Help
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.
This topic is locked
straight to the symptoms..
I was confident that I was protected aginst any virus by my updated and running McAfee Internet Security software...
1- I started getting random blue screens, some would not tell anything regarding the cause, other would mention "memory page file in non-paged area" or something like that.
Most of the times the blue screen would make mention of different files that all appear to be drivers.
2- In IE after a opening a few tabs, let say 6, the 7th one would open but would not go anywhere. I couldn't go to the home page or any other page for that matter, just a white, blank page...
3- sudden pop-ups coming from who knows where...
4- At this point I did not thought much about it until, I would google anything, get my search results, but when I click on those hyperlinks it would take me anywhere else...
It was not constant. but would do that 90% of the time.
I went to my work computer and search for these symptoms and didn't take long to know I was infected with the infamous, and wrongfully named, google re-direct virus...
At this point the symptoms were present 100% of the time.
I search for different options and I tried everything I could
Malwarebytes Anti-malware was the most mentioned recommendation on the web... on my computer would come completely clean, but I still had the problem.
Kapersky TDDSkiller would not find a single infection, completely clean...
SUPERantispyware, found 49 subject files and I direct it to delete those files.
Unhackme
Reanimator
Trojan remover
CCleaner (only thing I achieve was to wipe out my browsing history and cookies)
I've search for some registry keys, following advice on articles over the met but I would not have the keys they would tell me to look for.
At some point, the symptoms would get better for very short periods of time making me think that I solved the problem, but shrtly after they would re-erupt...The good thing now is that Malwarebytes Anty-malware active protection would block a LOT of the attempts of iexplorer.exe y firefox to redirect me to not requested pages, but sometimes he could not keep up and I would get the redirection or the pop-up. I also get my McAfee virus scan turned off, all the sudden and for no reason.
So I'm positive that I'm Still infected even though the most common antymalware software say I'm clean.
My last option is to start my windows install from scratch and cut the weed from the roots... the only thing stopping me to do that is that since I do not know how I got the virus, I do not know where is allocated, and if it's still on any of my backup files, I may go through all the hazard of re-formating and re-installing and still get the virus back 2 days or 2 hours later.
When I went back to my work computer I installed the Malwarebytes anty-malware, because even though I have not suffer the re-directions yet, I was starting to see the symptom that would let you open a new tab but you could not anywhere.
As soon as I got the antymalware installed I started getting the messages blocking IE to go to unknown ip addresses on the web.
So please, help me out!!! I tried as much as I could to avoid the nuisance but I'm out of options.
I'm a newbie and finally decided to let somebody guide with more experience to guide me thru the right order and precised steps.
My win 7 is 64bits so I assumed Gmer was of not use. If that is nor correct please let me know and I will run it.
My DDS.txt
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_25
Run by emudryj at 22:20:00 on 2011-09-02
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.6135.3800 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
D:\Programs\Superantispiware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
D:\Programs\LogMeIn\x64\LMIGuardianSvc.exe
D:\Programs\LogMeIn\x64\RaMaint.exe
D:\Programs\LogMeIn\x64\LogMeIn.exe
D:\Programs\IBM\Lotus\Notes\nsd.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
D:\Programs\IBM\Lotus\Notes\ntmulti.exe
C:\Windows\SysWOW64\PnkBstrA.exe
D:\Programs\Assistant\UsbClientService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\alg.exe
C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
D:\Programs\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\McAfee Online Backup\MOBK755backup.exe
C:\Program Files (x86)\McAfee Online Backup\MOBK755backup.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\McAfee Online Backup\MOBK755backup.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
D:\Programs\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
D:\Programs\Impulse\Now\ImpulseNow.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
D:\Programs\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe
D:\Programs\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\SetPointG\SetPointII.exe
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSService.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Programs\Mozilla Firefox\firefox.exe
D:\Programs\Mozilla Firefox\plugin-container.exe
D:\Programs\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Users\emudryj\Downloads\Defogger.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110526213057.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - D:\Programs\Java\Jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [UnHackMe Monitor] D:\Programs\UnHackMe\hackmon.exe
uRun: [SUPERAntiSpyware] D:\Programs\Superantispiware\SUPERAntiSpyware.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [BCWipeTM Startup] "C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe" startup
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "D:\Programs\iTunes\iTunesHelper.exe"
mRun: [ASUS Sync Loader] "C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe" -startup
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
mRun: [TrojanScanner] D:\Programs\Trojan Remover\Trjscan.exe /boot
mRun: [Malwarebytes' Anti-Malware] "D:\Programs\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\emudryj\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\IMPULS~1.LNK - D:\Programs\Impulse\Now\ImpulseNow.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - D:\Programs\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - D:\Programs\MICROS~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/RACtrl.cab
TCP: DhcpNameServer = 205.152.144.23 205.152.132.23
TCP: Interfaces\{981DC840-1403-43B8-BB74-EBDF6C951E97} : DhcpNameServer = 205.152.144.23 205.152.132.23
TCP: Interfaces\{CAB1B010-6ED5-4505-8DB6-724B5510BD2F} : DhcpNameServer = 205.152.144.23 205.152.132.23
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110526213057.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programs\Java\Jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~2\mcafee\sitead~1\mcieplg.dll
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [BCWipeTM Startup] "C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe" startup
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "D:\Programs\iTunes\iTunesHelper.exe"
mRun-x64: [ASUS Sync Loader] "C:\Program Files (x86)\ASUS\ASUS Sync\asusUPCTLoader.exe" -startup
mRun-x64: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
mRun-x64: [TrojanScanner] D:\Programs\Trojan Remover\Trjscan.exe /boot
mRun-x64: [Malwarebytes' Anti-Malware] "D:\Programs\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\emudryj\AppData\Roaming\Mozilla\Firefox\Profiles\jhv7mm9q.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll
FF - plugin: C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: D:\Programs\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: D:\Programs\Java\Jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: D:\Programs\Java\Jre6\bin\new_plugin\npjp2.dll
.
============= SERVICES / DRIVERS ===============
.
R0 hotcore3;hc3ServiceName;C:\Windows\system32\DRIVERS\hotcore3.sys --> C:\Windows\system32\DRIVERS\hotcore3.sys [?]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 MOBK755Filter;MOBK755Filter;C:\Windows\system32\DRIVERS\MOBK755.sys --> C:\Windows\system32\DRIVERS\MOBK755.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R1 SASDIFSV;SASDIFSV;D:\Programs\Superantispiware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;D:\Programs\Superantispiware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;D:\Programs\Superantispiware\SASCore64.exe [2011-8-11 140672]
R2 LMIGuardianSvc;LMIGuardianSvc;D:\Programs\LogMeIn\x64\LMIGuardianSvc.exe [2011-3-1 375176]
R2 LMIInfo;LogMeIn Kernel Information Provider;D:\Programs\LogMeIn\x64\rainfo.sys [2010-9-17 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 Lotus Notes Diagnostics;Lotus Notes Diagnostics;D:\Programs\IBM\Lotus\Notes\nsd.exe -svcinvoke -ini "C:\ProgramData\Lotus\Notes\Data\notes.ini" --> D:\Programs\IBM\Lotus\Notes\nsd.exe -svcinvoke -ini C:\ProgramData\Lotus\Notes\Data\notes.ini [?]
R2 MBAMService;MBAMService;D:\Programs\Malwarebytes' Anti-Malware\mbamservice.exe [2011-8-28 366640]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-5-26 355440]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-5-26 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-5-26 355440]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-5-26 355440]
R2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-5-26 200056]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-5-26 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 MOBK755backup;McAfee Online Backup Service;C:\Program Files (x86)\McAfee Online Backup\MOBK755backup.exe [2010-9-20 207672]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-7-4 2214504]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
R2 UsbClientService;UsbClientService;D:\Programs\Assistant\UsbClientService.exe [2011-2-18 245760]
R3 busenum;Synology Virtual USB Hub;C:\Windows\system32\DRIVERS\busenum.sys --> C:\Windows\system32\DRIVERS\busenum.sys [?]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\system32\drivers\LGBusEnum.sys --> C:\Windows\system32\drivers\LGBusEnum.sys [?]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\system32\drivers\LGVirHid.sys --> C:\Windows\system32\drivers\LGVirHid.sys [?]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
R3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-7 136176]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]
S3 DrvSnSht;DrvSnSht;C:\Program Files (x86)\R-Drive Image\DrvSnSht64.sys [2010-6-1 132432]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-6-7 136176]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;D:\Programs\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 51445112]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 R-ImageDisk;R-ImageDisk;C:\Program Files (x86)\R-Drive Image\R-ImageDisk64.sys [2010-10-16 187600]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 RemoteControl-USBLAN;RemoteControl-USBLAN;C:\Windows\system32\DRIVERS\rcblan.sys --> C:\Windows\system32\DRIVERS\rcblan.sys [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 BCSWAP;BCSWAP;C:\Windows\system32\drivers\BCSWAP.sys --> C:\Windows\system32\drivers\BCSWAP.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-09-02 22:45:06 -------- d-----w- C:\Users\emudryj\AppData\Local\{5D420F79-65F7-497C-92C7-85C067FAD907}
2011-09-02 22:44:56 -------- d-----w- C:\Users\emudryj\AppData\Local\{378986B6-0A63-4A35-8AC5-58670D00B5A4}
2011-09-02 01:00:52 -------- d-----w- C:\Users\emudryj\AppData\Local\{4C0D01BC-6237-45B2-928D-04BD39AB6415}
2011-09-02 01:00:42 -------- d-----w- C:\Users\emudryj\AppData\Local\{B9B49647-DA0A-4033-A5C1-BB3C40E4D588}
2011-09-02 00:54:20 8862544 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DB9BFDEC-576B-40FF-A460-CF8EB3DDA8C7}\mpengine.dll
2011-08-31 23:49:13 -------- d-----w- C:\Users\emudryj\AppData\Local\{59F04404-93E6-437D-9615-F5541A046006}
2011-08-31 23:49:03 -------- d-----w- C:\Users\emudryj\AppData\Local\{A8F13873-1F4B-49D8-B1DC-15487AC86E7F}
2011-08-31 11:48:38 -------- d-----w- C:\Users\emudryj\AppData\Local\{E55A29EC-2BB2-4B23-BCC3-148B0DBBA141}
2011-08-31 11:48:29 -------- d-----w- C:\Users\emudryj\AppData\Local\{86BB2B69-3DC5-40D7-8E91-B058AD4A4586}
2011-08-30 23:39:58 -------- d-----w- C:\Users\emudryj\AppData\Local\{833A504C-3BDB-40E1-AF95-CF093D8D467A}
2011-08-30 23:39:48 -------- d-----w- C:\Users\emudryj\AppData\Local\{CE03C475-0CF9-421F-BF4C-FB132DA98457}
2011-08-29 23:26:42 -------- d-----w- C:\Users\emudryj\AppData\Local\{138CA9CB-66A6-422D-BBBE-D3B9367A39C0}
2011-08-29 23:26:30 -------- d-----w- C:\Users\emudryj\AppData\Local\{AA5C035F-E2AA-4980-87DB-C34AE7583807}
2011-08-29 01:33:52 -------- d-----w- C:\Users\emudryj\AppData\Local\{B3FCE715-40E5-4951-A376-511534EED9EB}
2011-08-29 01:33:41 -------- d-----w- C:\Users\emudryj\AppData\Local\{EA4C729C-E394-4E5B-933A-7C85C2B71AB9}
2011-08-28 15:41:51 -------- d-----w- C:\Users\emudryj\AppData\Roaming\Malwarebytes
2011-08-28 15:41:43 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-28 15:41:42 -------- d-----w- C:\ProgramData\Malwarebytes
2011-08-28 15:41:38 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-08-28 14:51:47 8862544 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-08-28 13:33:15 -------- d-----w- C:\Users\emudryj\AppData\Local\{D51F80AA-9F2A-4EAC-B587-F26979257B86}
2011-08-28 13:33:03 -------- d-----w- C:\Users\emudryj\AppData\Local\{B7D353E0-C9B1-4F58-B359-312DF7690B84}
2011-08-28 00:32:36 -------- d-----w- C:\Users\emudryj\AppData\Local\{671E52E2-D048-47D4-883C-08EE80BF6EEA}
2011-08-28 00:32:26 -------- d-----w- C:\Users\emudryj\AppData\Local\{3DDD0D53-7303-462A-82B0-0D581D9E04C4}
2011-08-27 23:22:10 -------- d-----w- C:\Users\emudryj\AppData\Roaming\SUPERAntiSpyware.com
2011-08-27 23:21:40 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2011-08-27 23:03:10 -------- d-sh--w- C:\$RECYCLE.BIN
2011-08-27 23:02:07 -------- d-----w- C:\Program Files\CCleaner
2011-08-27 21:53:54 -------- d-----w- C:\combofix
2011-08-27 20:37:53 77312 ----a-w- C:\Windows\SysWow64\ztvunace26.dll
2011-08-27 20:37:53 75264 ----a-w- C:\Windows\SysWow64\unacev2.dll
2011-08-27 20:37:53 69632 ----a-w- C:\Windows\SysWow64\ztvcabinet.dll
2011-08-27 20:37:53 162304 ----a-w- C:\Windows\SysWow64\ztvunrar36.dll
2011-08-27 20:37:53 153088 ----a-w- C:\Windows\SysWow64\UNRAR3.dll
2011-08-27 20:37:49 -------- d-----w- C:\Users\emudryj\AppData\Roaming\Simply Super Software
2011-08-27 20:37:49 -------- d-----w- C:\ProgramData\Simply Super Software
2011-08-27 20:32:00 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{600DB068-0B6D-457E-9A2D-4FF95D9CBFD8}\gapaengine.dll
2011-08-27 20:28:18 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2011-08-27 20:28:14 -------- d-----w- C:\Program Files\Microsoft Security Client
2011-08-27 18:10:05 208896 ----a-w- C:\Windows\MBR.exe
2011-08-27 18:10:03 98816 ----a-w- C:\Windows\sed.exe
2011-08-27 18:10:03 518144 ----a-w- C:\Windows\SWREG.exe
2011-08-27 18:10:03 256000 ----a-w- C:\Windows\PEV.exe
2011-08-27 14:06:32 -------- d-----w- C:\ProgramData\PC Tools
2011-08-27 12:31:57 -------- d-----w- C:\Users\emudryj\AppData\Local\{1C1855F5-B7E5-4074-B1DD-03BDB227EC66}
2011-08-27 12:31:46 -------- d-----w- C:\Users\emudryj\AppData\Local\{56FB54D7-8B24-4635-9354-0D24A39A0A0D}
2011-08-27 00:19:39 24416 ----a-w- C:\Windows\SysWow64\drivers\regguard.sys
2011-08-27 00:16:03 39192 ----a-w- C:\Windows\System32\Partizan.exe
2011-08-27 00:12:30 39192 ----a-w- C:\Windows\SysWow64\Partizan.exe
2011-08-27 00:12:30 35816 ----a-w- C:\Windows\SysWow64\drivers\Partizan.sys
2011-08-27 00:12:15 2 --shatr- C:\Windows\winstart.bat
2011-08-27 00:12:12 12808 ----a-w- C:\Windows\SysWow64\drivers\UnHackMeDrv.sys
2011-08-26 23:59:39 -------- d-----w- C:\Users\emudryj\AppData\Local\{1A676F33-EA47-4FA7-A75F-6BC44BD66C73}
2011-08-26 23:59:29 -------- d-----w- C:\Users\emudryj\AppData\Local\{5970D767-FC4A-4DDA-9754-CDA2CC3A8981}
2011-08-25 23:33:44 -------- d-----w- C:\Users\emudryj\AppData\Local\{89FFD2D4-7D66-499A-9EEC-7AE3E2EBCCB5}
2011-08-25 23:33:33 -------- d-----w- C:\Users\emudryj\AppData\Local\{05A24F1F-9E10-4C71-8309-BCC4E5013ED8}
2011-08-24 22:36:42 -------- d-----w- C:\temp
2011-08-24 22:35:19 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-08-24 22:35:19 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-08-24 22:35:02 -------- d-----w- C:\Users\emudryj\AppData\Local\{93156864-4CC9-430E-95D3-E728C9E82443}
2011-08-24 22:34:22 -------- d-----w- C:\Users\emudryj\AppData\Local\{12861F1F-7AD4-4D74-84DF-D8A196981274}
2011-08-24 22:34:12 -------- d-----w- C:\Users\emudryj\AppData\Local\{78BA2C21-6301-4667-BFF8-F2213FD9A916}
2011-08-23 21:55:59 -------- d-----w- C:\Users\emudryj\AppData\Local\{816CC18E-DE44-428B-8B8E-CAD19C9706E4}
2011-08-23 21:55:49 -------- d-----w- C:\Users\emudryj\AppData\Local\{D569C2C6-EC46-430C-948C-47FF10D909D1}
2011-08-23 01:12:03 -------- d-----w- C:\Users\emudryj\AppData\Local\{722139F9-8402-45E5-B6B3-2CF8BC5EDAC4}
2011-08-23 01:11:52 -------- d-----w- C:\Users\emudryj\AppData\Local\{D1FC845F-A83A-404A-9448-B3E93F44D921}
2011-08-22 13:11:27 -------- d-----w- C:\Users\emudryj\AppData\Local\{43618183-8B30-4593-8611-804E0835F6B7}
2011-08-22 13:11:17 -------- d-----w- C:\Users\emudryj\AppData\Local\{E2E3CC70-8825-442D-9B99-CB09A25B008A}
2011-08-22 01:10:44 -------- d-----w- C:\Users\emudryj\AppData\Local\{19BBC1DA-D43F-4A15-8A58-4D5D1C13D9D8}
2011-08-22 01:10:34 -------- d-----w- C:\Users\emudryj\AppData\Local\{F21D0F4C-3CC2-4236-8C3E-7BD5AD04C2A5}
2011-08-21 13:10:09 -------- d-----w- C:\Users\emudryj\AppData\Local\{AB5D0240-0DD1-4247-9522-581419D0543E}
2011-08-21 13:09:59 -------- d-----w- C:\Users\emudryj\AppData\Local\{EB3247BB-3BA2-4E2C-95F0-EB82CB46B89C}
2011-08-21 00:26:42 -------- d-----w- C:\Users\emudryj\AppData\Local\{4534A216-1C9E-4D29-B8B8-8479829689D1}
2011-08-21 00:26:33 -------- d-----w- C:\Users\emudryj\AppData\Local\{8D89AF09-1B0B-4BEE-807C-8EBCDD5D2C0A}
2011-08-20 12:26:20 -------- d-----w- C:\Users\emudryj\AppData\Local\{4A9B7B7A-F9B1-44DD-8AE0-5FCEAD374320}
2011-08-20 12:26:11 -------- d-----w- C:\Users\emudryj\AppData\Local\{07FB85D1-222A-4B82-BDDD-340F1311D072}
2011-08-19 21:21:37 -------- d-----w- C:\Users\emudryj\AppData\Local\{CC336946-30CA-42DD-8EA3-CF9EB175C7C3}
2011-08-19 21:21:27 -------- d-----w- C:\Users\emudryj\AppData\Local\{E93D4164-F7ED-48D5-BD5D-BDE0C28EE04E}
2011-08-19 01:03:16 -------- d-----w- C:\Users\emudryj\AppData\Local\{13E3C684-CA53-47D0-81CF-6DA3A99FDE18}
2011-08-19 01:03:07 -------- d-----w- C:\Users\emudryj\AppData\Local\{296CE4B0-8C43-4DE7-9000-3ABAAD5DBED7}
2011-08-18 00:05:42 -------- d-----w- C:\Users\emudryj\AppData\Local\{703D44F2-5719-437B-9DDC-A95426E1E912}
2011-08-18 00:05:33 -------- d-----w- C:\Users\emudryj\AppData\Local\{3F6E0CB2-C38F-4B38-9DD7-FB68B7F4B8EA}
2011-08-17 00:55:52 -------- d-----w- C:\Users\emudryj\AppData\Local\{8BCC0D2D-DECB-4194-B6A1-0ED2B23AAB72}
2011-08-17 00:55:43 -------- d-----w- C:\Users\emudryj\AppData\Local\{58873267-F4AA-4635-AAA5-2624C5D5587C}
2011-08-16 12:36:12 -------- d-----w- C:\Users\emudryj\AppData\Local\{CD1DA322-D402-4F08-AD84-407AA93B03F3}
2011-08-16 12:36:02 -------- d-----w- C:\Users\emudryj\AppData\Local\{978C120A-8020-4D03-9CF0-01377FB25292}
2011-08-15 23:28:22 -------- d-----w- C:\Users\emudryj\AppData\Local\{11FAFA4D-262C-4C62-81CF-90FEAF96EC30}
2011-08-15 23:28:12 -------- d-----w- C:\Users\emudryj\AppData\Local\{FB617148-1A4E-423B-A422-9EE898F5983D}
2011-08-15 01:23:16 -------- d-----w- C:\Users\emudryj\AppData\Local\{F8AFFF45-B015-42B7-ADEF-30CC69955144}
2011-08-15 01:23:06 -------- d-----w- C:\Users\emudryj\AppData\Local\{300FDB03-0D51-4FE1-A10C-40392D98724A}
2011-08-14 17:02:12 271200 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2011-08-14 13:22:41 -------- d-----w- C:\Users\emudryj\AppData\Local\{2D8453F1-CFD1-4741-8263-204B1E1F00FA}
2011-08-14 13:22:30 -------- d-----w- C:\Users\emudryj\AppData\Local\{3FC2C278-66BA-43CC-8BF9-D523ED3B765F}
2011-08-14 01:22:06 -------- d-----w- C:\Users\emudryj\AppData\Local\{3C1D5EA0-F12C-4AAB-8B81-3D92905492AD}
2011-08-14 01:21:56 -------- d-----w- C:\Users\emudryj\AppData\Local\{69A39909-71F5-4F17-8F5F-31FB6757203C}
2011-08-13 13:21:31 -------- d-----w- C:\Users\emudryj\AppData\Local\{9471C865-8E17-4126-B7B2-86A9996E093A}
2011-08-13 13:21:21 -------- d-----w- C:\Users\emudryj\AppData\Local\{15B1B5CA-FA05-4D2D-89A4-93D9834E6540}
2011-08-13 01:20:56 -------- d-----w- C:\Users\emudryj\AppData\Local\{6AF20D7F-E605-4C81-A927-7A9FA91817B3}
2011-08-13 01:20:47 -------- d-----w- C:\Users\emudryj\AppData\Local\{EF4C1539-ED27-439C-B302-1F105B964FD0}
2011-08-12 00:10:02 -------- d-----w- C:\Users\emudryj\AppData\Local\{CB5CA58F-7AAF-420E-A309-0D638D0641A2}
2011-08-12 00:09:51 -------- d-----w- C:\Users\emudryj\AppData\Local\{8511E3B9-58C4-4F66-8A81-12C568E22A78}
2011-08-11 12:09:27 -------- d-----w- C:\Users\emudryj\AppData\Local\{E2DD06A1-D482-4394-9AD2-15D2BB81AD20}
2011-08-11 12:09:17 -------- d-----w- C:\Users\emudryj\AppData\Local\{F549E533-29AC-4102-943D-ED0876D50F2E}
2011-08-10 19:53:55 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-08-10 19:51:17 -------- d-----w- C:\Users\emudryj\AppData\Local\{A5C7AC12-4376-4AC0-9A7A-6D65E910463C}
2011-08-10 19:51:07 -------- d-----w- C:\Users\emudryj\AppData\Local\{8840D864-E69B-414C-A963-3C7C87E7D03A}
2011-08-10 01:10:04 -------- d-----w- C:\Users\emudryj\AppData\Local\{82CC22D7-A14C-4FCC-8099-9E7B6F6C71DF}
2011-08-10 01:09:54 -------- d-----w- C:\Users\emudryj\AppData\Local\{8CD282E1-CAE3-4F12-9A1A-77B9A2B09FFA}
2011-08-09 13:09:42 -------- d-----w- C:\Users\emudryj\AppData\Local\{E2B75514-6F97-4448-A8FF-EF1B9E979760}
2011-08-09 13:09:32 -------- d-----w- C:\Users\emudryj\AppData\Local\{2AB93BBA-2177-40E6-86F3-B2AE5DBA4185}
2011-08-08 23:17:12 -------- d-----w- C:\Users\emudryj\AppData\Local\{50E87774-1190-40B5-8F14-9C397247887D}
2011-08-08 23:17:02 -------- d-----w- C:\Users\emudryj\AppData\Local\{6A194DC0-F131-45BD-B715-7159699ACE68}
2011-08-08 04:24:26 -------- d-----w- C:\Users\emudryj\AppData\Local\{44E6B8D4-22CD-418F-85A7-F8DB1725644C}
2011-08-08 04:24:16 -------- d-----w- C:\Users\emudryj\AppData\Local\{C79CCD31-C08F-4DA4-8533-1859DF532927}
2011-08-07 16:23:50 -------- d-----w- C:\Users\emudryj\AppData\Local\{1E2060F7-CF7A-4B31-85EC-A52A396C6F7D}
2011-08-07 16:23:40 -------- d-----w- C:\Users\emudryj\AppData\Local\{EDB99DEA-E23B-4074-BE43-A213F092F4D8}
2011-08-07 03:58:37 -------- d-----w- C:\Users\emudryj\AppData\Local\{174B67DB-B973-40E4-A261-C3DF223DA543}
2011-08-07 03:58:27 -------- d-----w- C:\Users\emudryj\AppData\Local\{A1047251-1F7B-4C4E-A313-A1B95D92A1A8}
2011-08-06 15:57:53 -------- d-----w- C:\Users\emudryj\AppData\Local\{11D119DD-DD7C-4261-849D-515BCF11F3D8}
2011-08-06 15:57:43 -------- d-----w- C:\Users\emudryj\AppData\Local\{E5859E1E-620A-47EB-A590-F4AC000EBBD1}
2011-08-06 01:56:36 -------- d-----w- C:\Users\emudryj\AppData\Local\{62D886A8-FE39-4E49-A01C-B51AB07B664C}
2011-08-06 01:56:26 -------- d-----w- C:\Users\emudryj\AppData\Local\{EB316BC4-BEB7-4B23-A33B-BB2EFD69EB10}
2011-08-05 12:52:50 -------- d-----w- C:\Users\emudryj\AppData\Local\{FB952384-9028-4D91-BE43-FAF9B333E484}
2011-08-05 12:52:40 -------- d-----w- C:\Users\emudryj\AppData\Local\{9CFFE45E-49E8-414B-91A5-F38BD0639AC2}
2011-08-05 03:53:26 -------- d-----w- C:\Windows\en
2011-08-05 03:52:51 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-08-05 03:52:07 18328 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-05 03:51:02 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\e4d8b6b91cc532201\MeshBetaRemover.exe
2011-08-05 03:47:02 -------- d-----w- C:\Users\emudryj\AppData\Local\{2C11EB28-2BFD-4765-A854-A940F0A48352}
2011-08-04 12:24:02 -------- d-----w- C:\Users\emudryj\AppData\Local\{E1DCBF0A-4B1A-4C8F-9878-2F50DEDB4449}
.
==================== Find3M ====================
.
2011-09-02 01:44:37 271200 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2011-09-02 01:12:46 271200 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2011-08-31 00:06:22 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-22 05:42:23 2303488 ----a-w- C:\Windows\System32\jscript9.dll
2011-07-22 05:36:16 1389056 ----a-w- C:\Windows\System32\wininet.dll
2011-07-22 05:32:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-07-22 02:54:43 1797632 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-07-22 02:48:26 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-07-22 02:44:36 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-07-21 23:57:37 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2011-07-19 21:08:14 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll.000.bak
2011-07-19 21:08:14 87456 ----a-w- C:\Windows\System32\LMIRfsClientNP.dll
2011-07-19 21:08:14 80768 ----a-w- C:\Windows\System32\LMIinit.dll
2011-07-19 21:08:14 33152 ----a-w- C:\Windows\System32\LMIport.dll
2011-07-16 05:41:50 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-07-16 05:41:49 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-07-16 05:41:49 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-07-16 05:39:10 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-07-16 04:29:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-07-16 04:26:00 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-07-16 04:25:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-07-16 04:24:23 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-07-16 04:24:22 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-07-16 02:21:44 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-07-16 02:21:41 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-07-16 02:17:19 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-07-14 04:52:28 127034 ------r- C:\Windows\bwUnin-8.1.1.50-8876480SL.exe
2011-07-14 03:26:14 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2011-07-09 02:46:28 288768 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-06-24 05:34:53 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-06-24 05:25:49 338432 ----a-w- C:\Windows\System32\conhost.exe
2011-06-23 05:43:12 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-06-23 04:33:57 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-06-23 04:33:57 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-06-21 06:34:00 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-06-15 10:02:23 212992 ----a-w- C:\Windows\System32\odbctrac.dll
2011-06-15 10:02:23 163840 ----a-w- C:\Windows\System32\odbccp32.dll
2011-06-15 10:02:23 106496 ----a-w- C:\Windows\System32\odbccu32.dll
2011-06-15 10:02:23 106496 ----a-w- C:\Windows\System32\odbccr32.dll
2011-06-15 08:55:19 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
2011-06-15 08:55:19 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
2011-06-15 08:55:19 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
2011-06-15 08:55:19 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
2011-06-15 08:55:19 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
2011-06-11 03:07:25 3137536 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 22:28:38.36 ===============
Attached File(s)
-
Attach.txt (14.52K)
Number of downloads: 1
Back to top
textbox. Do not include the word Code
.
