phyrephreak2008

help i think im infected

3 posts in this topic

Hi, I'm receiving this message: 'Malwarebytes' Anti-Malware has successfully blocked access to malicious IP: 66.150.14.111 or something like that i am currently doing a sweep with ad-aware and everytime i scan with malwarebytes i get nothing so please help its starting to drive me mad and plus is affecting my youtube making it so that i have to maximize my video player every video please help me tell me if im infected or something

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Demyx at 22:37:35 on 2012-05-14

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3561.472 [GMT -4:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

AV: AVG Anti-Virus 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe

C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe

C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe

C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe

C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe

C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe

C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\ccSvcHst.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\AVG\AVG2012\avgui.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\AUDIODG.EXE

C:\Windows\ehome\mcupdate.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Users\Demyx\Downloads\VisualBoyAdvance-1.8.0-beta3\VisualBoyAdvance.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskmgr.exe

C:\Windows\ehome\ehsched.exe

C:\Windows\eHome\EhTray.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Demyx\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://xfinity.comcast.net/?cid=insDate02052012

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO: {1036AD63-AEAC-460B-9060-C96005D4DC86} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll

BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\IPS\IPSBHO.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [Google Update] "C:\Users\Demyx\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe

uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet

uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4

mRun: [intel AppUp(SM) center Systray] "C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe" --domain F0399437-FD0C-4A48-B101-F0314A6172E4 --openmode trayicon

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

StartupFolder: C:\Users\Demyx\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe

StartupFolder: C:\Users\Demyx\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUDIBL~1.LNK - C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 75.75.76.76 75.75.75.75

TCP: Interfaces\{67F36A91-4EFF-4F2B-AE24-7B9F8E3D6A59} : DhcpNameServer = 75.75.76.76 75.75.75.75

TCP: Interfaces\{67F36A91-4EFF-4F2B-AE24-7B9F8E3D6A59}\0757467656 : DhcpNameServer = 10.0.0.1

TCP: Interfaces\{67F36A91-4EFF-4F2B-AE24-7B9F8E3D6A59}\2416B65627 : DhcpNameServer = 10.8.32.15 158.80.1.42 158.80.1.142

TCP: Interfaces\{67F36A91-4EFF-4F2B-AE24-7B9F8E3D6A59}\E49636567596C6C6F677D27657563747 : DhcpNameServer = 75.75.76.76 75.75.75.75

TCP: Interfaces\{EE9C52F3-DCA7-4C86-87D4-7C0B3742E3EB} : DhcpNameServer = 68.87.66.252 68.87.64.248

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: {1036AD63-AEAC-460B-9060-C96005D4DC86} - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll

BHO-X64: Norton Identity Protection - No File

BHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

BHO-X64: AMD SteadyVideo BHO - No File

BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\IPS\IPSBHO.DLL

BHO-X64: Norton Vulnerability Protection - No File

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

BHO-X64: IESpeakDoc - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.0.9\coIEPlg.dll

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

mRun-x64: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4

mRun-x64: [intel AppUp(SM) center Systray] "C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe" --domain F0399437-FD0C-4A48-B101-F0314A6172E4 --openmode trayicon

mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

Hosts: 127.0.0.1 www.spywareinfo.com

.

============= SERVICES / DRIVERS ===============

.

R0 amd_sata;amd_sata;C:\Windows\system32\DRIVERS\amd_sata.sys --> C:\Windows\system32\DRIVERS\amd_sata.sys [?]

R0 amd_xata;amd_xata;C:\Windows\system32\DRIVERS\amd_xata.sys --> C:\Windows\system32\DRIVERS\amd_xata.sys [?]

R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]

R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]

R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\system32\DRIVERS\btath_flt.sys --> C:\Windows\system32\DRIVERS\btath_flt.sys [?]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120507.001\BHDrvx64.sys [2012-5-8 1160824]

R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\system32\drivers\btath_a2dp.sys --> C:\Windows\system32\drivers\btath_a2dp.sys [?]

R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\system32\drivers\btath_avdt.sys --> C:\Windows\system32\drivers\btath_avdt.sys [?]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\system32\DRIVERS\btath_bus.sys --> C:\Windows\system32\DRIVERS\btath_bus.sys [?]

R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\system32\DRIVERS\btath_hcrp.sys --> C:\Windows\system32\DRIVERS\btath_hcrp.sys [?]

R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\system32\DRIVERS\btath_lwflt.sys --> C:\Windows\system32\DRIVERS\btath_lwflt.sys [?]

R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\system32\DRIVERS\btath_rcp.sys --> C:\Windows\system32\DRIVERS\btath_rcp.sys [?]

R3 BtFilter;BtFilter;C:\Windows\system32\DRIVERS\btfilter.sys --> C:\Windows\system32\DRIVERS\btfilter.sys [?]

R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1307000.009\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1307000.009\ccSetx64.sys [?]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-4-7 138360]

R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120511.001\IDSviA64.sys [2012-5-12 488568]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2012-4-22 17152]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

.

=============== Created Last 30 ================

.

2012-05-14 19:29:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{A1334931-BA8E-4F94-A660-D9DA5D647CFC}

2012-05-14 19:29:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{440A544B-E046-47D3-BDFF-7A48F1DBD8B6}

2012-05-14 19:29:17 -------- d-----w- C:\Users\Demyx\AppData\Local\{F0FFA090-E15D-4B2B-B013-F067C74F68D3}

2012-05-14 19:29:03 -------- d-----w- C:\Users\Demyx\AppData\Local\{A836A342-9376-49D7-B7DC-C5787A96A23F}

2012-05-14 16:44:03 -------- d--h--w- C:\$AVG

2012-05-14 16:09:13 -------- d-----w- C:\Users\Demyx\AppData\Roaming\AVG2012

2012-05-14 16:07:17 -------- d-----w- C:\Windows\SysWow64\drivers\AVG

2012-05-14 16:01:09 -------- d-----w- C:\Windows\System32\drivers\AVG

2012-05-14 16:01:09 -------- d-----w- C:\ProgramData\AVG2012

2012-05-14 15:59:41 -------- d-----w- C:\Program Files (x86)\AVG

2012-05-14 15:55:15 -------- d--h--w- C:\ProgramData\Common Files

2012-05-14 15:54:48 -------- d-----w- C:\ProgramData\MFAData

2012-05-14 07:28:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{D9A3D10D-B090-46C4-8D7E-02FCD0AB756C}

2012-05-14 07:28:08 -------- d-----w- C:\Users\Demyx\AppData\Local\{6E5C05F0-8221-4EBF-A837-A9935551F6FF}

2012-05-14 07:27:57 -------- d-----w- C:\Users\Demyx\AppData\Local\{388090E9-FB50-47D6-A115-962D54A1EF3C}

2012-05-14 07:27:44 -------- d-----w- C:\Users\Demyx\AppData\Local\{DA170A9C-A7B8-4B90-9811-37F489E41D32}

2012-05-13 19:26:07 -------- d-----w- C:\Users\Demyx\AppData\Local\{C8573169-3603-4D62-BBA9-F2D203BA082A}

2012-05-13 19:25:36 -------- d-----w- C:\Users\Demyx\AppData\Local\{D2C965C8-2AF4-4C78-8172-22DF3740A867}

2012-05-13 16:24:27 16432 ----a-w- C:\Windows\System32\lsdelete.exe

2012-05-13 07:19:46 -------- d-----w- C:\Users\Demyx\AppData\Local\{3A7F7304-47BB-426B-8BD0-7F2C1DF7F1FA}

2012-05-13 07:19:28 -------- d-----w- C:\Users\Demyx\AppData\Local\{9FBA19F1-2D3E-4F23-921B-26AD0CDC6262}

2012-05-12 19:19:02 -------- d-----w- C:\Users\Demyx\AppData\Local\{7F26E1F6-C8E4-49C9-BCE8-8D2576BCFD9D}

2012-05-12 19:18:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{2B530271-3AC7-4E9D-AC0B-07AFDE5B08EE}

2012-05-12 07:17:01 -------- d-----w- C:\Users\Demyx\AppData\Local\{76841504-B96C-45AB-BFA5-7B9A3FA4281F}

2012-05-12 07:16:35 -------- d-----w- C:\Users\Demyx\AppData\Local\{C8B9CB4E-CC4C-488D-9FBE-FD4E4A0FEAD9}

2012-05-11 19:16:17 -------- d-----w- C:\Users\Demyx\AppData\Local\{9FA6875A-48A0-470A-95FB-08971A87F622}

2012-05-11 19:16:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{D7AE6B39-DAE8-498C-9EB5-3B396A2299C0}

2012-05-11 07:15:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{3B8EA98C-BC0D-4619-BB19-8664055BB7BD}

2012-05-11 07:15:37 -------- d-----w- C:\Users\Demyx\AppData\Local\{BEC762CB-A5B7-4C5B-8503-A72866F8DCA8}

2012-05-10 19:21:51 -------- d-----w- C:\Users\Demyx\AppData\Roaming\.minecraft

2012-05-10 19:14:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{25A359B3-5115-4237-A61F-C212971544F8}

2012-05-10 19:14:38 -------- d-----w- C:\Users\Demyx\AppData\Local\{2F93A7FE-A667-4DA7-B19F-8E49A73E8423}

2012-05-10 19:14:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{604ACE81-AB18-4BDC-88C7-FD484478F545}

2012-05-10 19:13:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{8F19188A-53E1-4421-A4D9-1CFF99A7BD34}

2012-05-10 14:27:30 -------- d-----w- C:\Users\Demyx\AppData\Local\WinZip

2012-05-10 14:03:25 137000 ----a-w- C:\Windows\SysWow64\MSMAPI32.OCX

2012-05-10 14:03:24 87040 ----a-w- C:\Windows\System32\pdfcmnnt.dll

2012-05-10 14:03:21 23552 ----a-w- C:\Windows\SysWow64\MSMPIDE.DLL

2012-05-10 14:03:20 -------- d-----w- C:\Program Files (x86)\PDFCreator

2012-05-10 14:03:01 -------- d-----w- C:\Program Files (x86)\PricePeep

2012-05-10 14:02:38 -------- d-----w- C:\Users\Demyx\AppData\Local\Wajam

2012-05-10 14:02:32 -------- d-----w- C:\Program Files (x86)\Wajam

2012-05-10 14:02:14 -------- d-----w- C:\Program Files\PrivacySafeGuard

2012-05-10 14:01:56 -------- d-----w- C:\Program Files (x86)\Yontoo

2012-05-10 14:01:52 -------- d-----w- C:\ProgramData\Tarma Installer

2012-05-10 13:58:08 -------- d-----w- C:\Users\Demyx\AppData\Roaming\DAEMON Tools Lite

2012-05-10 13:56:33 -------- d-----w- C:\ProgramData\DAEMON Tools Lite

2012-05-10 13:50:53 -------- d-----w- C:\Users\Demyx\AppData\Roaming\DAEMON Tools Pro

2012-05-10 13:49:53 -------- d-----w- C:\ProgramData\DAEMON Tools Pro

2012-05-10 04:48:34 -------- d-----w- C:\Users\Demyx\AppData\Local\{839B19D4-F958-4E98-8B74-1922777F37F8}

2012-05-10 04:48:24 -------- d-----w- C:\Users\Demyx\AppData\Local\{96D07156-9928-4FD6-A605-27F80270F7F2}

2012-05-10 04:48:03 -------- d-----w- C:\Users\Demyx\AppData\Local\{929F4F3D-3911-473C-A937-44A86AE36655}

2012-05-09 16:47:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{451A71E3-1AD2-4DF8-AFE8-67865AD32517}

2012-05-09 16:47:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{ADE9BC15-79D4-4791-8B87-8F10D70BFE68}

2012-05-09 16:47:29 -------- d-----w- C:\Users\Demyx\AppData\Local\{E5A246C7-FDE1-4853-8C2C-D8A32BF03952}

2012-05-09 16:47:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{0F2ABD84-9836-4406-A522-8AF1C5A7F9C9}

2012-05-09 15:22:13 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-05-09 07:07:45 -------- d-sh--w- C:\Windows\System32\%APPDATA%

2012-05-09 07:03:46 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2012-05-09 04:46:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{B893594B-D352-46DD-B862-FA7A68A06D15}

2012-05-09 04:46:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{49CFCA07-A200-44F8-B662-F7F608A572D1}

2012-05-09 04:46:32 -------- d-----w- C:\Users\Demyx\AppData\Local\{1F103556-10B0-4702-886D-35EB03A0FD9B}

2012-05-09 04:46:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{36ECC975-F653-4001-AF6D-0A6E91CD3124}

2012-05-08 19:00:43 1544704 ----a-w- C:\Windows\System32\DWrite.dll

2012-05-08 19:00:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-05-08 19:00:40 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-08 19:00:39 3146240 ----a-w- C:\Windows\System32\win32k.sys

2012-05-08 19:00:38 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-08 19:00:38 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-08 19:00:07 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2012-05-08 18:59:53 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-05-08 18:59:50 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll

2012-05-08 18:59:50 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll

2012-05-08 16:46:07 -------- d-----w- C:\Users\Demyx\AppData\Local\{6857868F-6AC7-4687-882B-B42A90F4162F}

2012-05-08 16:45:56 -------- d-----w- C:\Users\Demyx\AppData\Local\{4EC73978-A238-4A57-87D7-6B965AAEC2C8}

2012-05-08 16:45:47 -------- d-----w- C:\Users\Demyx\AppData\Local\{E28F463A-A279-4C28-9EB5-BDFC6F465418}

2012-05-08 16:45:36 -------- d-----w- C:\Users\Demyx\AppData\Local\{77F790EB-B64B-4C47-A628-98055381AE16}

2012-05-08 04:45:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{4641EA0E-4BFD-411C-A9B1-E9B9D5F5D294}

2012-05-08 04:44:56 -------- d-----w- C:\Users\Demyx\AppData\Local\{F0F24B8D-8A80-42C1-8B99-304273ABFB36}

2012-05-08 04:44:44 -------- d-----w- C:\Users\Demyx\AppData\Local\{D277B4B7-7A25-4406-91DC-4CF7951E098D}

2012-05-08 04:44:31 -------- d-----w- C:\Users\Demyx\AppData\Local\{9C43978F-A172-4222-A92E-41D56C93B351}

2012-05-07 16:44:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{B3446AFA-77B4-4C44-B617-B14124D91591}

2012-05-07 16:44:08 -------- d-----w- C:\Users\Demyx\AppData\Local\{CB272766-61A6-4DA7-9DA2-44D83CF52A78}

2012-05-07 16:43:58 -------- d-----w- C:\Users\Demyx\AppData\Local\{9600590C-335B-492A-95FC-6615234B9CD6}

2012-05-07 16:43:47 -------- d-----w- C:\Users\Demyx\AppData\Local\{CDD6D7BC-B8C6-4125-8F6A-E6B0208FCE5C}

2012-05-07 04:43:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{215B4932-A1EE-441B-BC89-F25542548BD2}

2012-05-07 04:43:23 -------- d-----w- C:\Users\Demyx\AppData\Local\{64A8C5C4-A6F9-4933-8B46-C4854F5745D2}

2012-05-07 04:43:13 -------- d-----w- C:\Users\Demyx\AppData\Local\{AD723E7E-C84C-4CE5-BD6C-CB618341B4FF}

2012-05-07 04:43:02 -------- d-----w- C:\Users\Demyx\AppData\Local\{D7477B4C-32ED-4413-A5C6-40E1E75F9E75}

2012-05-06 16:42:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{D16EB94D-B9C4-4654-9599-56B04927F0C4}

2012-05-06 16:42:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{41902ED0-AC9D-4F58-9AF5-130B4394D5B2}

2012-05-06 16:42:28 -------- d-----w- C:\Users\Demyx\AppData\Local\{81385381-4807-4774-8F40-545A0808A0BD}

2012-05-06 16:42:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{284EBC90-08CC-4FDD-8911-DF7A308494D1}

2012-05-06 04:42:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{3A73CEAF-EFD1-4610-B190-2DED6549F0A2}

2012-05-06 04:41:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{CC51F412-1071-4372-8B04-22432CB13F7F}

2012-05-06 04:41:36 -------- d-----w- C:\Users\Demyx\AppData\Local\{5D11D48D-2FE1-4ADF-B447-85A0DF8ED33F}

2012-05-06 04:41:24 -------- d-----w- C:\Users\Demyx\AppData\Local\{9889D904-281C-4529-960F-5D0A95E02BB1}

2012-05-05 16:41:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{F2274B87-3019-4234-8CCD-7729CF049A76}

2012-05-05 16:41:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{C3129DD6-130F-4B36-BCE1-CCE8D49F3F46}

2012-05-05 16:40:50 -------- d-----w- C:\Users\Demyx\AppData\Local\{BA66B652-0BBC-4512-9C9B-938660C2ED78}

2012-05-05 16:40:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{2204355E-3288-449A-B605-A0748A3C162A}

2012-05-05 04:40:26 -------- d-----w- C:\Users\Demyx\AppData\Local\{0C3D572F-814C-4D74-8902-8EF326E542E0}

2012-05-05 04:40:16 -------- d-----w- C:\Users\Demyx\AppData\Local\{885BEEBB-499B-49F7-A127-4873B8CD3B6E}

2012-05-05 04:40:05 -------- d-----w- C:\Users\Demyx\AppData\Local\{36445122-DBD4-4382-9A1F-5472CBB775E8}

2012-05-04 16:39:25 -------- d-----w- C:\Users\Demyx\AppData\Local\{7F4E3E60-117F-450E-8248-E974483DE06F}

2012-05-04 16:38:57 -------- d-----w- C:\Users\Demyx\AppData\Local\{12A61E7B-39B6-43AC-B33E-9E0A9114F2B7}

2012-05-04 10:57:35 -------- d-----w- C:\Users\Demyx\AppData\Local\{BB916F87-AEA3-4186-8FBB-5384BAA795AF}

2012-05-04 10:51:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{BC593CF6-1EEE-4152-9EAC-B57F698E6E9D}

2012-05-03 22:51:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{62AAF4FF-AA0A-4EF5-A055-E86B80BDED56}

2012-05-03 22:50:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{1C763580-B92A-4B10-9DEC-A86790C4A5BC}

2012-05-03 22:50:44 -------- d-----w- C:\Users\Demyx\AppData\Local\{49B02279-5B13-49E9-9EAB-9EC833089468}

2012-05-03 22:50:30 -------- d-----w- C:\Users\Demyx\AppData\Local\{F51FDE34-E410-414D-8097-9B0D2FCC408E}

2012-05-03 22:50:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{53BB17D1-E5E3-47C6-A3F9-9E07611D58BC}

2012-05-03 10:49:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{C59FD62D-05E7-4BFA-BB90-698BEAC5E3B8}

2012-05-03 10:49:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{DAF0F4F4-53A4-4A92-BD43-F6715919D5B7}

2012-05-03 10:49:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{0F849FFC-9380-478D-9334-BAD47B1C009C}

2012-05-03 10:49:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{F0B6BF73-732A-4134-BF5A-AEF1839A44DA}

2012-05-03 05:11:56 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll

2012-05-03 05:11:39 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2012-05-03 05:11:29 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2012-05-03 05:11:25 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2012-05-02 22:48:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{A905842C-619B-4DAA-8D34-56E977E15585}

2012-05-02 22:48:40 -------- d-----w- C:\Users\Demyx\AppData\Local\{DA1F5EDF-CBB4-4858-8705-3AA8A9B1E521}

2012-05-02 21:05:08 -------- d-----w- C:\Users\Demyx\AppData\Local\Xfinity.com

2012-05-02 18:48:50 -------- d-----w- C:\Users\Demyx\AppData\Local\{52769A47-358E-4574-9ABB-4A2288AA580A}

2012-05-02 16:36:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{DB7D82CF-6BC8-4107-80F3-8CC3350C9C52}

2012-05-02 10:52:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{89649BFB-0A86-480F-A556-CE4F20A3BD19}

2012-05-02 10:49:23 -------- d-----w- C:\Users\Demyx\AppData\Local\{70484D52-CE16-4B8F-8BDF-DAFB23C69A51}

2012-05-01 22:49:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{AB5BAE97-2284-4B48-BAFE-E9C27702F20A}

2012-05-01 22:48:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{375F2271-01EC-4287-8E43-F8A0DF76061D}

2012-05-01 22:48:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{A36D9145-15DB-4F64-ABEB-8CB971FAF2B8}

2012-05-01 18:48:50 -------- d-----w- C:\Users\Demyx\AppData\Local\{217B9F1D-A781-41AB-8798-FFBF6DF6D469}

2012-05-01 10:55:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{ABF8B9CA-6514-4CDB-90D3-D274EA99F0D1}

2012-05-01 10:52:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{7E67C96A-C307-4F43-9665-5AE9583701EA}

2012-05-01 10:48:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{6431E5BF-8BDD-4B33-B6F2-ABA29AE8A6C3}

2012-04-30 23:00:16 82944 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPP9D.DLL

2012-04-30 23:00:16 27648 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPD9D.DLL

2012-04-30 22:59:54 279040 ----a-w- C:\Windows\System32\CNMLM9D.DLL

2012-04-30 22:59:51 92672 ----a-w- C:\Windows\System32\CNC620I.DLL

2012-04-30 22:59:51 293888 ----a-w- C:\Windows\System32\CNC620L.DLL

2012-04-30 22:59:51 229888 ----a-w- C:\Windows\System32\CNC620O.DLL

2012-04-30 22:59:51 1354240 ----a-w- C:\Windows\System32\CNC620C.DLL

2012-04-30 22:07:20 -------- d-----w- C:\Users\Demyx\AppData\Local\{6B88EC67-CC26-4338-9092-0FA7B3A2F00A}

2012-04-30 22:07:07 -------- d-----w- C:\Users\Demyx\AppData\Local\{CE3FF77D-F103-4FD8-A546-050E19B15C53}

2012-04-30 18:43:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{90A1051C-660D-4CFA-A8AF-5943730269A0}

2012-04-30 14:22:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{1BDC2C15-AEF9-480C-89A1-6D5EC3B1CA90}

2012-04-29 21:03:58 -------- d-----w- C:\Users\Demyx\AppData\Local\{2F4E9815-9AB5-4987-9C34-3D00F9FFE948}

2012-04-29 21:03:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{332D7D9D-CE75-47B6-AAEE-F2205E7EDE0D}

2012-04-29 09:07:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{1D1989B2-3FC0-40FA-BC3D-436718646505}

2012-04-29 09:04:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{451C3E06-956A-4AF2-8F93-752B86A8C215}

2012-04-28 21:03:53 -------- d-----w- C:\Users\Demyx\AppData\Local\{99316C63-4EAC-42D0-8717-D9E1A3A6FD7B}

2012-04-28 21:03:40 -------- d-----w- C:\Users\Demyx\AppData\Local\{28E98E46-99DE-4F89-91A9-67AD5AEA5A35}

2012-04-28 09:15:03 -------- d-----w- C:\Users\Demyx\AppData\Local\{67CA83C5-B4B1-41DB-B2C3-2236A4363FBD}

2012-04-28 09:07:26 -------- d-----w- C:\Users\Demyx\AppData\Local\{51908CF7-0503-4CC6-ADC6-DC2AC579A6B7}

2012-04-27 21:07:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{874CC700-A1B3-4A02-85F3-D8D962C1D69C}

2012-04-27 21:07:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{1AFDD7BA-0783-4465-BAC4-D87E2BEEA2BE}

2012-04-27 21:06:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{F18F5C71-7169-4E53-AC86-E0DD3FECC9D5}

2012-04-27 21:06:37 -------- d-----w- C:\Users\Demyx\AppData\Local\{87672E33-5694-457C-99DC-3B2EED8A51AA}

2012-04-27 09:06:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{B199A96D-052E-4606-8DDE-7181DAE19566}

2012-04-27 09:06:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{D889AE72-D202-4647-8A43-15FF584069BC}

2012-04-27 09:05:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{66FD4498-D0D3-4377-BB78-6F0B2899D60B}

2012-04-27 09:05:47 -------- d-----w- C:\Users\Demyx\AppData\Local\{DECA59E9-42F1-422E-8549-6BE01E354DA9}

2012-04-26 21:05:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{E6507184-2DB5-403D-8C8C-07BF1A223229}

2012-04-26 21:05:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{2FE363AC-B2C9-4A37-9537-892CAA00BAC4}

2012-04-26 21:05:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{3FD35FB9-552E-420E-A606-62B10326CF61}

2012-04-26 21:04:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{5E95CD9A-29F0-4A18-A5F5-1C2BF8805D7B}

2012-04-26 09:04:44 -------- d-----w- C:\Users\Demyx\AppData\Local\{76F1D76F-7CA7-4624-8634-2314A1C4BB1A}

2012-04-26 09:04:32 -------- d-----w- C:\Users\Demyx\AppData\Local\{6B1D5FBA-32FD-42F8-BDA8-50245A294CC0}

2012-04-26 09:04:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{59C2E6BD-1283-4677-BCA8-A5370F27D21C}

2012-04-26 09:04:08 -------- d-----w- C:\Users\Demyx\AppData\Local\{9E195217-26BC-4228-ABB4-F5D712DBCEA3}

2012-04-25 21:03:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{9F2ABA51-237F-4A93-B76E-46E66984E1D0}

2012-04-25 21:03:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{400623D6-5185-4721-A02E-29F8020F5003}

2012-04-25 09:03:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{9C084ADC-1E66-4F03-9642-56C232E3CBFE}

2012-04-25 09:03:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{F793E6B7-BF05-4BD9-AE9B-3FAD1E2F1109}

2012-04-25 09:02:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{7FD2D151-F4FB-4912-82D9-E2ACDC9E3776}

2012-04-25 09:02:36 -------- d-----w- C:\Users\Demyx\AppData\Local\{87F33B53-1AEE-448D-BD43-27F7767C0449}

2012-04-24 21:02:05 -------- d-----w- C:\Users\Demyx\AppData\Local\{2F1F749A-9212-449C-AC77-81A87542FAC9}

2012-04-24 21:01:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{B13D0550-87B8-4A90-9E49-4B1379FF1960}

2012-04-24 21:01:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{44C9B653-E237-4069-B567-F118FA327546}

2012-04-24 21:01:29 -------- d-----w- C:\Users\Demyx\AppData\Local\{5B215AA5-A38D-455F-821E-F146F3EB66E8}

2012-04-24 09:01:14 -------- d-----w- C:\Users\Demyx\AppData\Local\{8B1095F3-6F90-4355-91F8-861A30233F32}

2012-04-24 09:01:03 -------- d-----w- C:\Users\Demyx\AppData\Local\{2195C883-6895-425A-9696-A7D709B5C73B}

2012-04-24 09:00:52 -------- d-----w- C:\Users\Demyx\AppData\Local\{8FC3579E-8319-4031-B6F8-1A5C4189466D}

2012-04-24 09:00:39 -------- d-----w- C:\Users\Demyx\AppData\Local\{929E99FF-3F4A-4A2A-AC18-5EEB6B99A3C1}

2012-04-24 00:02:30 737912 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\srtsp64.sys

2012-04-24 00:02:30 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1307000.009\symds64.sys

2012-04-24 00:02:30 405624 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\symnets.sys

2012-04-24 00:02:30 37496 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\srtspx64.sys

2012-04-24 00:02:30 190072 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\ironx64.sys

2012-04-24 00:02:30 167048 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\ccsetx64.sys

2012-04-24 00:02:30 1092728 ----a-w- C:\Windows\System32\drivers\NISx64\1307000.009\symefa64.sys

2012-04-24 00:02:07 -------- d-----w- C:\Windows\System32\drivers\NISx64\1307000.009

2012-04-23 21:00:23 -------- d-----w- C:\Users\Demyx\AppData\Local\{E01173F3-3C7F-47EB-BE53-D6C1AE65E35C}

2012-04-23 21:00:12 -------- d-----w- C:\Users\Demyx\AppData\Local\{95CA540D-0F96-4F8C-B343-44A7DDB89E45}

2012-04-23 21:00:00 -------- d-----w- C:\Users\Demyx\AppData\Local\{61D787E8-65CE-4C50-A670-9912A7A952B9}

2012-04-23 20:59:49 -------- d-----w- C:\Users\Demyx\AppData\Local\{5FF85788-BF09-4C15-90F4-BE66D2418170}

2012-04-23 08:59:33 -------- d-----w- C:\Users\Demyx\AppData\Local\{488528E3-CA41-4422-B3A5-320D6F60A16F}

2012-04-23 08:59:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{7DA8ED4B-F143-411D-AF0A-953DF763C26F}

2012-04-23 08:59:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{4870E45B-39B8-418C-AB3C-2F98FE8799A5}

2012-04-23 08:58:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{1F2BE1CD-E742-4FA3-ADEA-78E22A431CA7}

2012-04-23 00:48:24 -------- d-----w- C:\Users\Demyx\AppData\Local\LogMeIn

2012-04-23 00:48:09 59776 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\LMIproc.dll

2012-04-23 00:48:08 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll

2012-04-23 00:48:08 72216 ----a-w- C:\Windows\System32\drivers\LMIRfsDriver.sys

2012-04-23 00:48:08 34688 ----a-w- C:\Windows\System32\LMIport.dll

2012-04-23 00:48:06 80768 ----a-w- C:\Windows\System32\LMIinit.dll

2012-04-23 00:47:59 -------- d-----w- C:\ProgramData\LogMeIn

2012-04-23 00:47:45 -------- d-----w- C:\Program Files (x86)\LogMeIn

2012-04-23 00:39:32 -------- d-----w- C:\Users\Demyx\AppData\Roaming\GlarySoft

2012-04-23 00:36:10 -------- d-----w- C:\Users\Demyx\AppData\Roaming\Auslogics

2012-04-23 00:35:53 -------- d-----w- C:\Users\Demyx\AppData\Roaming\Malwarebytes

2012-04-23 00:35:09 -------- d-----w- C:\Users\Demyx\AppData\Roaming\SUPERAntiSpyware.com

2012-04-23 00:11:07 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys

2012-04-23 00:10:48 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2012-04-23 00:10:48 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

2012-04-23 00:10:27 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com

2012-04-23 00:10:27 -------- d-----w- C:\Program Files\SUPERAntiSpyware

2012-04-23 00:10:07 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys

2012-04-23 00:09:59 -------- d-----w- C:\Program Files (x86)\Lavasoft

2012-04-23 00:09:46 -------- d-----w- C:\ProgramData\Malwarebytes

2012-04-23 00:09:45 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-04-23 00:09:45 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-04-23 00:06:40 -------- d-----w- C:\Program Files (x86)\VideoLAN

2012-04-23 00:06:01 86608 ----a-w- C:\Windows\System32\cpwmon64.dll

2012-04-23 00:05:59 -------- d-----w- C:\Program Files (x86)\Acro Software

2012-04-23 00:05:40 -------- d-----w- C:\Program Files (x86)\GPLGS

2012-04-23 00:05:27 -------- d-----w- C:\Program Files (x86)\Glary Utilities

2012-04-23 00:05:19 -------- d-----w- C:\Program Files (x86)\Auslogics

2012-04-23 00:04:55 -------- d-----w- C:\Users\Demyx\AppData\Local\HuluDesktop

2012-04-23 00:04:29 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-04-22 20:58:30 -------- d-----w- C:\Users\Demyx\AppData\Local\{F63B5415-AD25-4B37-900E-76BF6AB66A05}

2012-04-22 20:58:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{92A46E77-4D99-40E0-A75A-EEB931254BD6}

2012-04-22 20:58:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{2C5D9250-2BF8-43BF-A0B1-F2A6BCC042DC}

2012-04-22 20:57:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{DB5DA79D-BFBC-48E2-966E-B843936FBCFD}

2012-04-22 08:57:40 -------- d-----w- C:\Users\Demyx\AppData\Local\{144BA7E5-3D85-4F8C-9C4E-C08382576E18}

2012-04-22 08:57:29 -------- d-----w- C:\Users\Demyx\AppData\Local\{6AFB6545-246D-44EE-BD48-0773BE01810D}

2012-04-22 08:57:18 -------- d-----w- C:\Users\Demyx\AppData\Local\{417A4686-34F9-44A0-85CE-3ECE1D97BA92}

2012-04-22 08:57:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{7B8FC20F-A71D-48FB-BFF8-B59ABA18BCFF}

2012-04-21 21:00:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{76AD2207-3A8D-4605-91BB-912325C5E6BD}

2012-04-21 20:57:13 -------- d-----w- C:\Users\Demyx\AppData\Local\{9C449E44-FFEB-4CB3-BBC4-1F80B5341BB7}

2012-04-21 07:48:15 -------- d-----w- C:\Users\Demyx\AppData\Local\{FC1F7457-1234-40B2-9417-3BF35240A4A4}

2012-04-21 07:48:02 -------- d-----w- C:\Users\Demyx\AppData\Local\{CD9863FC-DD8A-4A33-9A54-A849BDE4A257}

2012-04-21 07:47:50 -------- d-----w- C:\Users\Demyx\AppData\Local\{52F9221B-283A-4A0C-A29D-6D3685211650}

2012-04-21 07:47:38 -------- d-----w- C:\Users\Demyx\AppData\Local\{294C3DD7-69BF-4E40-837A-DAFB627175DE}

2012-04-20 19:47:22 -------- d-----w- C:\Users\Demyx\AppData\Local\{CFEAFF7D-106B-4DA7-BB2C-F36527FC17F4}

2012-04-20 19:47:11 -------- d-----w- C:\Users\Demyx\AppData\Local\{A07E2869-8880-4F12-8FB9-5AB79BA9B1E7}

2012-04-20 19:46:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{929B1C99-384F-4869-9865-0BD5ECF97115}

2012-04-20 19:46:48 -------- d-----w- C:\Users\Demyx\AppData\Local\{C820C565-020B-4C34-B417-0CB1A4CCB93F}

2012-04-20 07:46:32 -------- d-----w- C:\Users\Demyx\AppData\Local\{DD5DED35-0C57-4402-A8AA-64D7C947A7CD}

2012-04-20 07:46:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{AF0E8C6F-6AD2-4231-98F1-931AA4F77FAD}

2012-04-20 07:46:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{CCF3582B-B50A-48A0-A1B1-CD10856025CA}

2012-04-20 07:45:59 -------- d-----w- C:\Users\Demyx\AppData\Local\{0A3AF78B-6A00-498B-8161-C1EAE9AF0CF1}

2012-04-20 07:43:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{98CBD638-2C84-4396-88DD-E4270D58834F}

2012-04-20 02:54:17 -------- d-----w- C:\Users\Demyx\AppData\Roaming\e-academy Inc

2012-04-20 02:54:17 -------- d-----w- C:\Users\Demyx\AppData\Local\e-academy Inc

2012-04-20 01:29:37 -------- d-----w- C:\ProgramData\Package Cache

2012-04-19 19:45:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{2B3137B6-1CA5-467A-B541-1BF1E4E4BE3A}

2012-04-19 19:45:32 -------- d-----w- C:\Users\Demyx\AppData\Local\{7617E37C-451A-4556-8236-ED9C7FC1DF5E}

2012-04-19 19:45:21 -------- d-----w- C:\Users\Demyx\AppData\Local\{2E73F9C1-7A2D-49E3-AB01-134755A02B51}

2012-04-19 19:45:09 -------- d-----w- C:\Users\Demyx\AppData\Local\{E2D4A36A-3150-41B8-856D-CC06D459F0E5}

2012-04-19 07:44:53 -------- d-----w- C:\Users\Demyx\AppData\Local\{E587AE61-9373-4342-AC63-AF010809EB3A}

2012-04-19 07:44:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{FED681A5-4AEB-4D2B-A52B-72340FBEC4CF}

2012-04-19 07:44:29 -------- d-----w- C:\Users\Demyx\AppData\Local\{E08E27C7-445E-4419-B872-EC674759685C}

2012-04-18 19:44:10 -------- d-----w- C:\Users\Demyx\AppData\Local\{5A190036-80DB-4143-99FE-20066D542D6B}

2012-04-18 07:43:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{791D28AC-CEE2-43FF-9511-DF6CF9370311}

2012-04-18 07:43:31 -------- d-----w- C:\Users\Demyx\AppData\Local\{F2D529FF-7A80-4A29-9853-389FF5CC1816}

2012-04-18 07:43:20 -------- d-----w- C:\Users\Demyx\AppData\Local\{2BE3D367-0F7F-454D-968F-C6E305B9A535}

2012-04-18 07:43:08 -------- d-----w- C:\Users\Demyx\AppData\Local\{478D012B-035B-4A5C-A275-5A87E6071496}

2012-04-17 19:43:30 -------- d-----w- C:\Users\Demyx\AppData\Local\AIM

2012-04-17 19:43:16 -------- d-----w- C:\ProgramData\AIM

2012-04-17 19:43:05 -------- d-----w- C:\Program Files (x86)\AIM

2012-04-17 19:43:03 -------- d-----w- C:\Program Files (x86)\Common Files\Software Update Utility

2012-04-17 19:42:59 -------- d-----w- C:\Program Files (x86)\Common Files\AOL

2012-04-17 19:42:41 -------- d-----w- C:\Users\Demyx\AppData\Local\{6106DB98-7634-46FE-A186-63B20C18741F}

2012-04-17 19:42:28 -------- d-----w- C:\Users\Demyx\AppData\Local\{2A9FAABC-C4AD-4AD2-AFC9-C36897C2CB85}

2012-04-17 19:42:16 -------- d-----w- C:\Users\Demyx\AppData\Local\{B5C51A82-5C54-402F-9112-DA5A794C344A}

2012-04-17 19:42:02 -------- d-----w- C:\Users\Demyx\AppData\Local\{FF795339-B4B3-4C31-A2F9-5C5F68542E66}

2012-04-17 07:41:47 -------- d-----w- C:\Users\Demyx\AppData\Local\{B6E7F176-B354-499D-B6BD-5D0C1C9AA422}

2012-04-17 07:41:35 -------- d-----w- C:\Users\Demyx\AppData\Local\{472E0D11-E19F-427F-AD51-E77383DD4997}

2012-04-17 07:41:24 -------- d-----w- C:\Users\Demyx\AppData\Local\{BDA10DCA-4010-46FF-ADC3-06DE93F7961B}

2012-04-17 07:41:12 -------- d-----w- C:\Users\Demyx\AppData\Local\{0F3BEFA7-4127-4976-ABD7-37B1466FBF79}

2012-04-16 19:40:54 -------- d-----w- C:\Users\Demyx\AppData\Local\{63647855-D7D7-42C2-BC9F-FF083B806162}

2012-04-16 19:40:43 -------- d-----w- C:\Users\Demyx\AppData\Local\{F7A8E302-87BC-4DE4-B4F5-77B2EBC68C3E}

2012-04-16 19:40:31 -------- d-----w- C:\Users\Demyx\AppData\Local\{CB695307-F766-4084-826B-DBBD52D23D24}

2012-04-16 19:40:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{0718CF94-74E9-44CF-B0A9-032F7A8CA30B}

2012-04-16 07:40:04 -------- d-----w- C:\Users\Demyx\AppData\Local\{9AFB63F4-0892-48CD-91B7-556307BE8701}

2012-04-16 07:39:53 -------- d-----w- C:\Users\Demyx\AppData\Local\{1BA444A3-0AA6-4D01-AF17-0C69CB66DD7D}

2012-04-16 07:39:42 -------- d-----w- C:\Users\Demyx\AppData\Local\{6D8FE763-1999-4B5B-BD3A-69B68B57DCF1}

2012-04-16 07:39:31 -------- d-----w- C:\Users\Demyx\AppData\Local\{84CD86D2-F1BD-4D14-A450-B0BD6A1C077F}

2012-04-15 19:39:15 -------- d-----w- C:\Users\Demyx\AppData\Local\{863D1A2A-9C06-43D6-B6ED-75A8CAE98F54}

2012-04-15 19:39:04 -------- d-----w- C:\Users\Demyx\AppData\Local\{11DE4495-91E1-41C7-BC69-E95D6E8310A6}

2012-04-15 19:38:53 -------- d-----w- C:\Users\Demyx\AppData\Local\{8B51D8F7-D9A2-4385-BEC4-9B9A9FF95D5E}

2012-04-15 19:38:40 -------- d-----w- C:\Users\Demyx\AppData\Local\{D192EA63-EFED-4054-874A-83C821C26A4B}

2012-04-15 07:38:19 -------- d-----w- C:\Users\Demyx\AppData\Local\{2A0BE30E-9137-4BA8-BE44-AF6B636A4F78}

2012-04-15 07:38:06 -------- d-----w- C:\Users\Demyx\AppData\Local\{F97A6991-8ECE-4C38-9107-9595EC367818}

.

==================== Find3M ====================

.

2012-05-09 15:22:33 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-05-09 15:22:33 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-04-14 15:53:40 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll

2012-04-14 15:53:40 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll

2012-04-08 08:11:15 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

2012-03-22 19:12:12 4435968 ----a-w- C:\Windows\SysWow64\GPhotos.scr

2012-03-08 22:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll

2012-03-08 22:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR

2012-03-01 06:46:16 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2012-03-01 06:38:27 220672 ----a-w- C:\Windows\System32\wintrust.dll

2012-03-01 06:33:50 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2012-03-01 06:28:47 5120 ----a-w- C:\Windows\System32\wmi.dll

2012-03-01 05:37:41 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-03-01 05:33:23 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2012-03-01 05:29:16 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll

2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll

2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-02-15 15:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys

2012-02-15 15:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll

.

============= FINISH: 22:44:29.68 ===============

Attach.txt

DDS.txt

Share this post


Link to post
Share on other sites

Hello phyrephreak2008 and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Anti-Virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. Now you have Ad-Aware and Norton Internet Security. My suggestion is to uninstall Ad-Aware.

Also, you have the remnants of a third anti-virus software - AVG. Please download and run their uninstaller:

http://download.avg.com/filedir/util/avgrem/avg_remover_stf_x64_2012_2125.exe

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • TDSSKiller log
  • Malwarebytes' Anti-Malware log
  • a new fresh DDS log file

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.