Jump to content

Recommended Posts

Hi, I'm receiving this message: 'Malwarebytes' Anti-Malware has successfully blocked access to malicious IP: 66.150.14.111 or something like that i am currently doing a sweep with ad-aware and everytime i scan with malwarebytes i get nothing so please help its starting to drive me mad and plus is affecting my youtube making it so that i have to maximize my video player every video please help me tell me if im infected or something

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Demyx at 22:37:35 on 2012-05-14

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3561.472 [GMT -4:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

AV: AVG Anti-Virus 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe

C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe

C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe

C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe

C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe

C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\AVG\AVG2012\avgui.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\AUDIODG.EXE

C:\Windows\ehome\mcupdate.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Users\Demyx\Downloads\VisualBoyAdvance-1.8.0-beta3\VisualBoyAdvance.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskmgr.exe

C:\Windows\ehome\ehsched.exe

C:\Windows\eHome\EhTray.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://xfinity.comcast.net/?cid=insDate02052012

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO: {1036AD63-AEAC-460B-9060-C96005D4DC86} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll

BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\IPS\IPSBHO.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [Google Update] "C:\Users\Demyx\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet

uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4

mRun: [intel AppUp(SM) center Systray] "C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe" --domain F0399437-FD0C-4A48-B101-F0314A6172E4 --openmode trayicon

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

StartupFolder: C:\Users\Demyx\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

StartupFolder: C:\Users\Demyx\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUDIBL~1.LNK - C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 75.75.76.76 75.75.75.75

TCP: Interfaces\{67F36A91-4EFF-4F2B-AE24-7B9F8E3D6A59} : DhcpNameServer = 75.75.76.76 75.75.75.75

TCP: Interfaces\{67F36A91-4EFF-4F2B-AE24-7B9F8E3D6A59}\0757467656 : DhcpNameServer = 10.0.0.1

TCP: Interfaces\{67F36A91-4EFF-4F2B-AE24-7B9F8E3D6A59}\2416B65627 : DhcpNameServer = 10.8.32.15 158.80.1.42 158.80.1.142

TCP: Interfaces\{67F36A91-4EFF-4F2B-AE24-7B9F8E3D6A59}\E49636567596C6C6F677D27657563747 : DhcpNameServer = 75.75.76.76 75.75.75.75

TCP: Interfaces\{EE9C52F3-DCA7-4C86-87D4-7C0B3742E3EB} : DhcpNameServer = 68.87.66.252 68.87.64.248

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: {1036AD63-AEAC-460B-9060-C96005D4DC86} - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll

BHO-X64: Norton Identity Protection - No File

BHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

BHO-X64: AMD SteadyVideo BHO - No File

BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\IPS\IPSBHO.DLL

BHO-X64: Norton Vulnerability Protection - No File

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

BHO-X64: IESpeakDoc - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun-x64: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4

mRun-x64: [intel AppUp(SM) center Systray] "C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe" --domain F0399437-FD0C-4A48-B101-F0314A6172E4 --openmode trayicon

mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

Hosts: 127.0.0.1 www.spywareinfo.com

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]

R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]

R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]

R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]

R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120507.001\BHDrvx64.sys [2012-5-8 1160824]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]

R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\system32\drivers\btath_avdt.sys --> C:\Windows\system32\drivers\btath_avdt.sys [?]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]

R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]

R3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]

R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1307000.009\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1307000.009\ccSetx64.sys [?]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-4-7 138360]

R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120511.001\IDSviA64.sys [2012-5-12 488568]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2012-4-22 17152]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

.

=============== Created Last 30 ================

.

2012-05-14 19:29:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{A1334931-BA8E-4F94-A660-D9DA5D647CFC}

2012-05-14 19:29:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{440A544B-E046-47D3-BDFF-7A48F1DBD8B6}

2012-05-14 19:29:17 -------- d-----w- C:\Users\Demyx\AppData\Local\{F0FFA090-E15D-4B2B-B013-F067C74F68D3}

2012-05-14 19:29:03 -------- d-----w- C:\Users\Demyx\AppData\Local\{A836A342-9376-49D7-B7DC-C5787A96A23F}

2012-05-14 16:44:03 -------- d--h--w- C:\$AVG

2012-05-14 16:09:13 -------- d-----w- C:\Users\Demyx\AppData\Roaming\AVG2012

2012-05-14 16:07:17 -------- d-----w- C:\Windows\SysWow64\drivers\AVG

2012-05-14 16:01:09 -------- d-----w- C:\Windows\System32\drivers\AVG

2012-05-14 16:01:09 -------- d-----w- C:\ProgramData\AVG2012

2012-05-14 15:59:41 -------- d-----w- C:\Program Files (x86)\AVG

2012-05-14 15:55:15 -------- d--h--w- C:\ProgramData\Common Files

2012-05-14 15:54:48 -------- d-----w- C:\ProgramData\MFAData

2012-05-14 07:28:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{D9A3D10D-B090-46C4-8D7E-02FCD0AB756C}

2012-05-14 07:28:08 -------- d-----w- C:\Users\Demyx\AppData\Local\{6E5C05F0-8221-4EBF-A837-A9935551F6FF}

2012-05-14 07:27:57 -------- d-----w- C:\Users\Demyx\AppData\Local\{388090E9-FB50-47D6-A115-962D54A1EF3C}

2012-05-14 07:27:44 -------- d-----w- C:\Users\Demyx\AppData\Local\{DA170A9C-A7B8-4B90-9811-37F489E41D32}

2012-05-13 19:26:07 -------- d-----w- C:\Users\Demyx\AppData\Local\{C8573169-3603-4D62-BBA9-F2D203BA082A}

2012-05-13 19:25:36 -------- d-----w- C:\Users\Demyx\AppData\Local\{D2C965C8-2AF4-4C78-8172-22DF3740A867}

2012-05-13 16:24:27 16432 ----a-w- C:\Windows\System32\lsdelete.exe

2012-05-13 07:19:46 -------- d-----w- C:\Users\Demyx\AppData\Local\{3A7F7304-47BB-426B-8BD0-7F2C1DF7F1FA}

2012-05-13 07:19:28 -------- d-----w- C:\Users\Demyx\AppData\Local\{9FBA19F1-2D3E-4F23-921B-26AD0CDC6262}

2012-05-12 19:19:02 -------- d-----w- C:\Users\Demyx\AppData\Local\{7F26E1F6-C8E4-49C9-BCE8-8D2576BCFD9D}

2012-05-12 19:18:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{2B530271-3AC7-4E9D-AC0B-07AFDE5B08EE}

2012-05-12 07:17:01 -------- d-----w- C:\Users\Demyx\AppData\Local\{76841504-B96C-45AB-BFA5-7B9A3FA4281F}

2012-05-12 07:16:35 -------- d-----w- C:\Users\Demyx\AppData\Local\{C8B9CB4E-CC4C-488D-9FBE-FD4E4A0FEAD9}

2012-05-11 19:16:17 -------- d-----w- C:\Users\Demyx\AppData\Local\{9FA6875A-48A0-470A-95FB-08971A87F622}

2012-05-11 19:16:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{D7AE6B39-DAE8-498C-9EB5-3B396A2299C0}

2012-05-11 07:15:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{3B8EA98C-BC0D-4619-BB19-8664055BB7BD}

2012-05-11 07:15:37 -------- d-----w- C:\Users\Demyx\AppData\Local\{BEC762CB-A5B7-4C5B-8503-A72866F8DCA8}

2012-05-10 19:21:51 -------- d-----w- C:\Users\Demyx\AppData\Roaming\.minecraft

2012-05-10 19:14:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{25A359B3-5115-4237-A61F-C212971544F8}

2012-05-10 19:14:38 -------- d-----w- C:\Users\Demyx\AppData\Local\{2F93A7FE-A667-4DA7-B19F-8E49A73E8423}

2012-05-10 19:14:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{604ACE81-AB18-4BDC-88C7-FD484478F545}

2012-05-10 19:13:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{8F19188A-53E1-4421-A4D9-1CFF99A7BD34}

2012-05-10 14:27:30 -------- d-----w- C:\Users\Demyx\AppData\Local\WinZip

2012-05-10 14:03:25 137000 ----a-w- C:\Windows\SysWow64\MSMAPI32.OCX

2012-05-10 14:03:24 87040 ----a-w- C:\Windows\System32\pdfcmnnt.dll

2012-05-10 14:03:21 23552 ----a-w- C:\Windows\SysWow64\MSMPIDE.DLL

2012-05-10 14:03:20 -------- d-----w- C:\Program Files (x86)\PDFCreator

2012-05-10 14:03:01 -------- d-----w- C:\Program Files (x86)\PricePeep

2012-05-10 14:02:38 -------- d-----w- C:\Users\Demyx\AppData\Local\Wajam

2012-05-10 14:02:32 -------- d-----w- C:\Program Files (x86)\Wajam

2012-05-10 14:02:14 -------- d-----w- C:\Program Files\PrivacySafeGuard

2012-05-10 14:01:56 -------- d-----w- C:\Program Files (x86)\Yontoo

2012-05-10 14:01:52 -------- d-----w- C:\ProgramData\Tarma Installer

2012-05-10 13:58:08 -------- d-----w- C:\Users\Demyx\AppData\Roaming\DAEMON Tools Lite

2012-05-10 13:56:33 -------- d-----w- C:\ProgramData\DAEMON Tools Lite

2012-05-10 13:50:53 -------- d-----w- C:\Users\Demyx\AppData\Roaming\DAEMON Tools Pro

2012-05-10 13:49:53 -------- d-----w- C:\ProgramData\DAEMON Tools Pro

2012-05-10 04:48:34 -------- d-----w- C:\Users\Demyx\AppData\Local\{839B19D4-F958-4E98-8B74-1922777F37F8}

2012-05-10 04:48:24 -------- d-----w- C:\Users\Demyx\AppData\Local\{96D07156-9928-4FD6-A605-27F80270F7F2}

2012-05-10 04:48:03 -------- d-----w- C:\Users\Demyx\AppData\Local\{929F4F3D-3911-473C-A937-44A86AE36655}

2012-05-09 16:47:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{451A71E3-1AD2-4DF8-AFE8-67865AD32517}

2012-05-09 16:47:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{ADE9BC15-79D4-4791-8B87-8F10D70BFE68}

2012-05-09 16:47:29 -------- d-----w- C:\Users\Demyx\AppData\Local\{E5A246C7-FDE1-4853-8C2C-D8A32BF03952}

2012-05-09 16:47:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{0F2ABD84-9836-4406-A522-8AF1C5A7F9C9}

2012-05-09 15:22:13 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-05-09 07:07:45 -------- d-sh--w- C:\Windows\System32\%APPDATA%

2012-05-09 07:03:46 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2012-05-09 04:46:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{B893594B-D352-46DD-B862-FA7A68A06D15}

2012-05-09 04:46:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{49CFCA07-A200-44F8-B662-F7F608A572D1}

2012-05-09 04:46:32 -------- d-----w- C:\Users\Demyx\AppData\Local\{1F103556-10B0-4702-886D-35EB03A0FD9B}

2012-05-09 04:46:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{36ECC975-F653-4001-AF6D-0A6E91CD3124}

2012-05-08 19:00:43 1544704 ----a-w- C:\Windows\System32\DWrite.dll

2012-05-08 19:00:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-05-08 19:00:40 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-08 19:00:39 3146240 ----a-w- C:\Windows\System32\win32k.sys

2012-05-08 19:00:38 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-08 19:00:38 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-08 19:00:07 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2012-05-08 18:59:53 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-05-08 18:59:50 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-05-08 18:59:50 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2012-05-08 16:46:07 -------- d-----w- C:\Users\Demyx\AppData\Local\{6857868F-6AC7-4687-882B-B42A90F4162F}

2012-05-08 16:45:56 -------- d-----w- C:\Users\Demyx\AppData\Local\{4EC73978-A238-4A57-87D7-6B965AAEC2C8}

2012-05-08 16:45:47 -------- d-----w- C:\Users\Demyx\AppData\Local\{E28F463A-A279-4C28-9EB5-BDFC6F465418}

2012-05-08 16:45:36 -------- d-----w- C:\Users\Demyx\AppData\Local\{77F790EB-B64B-4C47-A628-98055381AE16}

2012-05-08 04:45:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{4641EA0E-4BFD-411C-A9B1-E9B9D5F5D294}

2012-05-08 04:44:56 -------- d-----w- C:\Users\Demyx\AppData\Local\{F0F24B8D-8A80-42C1-8B99-304273ABFB36}

2012-05-08 04:44:44 -------- d-----w- C:\Users\Demyx\AppData\Local\{D277B4B7-7A25-4406-91DC-4CF7951E098D}

2012-05-08 04:44:31 -------- d-----w- C:\Users\Demyx\AppData\Local\{9C43978F-A172-4222-A92E-41D56C93B351}

2012-05-07 16:44:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{B3446AFA-77B4-4C44-B617-B14124D91591}

2012-05-07 16:44:08 -------- d-----w- C:\Users\Demyx\AppData\Local\{CB272766-61A6-4DA7-9DA2-44D83CF52A78}

2012-05-07 16:43:58 -------- d-----w- C:\Users\Demyx\AppData\Local\{9600590C-335B-492A-95FC-6615234B9CD6}

2012-05-07 16:43:47 -------- d-----w- C:\Users\Demyx\AppData\Local\{CDD6D7BC-B8C6-4125-8F6A-E6B0208FCE5C}

2012-05-07 04:43:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{215B4932-A1EE-441B-BC89-F25542548BD2}

2012-05-07 04:43:23 -------- d-----w- C:\Users\Demyx\AppData\Local\{64A8C5C4-A6F9-4933-8B46-C4854F5745D2}

2012-05-07 04:43:13 -------- d-----w- C:\Users\Demyx\AppData\Local\{AD723E7E-C84C-4CE5-BD6C-CB618341B4FF}

2012-05-07 04:43:02 -------- d-----w- C:\Users\Demyx\AppData\Local\{D7477B4C-32ED-4413-A5C6-40E1E75F9E75}

2012-05-06 16:42:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{D16EB94D-B9C4-4654-9599-56B04927F0C4}

2012-05-06 16:42:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{41902ED0-AC9D-4F58-9AF5-130B4394D5B2}

2012-05-06 16:42:28 -------- d-----w- C:\Users\Demyx\AppData\Local\{81385381-4807-4774-8F40-545A0808A0BD}

2012-05-06 16:42:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{284EBC90-08CC-4FDD-8911-DF7A308494D1}

2012-05-06 04:42:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{3A73CEAF-EFD1-4610-B190-2DED6549F0A2}

2012-05-06 04:41:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{CC51F412-1071-4372-8B04-22432CB13F7F}

2012-05-06 04:41:36 -------- d-----w- C:\Users\Demyx\AppData\Local\{5D11D48D-2FE1-4ADF-B447-85A0DF8ED33F}

2012-05-06 04:41:24 -------- d-----w- C:\Users\Demyx\AppData\Local\{9889D904-281C-4529-960F-5D0A95E02BB1}

2012-05-05 16:41:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{F2274B87-3019-4234-8CCD-7729CF049A76}

2012-05-05 16:41:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{C3129DD6-130F-4B36-BCE1-CCE8D49F3F46}

2012-05-05 16:40:50 -------- d-----w- C:\Users\Demyx\AppData\Local\{BA66B652-0BBC-4512-9C9B-938660C2ED78}

2012-05-05 16:40:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{2204355E-3288-449A-B605-A0748A3C162A}

2012-05-05 04:40:26 -------- d-----w- C:\Users\Demyx\AppData\Local\{0C3D572F-814C-4D74-8902-8EF326E542E0}

2012-05-05 04:40:16 -------- d-----w- C:\Users\Demyx\AppData\Local\{885BEEBB-499B-49F7-A127-4873B8CD3B6E}

2012-05-05 04:40:05 -------- d-----w- C:\Users\Demyx\AppData\Local\{36445122-DBD4-4382-9A1F-5472CBB775E8}

2012-05-04 16:39:25 -------- d-----w- C:\Users\Demyx\AppData\Local\{7F4E3E60-117F-450E-8248-E974483DE06F}

2012-05-04 16:38:57 -------- d-----w- C:\Users\Demyx\AppData\Local\{12A61E7B-39B6-43AC-B33E-9E0A9114F2B7}

2012-05-04 10:57:35 -------- d-----w- C:\Users\Demyx\AppData\Local\{BB916F87-AEA3-4186-8FBB-5384BAA795AF}

2012-05-04 10:51:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{BC593CF6-1EEE-4152-9EAC-B57F698E6E9D}

2012-05-03 22:51:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{62AAF4FF-AA0A-4EF5-A055-E86B80BDED56}

2012-05-03 22:50:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{1C763580-B92A-4B10-9DEC-A86790C4A5BC}

2012-05-03 22:50:44 -------- d-----w- C:\Users\Demyx\AppData\Local\{49B02279-5B13-49E9-9EAB-9EC833089468}

2012-05-03 22:50:30 -------- d-----w- C:\Users\Demyx\AppData\Local\{F51FDE34-E410-414D-8097-9B0D2FCC408E}

2012-05-03 22:50:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{53BB17D1-E5E3-47C6-A3F9-9E07611D58BC}

2012-05-03 10:49:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{C59FD62D-05E7-4BFA-BB90-698BEAC5E3B8}

2012-05-03 10:49:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{DAF0F4F4-53A4-4A92-BD43-F6715919D5B7}

2012-05-03 10:49:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{0F849FFC-9380-478D-9334-BAD47B1C009C}

2012-05-03 10:49:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{F0B6BF73-732A-4134-BF5A-AEF1839A44DA}

2012-05-03 05:11:56 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll

2012-05-03 05:11:39 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2012-05-03 05:11:29 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2012-05-03 05:11:25 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2012-05-02 22:48:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{A905842C-619B-4DAA-8D34-56E977E15585}

2012-05-02 22:48:40 -------- d-----w- C:\Users\Demyx\AppData\Local\{DA1F5EDF-CBB4-4858-8705-3AA8A9B1E521}

2012-05-02 21:05:08 -------- d-----w- C:\Users\Demyx\AppData\Local\Xfinity.com

2012-05-02 18:48:50 -------- d-----w- C:\Users\Demyx\AppData\Local\{52769A47-358E-4574-9ABB-4A2288AA580A}

2012-05-02 16:36:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{DB7D82CF-6BC8-4107-80F3-8CC3350C9C52}

2012-05-02 10:52:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{89649BFB-0A86-480F-A556-CE4F20A3BD19}

2012-05-02 10:49:23 -------- d-----w- C:\Users\Demyx\AppData\Local\{70484D52-CE16-4B8F-8BDF-DAFB23C69A51}

2012-05-01 22:49:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{AB5BAE97-2284-4B48-BAFE-E9C27702F20A}

2012-05-01 22:48:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{375F2271-01EC-4287-8E43-F8A0DF76061D}

2012-05-01 22:48:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{A36D9145-15DB-4F64-ABEB-8CB971FAF2B8}

2012-05-01 18:48:50 -------- d-----w- C:\Users\Demyx\AppData\Local\{217B9F1D-A781-41AB-8798-FFBF6DF6D469}

2012-05-01 10:55:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{ABF8B9CA-6514-4CDB-90D3-D274EA99F0D1}

2012-05-01 10:52:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{7E67C96A-C307-4F43-9665-5AE9583701EA}

2012-05-01 10:48:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{6431E5BF-8BDD-4B33-B6F2-ABA29AE8A6C3}

2012-04-30 23:00:16 82944 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPP9D.DLL

2012-04-30 23:00:16 27648 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPD9D.DLL

2012-04-30 22:59:54 279040 ----a-w- C:\Windows\System32\CNMLM9D.DLL

2012-04-30 22:59:51 92672 ----a-w- C:\Windows\System32\CNC620I.DLL

2012-04-30 22:59:51 293888 ----a-w- C:\Windows\System32\CNC620L.DLL

2012-04-30 22:59:51 229888 ----a-w- C:\Windows\System32\CNC620O.DLL

2012-04-30 22:59:51 1354240 ----a-w- C:\Windows\System32\CNC620C.DLL

2012-04-30 22:07:20 -------- d-----w- C:\Users\Demyx\AppData\Local\{6B88EC67-CC26-4338-9092-0FA7B3A2F00A}

2012-04-30 22:07:07 -------- d-----w- C:\Users\Demyx\AppData\Local\{CE3FF77D-F103-4FD8-A546-050E19B15C53}

2012-04-30 18:43:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{90A1051C-660D-4CFA-A8AF-5943730269A0}

2012-04-30 14:22:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{1BDC2C15-AEF9-480C-89A1-6D5EC3B1CA90}

2012-04-29 21:03:58 -------- d-----w- C:\Users\Demyx\AppData\Local\{2F4E9815-9AB5-4987-9C34-3D00F9FFE948}

2012-04-29 21:03:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{332D7D9D-CE75-47B6-AAEE-F2205E7EDE0D}

2012-04-29 09:07:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{1D1989B2-3FC0-40FA-BC3D-436718646505}

2012-04-29 09:04:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{451C3E06-956A-4AF2-8F93-752B86A8C215}

2012-04-28 21:03:53 -------- d-----w- C:\Users\Demyx\AppData\Local\{99316C63-4EAC-42D0-8717-D9E1A3A6FD7B}

2012-04-28 21:03:40 -------- d-----w- C:\Users\Demyx\AppData\Local\{28E98E46-99DE-4F89-91A9-67AD5AEA5A35}

2012-04-28 09:15:03 -------- d-----w- C:\Users\Demyx\AppData\Local\{67CA83C5-B4B1-41DB-B2C3-2236A4363FBD}

2012-04-28 09:07:26 -------- d-----w- C:\Users\Demyx\AppData\Local\{51908CF7-0503-4CC6-ADC6-DC2AC579A6B7}

2012-04-27 21:07:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{874CC700-A1B3-4A02-85F3-D8D962C1D69C}

2012-04-27 21:07:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{1AFDD7BA-0783-4465-BAC4-D87E2BEEA2BE}

2012-04-27 21:06:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{F18F5C71-7169-4E53-AC86-E0DD3FECC9D5}

2012-04-27 21:06:37 -------- d-----w- C:\Users\Demyx\AppData\Local\{87672E33-5694-457C-99DC-3B2EED8A51AA}

2012-04-27 09:06:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{B199A96D-052E-4606-8DDE-7181DAE19566}

2012-04-27 09:06:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{D889AE72-D202-4647-8A43-15FF584069BC}

2012-04-27 09:05:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{66FD4498-D0D3-4377-BB78-6F0B2899D60B}

2012-04-27 09:05:47 -------- d-----w- C:\Users\Demyx\AppData\Local\{DECA59E9-42F1-422E-8549-6BE01E354DA9}

2012-04-26 21:05:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{E6507184-2DB5-403D-8C8C-07BF1A223229}

2012-04-26 21:05:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{2FE363AC-B2C9-4A37-9537-892CAA00BAC4}

2012-04-26 21:05:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{3FD35FB9-552E-420E-A606-62B10326CF61}

2012-04-26 21:04:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{5E95CD9A-29F0-4A18-A5F5-1C2BF8805D7B}

2012-04-26 09:04:44 -------- d-----w- C:\Users\Demyx\AppData\Local\{76F1D76F-7CA7-4624-8634-2314A1C4BB1A}

2012-04-26 09:04:32 -------- d-----w- C:\Users\Demyx\AppData\Local\{6B1D5FBA-32FD-42F8-BDA8-50245A294CC0}

2012-04-26 09:04:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{59C2E6BD-1283-4677-BCA8-A5370F27D21C}

2012-04-26 09:04:08 -------- d-----w- C:\Users\Demyx\AppData\Local\{9E195217-26BC-4228-ABB4-F5D712DBCEA3}

2012-04-25 21:03:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{9F2ABA51-237F-4A93-B76E-46E66984E1D0}

2012-04-25 21:03:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{400623D6-5185-4721-A02E-29F8020F5003}

2012-04-25 09:03:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{9C084ADC-1E66-4F03-9642-56C232E3CBFE}

2012-04-25 09:03:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{F793E6B7-BF05-4BD9-AE9B-3FAD1E2F1109}

2012-04-25 09:02:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{7FD2D151-F4FB-4912-82D9-E2ACDC9E3776}

2012-04-25 09:02:36 -------- d-----w- C:\Users\Demyx\AppData\Local\{87F33B53-1AEE-448D-BD43-27F7767C0449}

2012-04-24 21:02:05 -------- d-----w- C:\Users\Demyx\AppData\Local\{2F1F749A-9212-449C-AC77-81A87542FAC9}

2012-04-24 21:01:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{B13D0550-87B8-4A90-9E49-4B1379FF1960}

2012-04-24 21:01:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{44C9B653-E237-4069-B567-F118FA327546}

2012-04-24 21:01:29 -------- d-----w- C:\Users\Demyx\AppData\Local\{5B215AA5-A38D-455F-821E-F146F3EB66E8}

2012-04-24 09:01:14 -------- d-----w- C:\Users\Demyx\AppData\Local\{8B1095F3-6F90-4355-91F8-861A30233F32}

2012-04-24 09:01:03 -------- d-----w- C:\Users\Demyx\AppData\Local\{2195C883-6895-425A-9696-A7D709B5C73B}

2012-04-24 09:00:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{8FC3579E-8319-4031-B6F8-1A5C4189466D}

2012-04-24 09:00:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{929E99FF-3F4A-4A2A-AC18-5EEB6B99A3C1}

2012-04-24 00:02:30 737912 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\srtsp64.sys

2012-04-24 00:02:30 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1307000.009\symds64.sys

2012-04-24 00:02:30 405624 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\symnets.sys

2012-04-24 00:02:30 37496 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\srtspx64.sys

2012-04-24 00:02:30 190072 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\ironx64.sys

2012-04-24 00:02:30 167048 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\ccsetx64.sys

2012-04-24 00:02:30 1092728 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\symefa64.sys

2012-04-24 00:02:07 -------- d-----w- C:\Windows\System32\drivers\NISx64\1307000.009

2012-04-23 21:00:23 -------- d-----w- C:\Users\Demyx\AppData\Local\{E01173F3-3C7F-47EB-BE53-D6C1AE65E35C}

2012-04-23 21:00:12 -------- d-----w- C:\Users\Demyx\AppData\Local\{95CA540D-0F96-4F8C-B343-44A7DDB89E45}

2012-04-23 21:00:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{61D787E8-65CE-4C50-A670-9912A7A952B9}

2012-04-23 20:59:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{5FF85788-BF09-4C15-90F4-BE66D2418170}

2012-04-23 08:59:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{488528E3-CA41-4422-B3A5-320D6F60A16F}

2012-04-23 08:59:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{7DA8ED4B-F143-411D-AF0A-953DF763C26F}

2012-04-23 08:59:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{4870E45B-39B8-418C-AB3C-2F98FE8799A5}

2012-04-23 08:58:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{1F2BE1CD-E742-4FA3-ADEA-78E22A431CA7}

2012-04-23 00:48:24 -------- d-----w- C:\Users\Demyx\AppData\Local\LogMeIn

2012-04-23 00:48:09 59776 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll

2012-04-23 00:48:08 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll

2012-04-23 00:48:08 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys

2012-04-23 00:48:08 34688 ----a-w- C:\Windows\System32\LMIport.dll

2012-04-23 00:48:06 80768 ----a-w- C:\Windows\System32\LMIinit.dll

2012-04-23 00:47:59 -------- d-----w- C:\ProgramData\LogMeIn

2012-04-23 00:47:45 -------- d-----w- C:\Program Files (x86)\LogMeIn

2012-04-23 00:39:32 -------- d-----w- C:\Users\Demyx\AppData\Roaming\GlarySoft

2012-04-23 00:36:10 -------- d-----w- C:\Users\Demyx\AppData\Roaming\Auslogics

2012-04-23 00:35:53 -------- d-----w- C:\Users\Demyx\AppData\Roaming\Malwarebytes

2012-04-23 00:35:09 -------- d-----w- C:\Users\Demyx\AppData\Roaming\SUPERAntiSpyware.com

2012-04-23 00:11:07 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys

2012-04-23 00:10:48 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2012-04-23 00:10:48 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

2012-04-23 00:10:27 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com

2012-04-23 00:10:27 -------- d-----w- C:\Program Files\SUPERAntiSpyware

2012-04-23 00:10:07 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys

2012-04-23 00:09:59 -------- d-----w- C:\Program Files (x86)\Lavasoft

2012-04-23 00:09:46 -------- d-----w- C:\ProgramData\Malwarebytes

2012-04-23 00:09:45 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-04-23 00:09:45 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-04-23 00:06:40 -------- d-----w- C:\Program Files (x86)\VideoLAN

2012-04-23 00:06:01 86608 ----a-w- C:\Windows\System32\cpwmon64.dll

2012-04-23 00:05:59 -------- d-----w- C:\Program Files (x86)\Acro Software

2012-04-23 00:05:40 -------- d-----w- C:\Program Files (x86)\GPLGS

2012-04-23 00:05:27 -------- d-----w- C:\Program Files (x86)\Glary Utilities

2012-04-23 00:05:19 -------- d-----w- C:\Program Files (x86)\Auslogics

2012-04-23 00:04:55 -------- d-----w- C:\Users\Demyx\AppData\Local\HuluDesktop

2012-04-23 00:04:29 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-04-22 20:58:30 -------- d-----w- C:\Users\Demyx\AppData\Local\{F63B5415-AD25-4B37-900E-76BF6AB66A05}

2012-04-22 20:58:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{92A46E77-4D99-40E0-A75A-EEB931254BD6}

2012-04-22 20:58:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{2C5D9250-2BF8-43BF-A0B1-F2A6BCC042DC}

2012-04-22 20:57:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{DB5DA79D-BFBC-48E2-966E-B843936FBCFD}

2012-04-22 08:57:40 -------- d-----w- C:\Users\Demyx\AppData\Local\{144BA7E5-3D85-4F8C-9C4E-C08382576E18}

2012-04-22 08:57:29 -------- d-----w- C:\Users\Demyx\AppData\Local\{6AFB6545-246D-44EE-BD48-0773BE01810D}

2012-04-22 08:57:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{417A4686-34F9-44A0-85CE-3ECE1D97BA92}

2012-04-22 08:57:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{7B8FC20F-A71D-48FB-BFF8-B59ABA18BCFF}

2012-04-21 21:00:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{76AD2207-3A8D-4605-91BB-912325C5E6BD}

2012-04-21 20:57:13 -------- d-----w- C:\Users\Demyx\AppData\Local\{9C449E44-FFEB-4CB3-BBC4-1F80B5341BB7}

2012-04-21 07:48:15 -------- d-----w- C:\Users\Demyx\AppData\Local\{FC1F7457-1234-40B2-9417-3BF35240A4A4}

2012-04-21 07:48:02 -------- d-----w- C:\Users\Demyx\AppData\Local\{CD9863FC-DD8A-4A33-9A54-A849BDE4A257}

2012-04-21 07:47:50 -------- d-----w- C:\Users\Demyx\AppData\Local\{52F9221B-283A-4A0C-A29D-6D3685211650}

2012-04-21 07:47:38 -------- d-----w- C:\Users\Demyx\AppData\Local\{294C3DD7-69BF-4E40-837A-DAFB627175DE}

2012-04-20 19:47:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{CFEAFF7D-106B-4DA7-BB2C-F36527FC17F4}

2012-04-20 19:47:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{A07E2869-8880-4F12-8FB9-5AB79BA9B1E7}

2012-04-20 19:46:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{929B1C99-384F-4869-9865-0BD5ECF97115}

2012-04-20 19:46:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{C820C565-020B-4C34-B417-0CB1A4CCB93F}

2012-04-20 07:46:32 -------- d-----w- C:\Users\Demyx\AppData\Local\{DD5DED35-0C57-4402-A8AA-64D7C947A7CD}

2012-04-20 07:46:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{AF0E8C6F-6AD2-4231-98F1-931AA4F77FAD}

2012-04-20 07:46:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{CCF3582B-B50A-48A0-A1B1-CD10856025CA}

2012-04-20 07:45:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{0A3AF78B-6A00-498B-8161-C1EAE9AF0CF1}

2012-04-20 07:43:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{98CBD638-2C84-4396-88DD-E4270D58834F}

2012-04-20 02:54:17 -------- d-----w- C:\Users\Demyx\AppData\Roaming\e-academy Inc

2012-04-20 02:54:17 -------- d-----w- C:\Users\Demyx\AppData\Local\e-academy Inc

2012-04-20 01:29:37 -------- d-----w- C:\ProgramData\Package Cache

2012-04-19 19:45:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{2B3137B6-1CA5-467A-B541-1BF1E4E4BE3A}

2012-04-19 19:45:32 -------- d-----w- C:\Users\Demyx\AppData\Local\{7617E37C-451A-4556-8236-ED9C7FC1DF5E}

2012-04-19 19:45:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{2E73F9C1-7A2D-49E3-AB01-134755A02B51}

2012-04-19 19:45:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{E2D4A36A-3150-41B8-856D-CC06D459F0E5}

2012-04-19 07:44:53 -------- d-----w- C:\Users\Demyx\AppData\Local\{E587AE61-9373-4342-AC63-AF010809EB3A}

2012-04-19 07:44:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{FED681A5-4AEB-4D2B-A52B-72340FBEC4CF}

2012-04-19 07:44:29 -------- d-----w- C:\Users\Demyx\AppData\Local\{E08E27C7-445E-4419-B872-EC674759685C}

2012-04-18 19:44:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{5A190036-80DB-4143-99FE-20066D542D6B}

2012-04-18 07:43:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{791D28AC-CEE2-43FF-9511-DF6CF9370311}

2012-04-18 07:43:31 -------- d-----w- C:\Users\Demyx\AppData\Local\{F2D529FF-7A80-4A29-9853-389FF5CC1816}

2012-04-18 07:43:20 -------- d-----w- C:\Users\Demyx\AppData\Local\{2BE3D367-0F7F-454D-968F-C6E305B9A535}

2012-04-18 07:43:08 -------- d-----w- C:\Users\Demyx\AppData\Local\{478D012B-035B-4A5C-A275-5A87E6071496}

2012-04-17 19:43:30 -------- d-----w- C:\Users\Demyx\AppData\Local\AIM

2012-04-17 19:43:16 -------- d-----w- C:\ProgramData\AIM

2012-04-17 19:43:05 -------- d-----w- C:\Program Files (x86)\AIM

2012-04-17 19:43:03 -------- d-----w- C:\Program Files (x86)\Common Files\Software Update Utility

2012-04-17 19:42:59 -------- d-----w- C:\Program Files (x86)\Common Files\AOL

2012-04-17 19:42:41 -------- d-----w- C:\Users\Demyx\AppData\Local\{6106DB98-7634-46FE-A186-63B20C18741F}

2012-04-17 19:42:28 -------- d-----w- C:\Users\Demyx\AppData\Local\{2A9FAABC-C4AD-4AD2-AFC9-C36897C2CB85}

2012-04-17 19:42:16 -------- d-----w- C:\Users\Demyx\AppData\Local\{B5C51A82-5C54-402F-9112-DA5A794C344A}

2012-04-17 19:42:02 -------- d-----w- C:\Users\Demyx\AppData\Local\{FF795339-B4B3-4C31-A2F9-5C5F68542E66}

2012-04-17 07:41:47 -------- d-----w- C:\Users\Demyx\AppData\Local\{B6E7F176-B354-499D-B6BD-5D0C1C9AA422}

2012-04-17 07:41:35 -------- d-----w- C:\Users\Demyx\AppData\Local\{472E0D11-E19F-427F-AD51-E77383DD4997}

2012-04-17 07:41:24 -------- d-----w- C:\Users\Demyx\AppData\Local\{BDA10DCA-4010-46FF-ADC3-06DE93F7961B}

2012-04-17 07:41:12 -------- d-----w- C:\Users\Demyx\AppData\Local\{0F3BEFA7-4127-4976-ABD7-37B1466FBF79}

2012-04-16 19:40:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{63647855-D7D7-42C2-BC9F-FF083B806162}

2012-04-16 19:40:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{F7A8E302-87BC-4DE4-B4F5-77B2EBC68C3E}

2012-04-16 19:40:31 -------- d-----w- C:\Users\Demyx\AppData\Local\{CB695307-F766-4084-826B-DBBD52D23D24}

2012-04-16 19:40:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{0718CF94-74E9-44CF-B0A9-032F7A8CA30B}

2012-04-16 07:40:04 -------- d-----w- C:\Users\Demyx\AppData\Local\{9AFB63F4-0892-48CD-91B7-556307BE8701}

2012-04-16 07:39:53 -------- d-----w- C:\Users\Demyx\AppData\Local\{1BA444A3-0AA6-4D01-AF17-0C69CB66DD7D}

2012-04-16 07:39:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{6D8FE763-1999-4B5B-BD3A-69B68B57DCF1}

2012-04-16 07:39:31 -------- d-----w- C:\Users\Demyx\AppData\Local\{84CD86D2-F1BD-4D14-A450-B0BD6A1C077F}

2012-04-15 19:39:15 -------- d-----w- C:\Users\Demyx\AppData\Local\{863D1A2A-9C06-43D6-B6ED-75A8CAE98F54}

2012-04-15 19:39:04 -------- d-----w- C:\Users\Demyx\AppData\Local\{11DE4495-91E1-41C7-BC69-E95D6E8310A6}

2012-04-15 19:38:53 -------- d-----w- C:\Users\Demyx\AppData\Local\{8B51D8F7-D9A2-4385-BEC4-9B9A9FF95D5E}

2012-04-15 19:38:40 -------- d-----w- C:\Users\Demyx\AppData\Local\{D192EA63-EFED-4054-874A-83C821C26A4B}

2012-04-15 07:38:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{2A0BE30E-9137-4BA8-BE44-AF6B636A4F78}

2012-04-15 07:38:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{F97A6991-8ECE-4C38-9107-9595EC367818}

.

==================== Find3M ====================

.

2012-05-09 15:22:33 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-05-09 15:22:33 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-04-14 15:53:40 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll

2012-04-14 15:53:40 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2012-04-08 08:11:15 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

2012-03-22 19:12:12 4435968 ----a-w- C:\Windows\SysWow64\GPhotos.scr

2012-03-08 22:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll

2012-03-08 22:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR

2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll

2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll

2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll

2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll

2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-02-15 15:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys

2012-02-15 15:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll

.

============= FINISH: 22:44:29.68 ===============

Attach.txt

DDS.txt

Link to post
Share on other sites

Hello phyrephreak2008 and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Anti-Virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. Now you have Ad-Aware and Norton Internet Security. My suggestion is to uninstall Ad-Aware.

Also, you have the remnants of a third anti-virus software - AVG. Please download and run their uninstaller:

http://download.avg.com/filedir/util/avgrem/avg_remover_stf_x64_2012_2125.exe

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • TDSSKiller log
  • Malwarebytes' Anti-Malware log
  • a new fresh DDS log file

Link to post
Share on other sites

  • 3 weeks later...

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.