CA5-467A-B541-1BF1E4E4BE3A} 2012-04-19 19:45:32 -------- d-----w- C:\Users\Demyx\AppData\Local\{7617E37C-451A-4556-8236-ED9C7FC1DF5E} 2012-04-19 19:45:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{2E73F9C1-7A2D-49E3-AB01-134755A02B51} 2012-04-19 19:45:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{E2D4A36A-3150-41B8-856D-CC06D459F0E5} 2012-04-19 07:44:53 -------- d-----w- C:\Users\Demyx\AppData\Local\{E587AE61-9373-4342-AC63-AF010809EB3A} 2012-04-19 07:44:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{FED681A5-4AEB-4D2B-A52B-72340FBEC4CF} 2012-04-19 07:44:29 -------- d-----w- C:\Users\Demyx\AppData\Local\{E08E27C7-445E-4419-B872-EC674759685C} 2012-04-18 19:44:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{5A190036-80DB-4143-99FE-20066D542D6B} 2012-04-18 07:43:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{791D28AC-CEE2-43FF-9511-DF6CF9370311} 2012-04-18 07:43:31 -------- d-----w- C:\Users\Demyx\AppData\Local\{F2D529FF-7A80-4A29-9853-389FF5CC1816} 2012-04-18 07:43:20 -------- d-----w- C:\Users\Demyx\AppData\Local\{2BE3D367-0F7F-454D-968F-C6E305B9A535} 2012-04-18 07:43:08 -------- d-----w- C:\Users\Demyx\AppData\Local\{478D012B-035B-4A5C-A275-5A87E6071496} 2012-04-17 19:43:30 -------- d-----w- C:\Users\Demyx\AppData\Local\AIM 2012-04-17 19:43:16 -------- d-----w- C:\ProgramData\AIM 2012-04-17 19:43:05 -------- d-----w- C:\Program Files (x86)\AIM 2012-04-17 19:43:03 -------- d-----w- C:\Program Files (x86)\Common Files\Software Update Utility 2012-04-17 19:42:59 -------- d-----w- C:\Program Files (x86)\Common Files\AOL 2012-04-17 19:42:41 -------- d-----w- C:\Users\Demyx\AppData\Local\{6106DB98-7634-46FE-A186-63B20C18741F} 2012-04-17 19:42:28 -------- d-----w- C:\Users\Demyx\AppData\Local\{2A9FAABC-C4AD-4AD2-AFC9-C36897C2CB85} 2012-04-17 19:42:16 -------- d-----w- C:\Users\Demyx\AppData\Local\{B5C51A82-5C54-402F-9112-DA5A794C344A} 2012-04-17 19:42:02 -------- d-----w- C:\Users\Demyx\AppData\Local\{FF795339-B4B3-4C31-A2F9-5C5F68542E66} 2012-04-17 07:41:47 -------- d-----w- C:\Users\Demyx\AppData\Local\{B6E7F176-B354-499D-B6BD-5D0C1C9AA422} 2012-04-17 07:41:35 -------- d-----w- C:\Users\Demyx\AppData\Local\{472E0D11-E19F-427F-AD51-E77383DD4997} 2012-04-17 07:41:24 -------- d-----w- C:\Users\Demyx\AppData\Local\{BDA10DCA-4010-46FF-ADC3-06DE93F7961B} 2012-04-17 07:41:12 -------- d-----w- C:\Users\Demyx\AppData\Local\{0F3BEFA7-4127-4976-ABD7-37B1466FBF79} 2012-04-16 19:40:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{63647855-D7D7-42C2-BC9F-FF083B806162} 2012-04-16 19:40:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{F7A8E302-87BC-4DE4-B4F5-77B2EBC68C3E} 2012-04-16 19:40:31 -------- d-----w- C:\Users\Demyx\AppData\Local\{CB695307-F766-4084-826B-DBBD52D23D24} 2012-04-16 19:40:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{0718CF94-74E9-44CF-B0A9-032F7A8CA30B} 2012-04-16 07:40:04 -------- d-----w- C:\Users\Demyx\AppData\Local\{9AFB63F4-0892-48CD-91B7-556307BE8701} 2012-04-16 07:39:53 -------- d-----w- C:\Users\Demyx\AppData\Local\{1BA444A3-0AA6-4D01-AF17-0C69CB66DD7D} 2012-04-16 07:39:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{6D8FE763-1999-4B5B-BD3A-69B68B57DCF1} 2012-04-16 07:39:31 -------- d-----w- C:\Users\Demyx\AppData\Local\{84CD86D2-F1BD-4D14-A450-B0BD6A1C077F} 2012-04-15 19:39:15 -------- d-----w- C:\Users\Demyx\AppData\Local\{863D1A2A-9C06-43D6-B6ED-75A8CAE98F54} 2012-04-15 19:39:04 -------- d-----w- C:\Users\Demyx\AppData\Local\{11DE4495-91E1-41C7-BC69-E95D6E8310A6} 2012-04-15 19:38:53 -------- d-----w- C:\Users\Demyx\AppData\Local\{8B51D8F7-D9A2-4385-BEC4-9B9A9FF95D5E} 2012-04-15 19:38:40 -------- d-----w- C:\Users\Demyx\AppData\Local\{D192EA63-EFED-4054-874A-83C821C26A4B} 2012-04-15 07:38:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{2A0BE30E-9137-4BA8-BE44-AF6B636A4F78} 2012-04-15 07:38:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{F97A6991-8ECE-4C38-9107-9595EC367818} . ==================== Find3M ==================== . 2012-05-09 15:22:33 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-09 15:22:33 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-04-14 15:53:40 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2012-04-14 15:53:40 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2012-04-08 08:11:15 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2012-03-22 19:12:12 4435968 ----a-w- C:\Windows\SysWow64\GPhotos.scr 2012-03-08 22:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll 2012-03-08 22:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR 2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll 2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll 2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-02-15 15:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys 2012-02-15 15:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll . ============= FINISH: 22:44:29.68 =============== Attach.txt DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.