Help
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.
This topic is locked
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by HerStory at 7:40:51 on 2011-11-15
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3836.2309 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Acer\Acer Updater\alu.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.igoogle.com
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5534&r=27360111b215l0384z185t4752a209
uURLSearchHooks: FCToolbarURLSearchHook Class: {96b985b7-3cf9-456a-9db6-791710e60f5f} - C:\Program Files (x86)\MyPoints Point Finder\Helper.dll
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: MyPoints Point Finder BHO: {614bda1f-9bef-4cd1-bde4-fa4804929b4a} - C:\Program Files (x86)\MyPoints Point Finder\Toolbar.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: MyPoints Point Finder: {89a2510a-b4b6-4683-bec9-1b96700bc7f1} - C:\Program Files (x86)\MyPoints Point Finder\Toolbar.dll
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
mRun: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe /startup
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDQUIC~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WDDMStatus.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
Trusted Zone: ancestry.com
DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxps://picasaweb.google.com/s/v/71.32/uploader2.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
DPF: {C82BB209-F528-46F9-96D5-69DEF7260916} - hxxp://www.worldwinner.com/games/v45/mysterypi/mysterypi.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{10F03D1E-F996-48E6-9D24-ABF9325FE1FC} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{10F03D1E-F996-48E6-9D24-ABF9325FE1FC}\036324546444 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{10F03D1E-F996-48E6-9D24-ABF9325FE1FC}\2456C6B696E6F5E4F575962756C6563737F5736343645393 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{10F03D1E-F996-48E6-9D24-ABF9325FE1FC}\D4F647F627F6C616 : DhcpNameServer = 209.55.5.10 209.55.5.11
TCP: Interfaces\{10F03D1E-F996-48E6-9D24-ABF9325FE1FC}\E4544574541425 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{628F5436-45B1-426D-81CE-C6C96C13A0AC} : DhcpNameServer = 192.168.0.1
Handler: jpip - {B92DD248-E3D5-4A92-B311-C9B841681455} - C:\Program Files (x86)\LizardTech\ExpressView\expressview.dll
Handler: sidlet - {B92DD248-E3D5-4A92-B311-C9B841681455} - C:\Program Files (x86)\LizardTech\ExpressView\expressview.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: MyPoints Point Finder BHO: {614BDA1F-9BEF-4CD1-BDE4-FA4804929B4A} - C:\Program Files (x86)\MyPoints Point Finder\Toolbar.dll
BHO-X64: FCTBPos00Pos - No File
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB-X64: MyPoints Point Finder: {89A2510A-B4B6-4683-BEC9-1B96700BC7F1} - C:\Program Files (x86)\MyPoints Point Finder\Toolbar.dll
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
mRun-x64: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe /startup
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-7-18 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-9-10 44768]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2009-8-27 107016]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-8-27 844320]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-6-4 1150496]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-5-6 1153368]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-8-27 240160]
R2 WDDMService;WDDMService;C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [2011-8-1 317328]
R2 WDFMEService;WDFMEService;C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [2011-8-1 1978256]
R2 WDRulesService;WDRulesService;C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [2011-8-1 1338256]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-8-6 311592]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S4 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S4 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-23 135664]
S4 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-23 135664]
S4 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-17 50432]
S4 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-17 144640]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-11-15 13:15:44 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B2C8DDB6-6BEE-446C-96C7-B357734348D7}\offreg.dll
2011-11-15 13:15:41 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B2C8DDB6-6BEE-446C-96C7-B357734348D7}\mpengine.dll
2011-11-15 13:05:28 -------- d-----w- C:\Users\HerStory\AppData\Local\{4DC45BA3-B65D-4AD1-9125-7D6CAE66176B}
2011-11-15 13:04:31 -------- d-----w- C:\Users\HerStory\AppData\Local\{5C1C60A8-2129-4C8A-98FD-D7D5D9E5C43F}
2011-11-14 15:26:17 -------- d-----w- C:\Users\HerStory\AppData\Local\{ED20C63D-CDB5-483D-B720-76C7BF22F74F}
2011-11-14 15:26:04 -------- d-----w- C:\Users\HerStory\AppData\Local\{E8CD5DD6-D32F-482B-9BC6-BE64DCE241B6}
2011-11-14 04:07:46 -------- d-----w- C:\Program Files\Western Digital
2011-11-14 03:31:30 -------- d-----w- C:\Users\HerStory\AppData\Local\ElevatedDiagnostics
2011-11-14 02:13:37 -------- d-----w- C:\Users\HerStory\AppData\Local\{1D712208-8341-49F9-90C6-EC3E88B4DC80}
2011-11-14 02:13:08 -------- d-----w- C:\Users\HerStory\AppData\Local\{9BFE7D91-1F26-41C2-8578-3CF2EA9638F3}
2011-11-13 14:12:38 -------- d-----w- C:\Users\HerStory\AppData\Local\{F4D9C8A8-A6B9-4120-8274-45455E06E0B8}
2011-11-13 14:11:29 -------- d-----w- C:\Users\HerStory\AppData\Local\{63CD1ABD-75CA-46B1-91BA-5D1186F58F29}
2011-11-13 03:24:16 200976 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys
2011-11-12 16:53:15 -------- d-----w- C:\Users\HerStory\AppData\Local\{21EB87F6-9E00-430B-AE96-52A0F2A61930}
2011-11-12 16:53:03 -------- d-----w- C:\Users\HerStory\AppData\Local\{91F31BA3-0007-4935-BE79-3EBFA6AAE394}
2011-11-12 04:52:33 -------- d-----w- C:\Users\HerStory\AppData\Local\{55DD85DB-2F5A-4F58-8A05-0F26E62BC4E9}
2011-11-12 04:52:20 -------- d-----w- C:\Users\HerStory\AppData\Local\{25B265D1-EFFC-4934-9716-3705E33FA80E}
2011-11-11 12:47:22 -------- d-----w- C:\Users\HerStory\AppData\Local\{19ED69BE-7B05-4C75-B9EE-ADE87BC02E63}
2011-11-11 12:46:49 -------- d-----w- C:\Users\HerStory\AppData\Local\{BA5EAB8A-3469-4461-AA9A-E8B8A8FBFE0C}
2011-11-10 23:36:15 -------- d-----w- C:\Users\HerStory\AppData\Local\{F85E523A-B1B7-40C5-B2A3-5D0D6790915F}
2011-11-10 23:35:59 -------- d-----w- C:\Users\HerStory\AppData\Local\{F6462A0C-753B-428B-8A15-49D997025E41}
2011-11-10 10:55:30 -------- d-----w- C:\Users\HerStory\AppData\Local\{DBEAAE5C-2B24-490E-A80C-885FD36024D8}
2011-11-10 10:55:11 -------- d-----w- C:\Users\HerStory\AppData\Local\{E4F7A9C5-E587-451B-B15F-F575045A1A5D}
2011-11-09 22:45:44 -------- d-----w- C:\Users\HerStory\AppData\Local\{74022E71-B99F-46F0-9CEC-E771CE06F832}
2011-11-09 22:45:21 -------- d-----w- C:\Users\HerStory\AppData\Local\{2876174B-D029-4144-82A4-017E83383946}
2011-11-09 10:58:12 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-09 10:58:12 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 10:58:10 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-09 10:58:08 3144704 ----a-w- C:\Windows\System32\win32k.sys
2011-11-09 10:44:58 -------- d-----w- C:\Users\HerStory\AppData\Local\{9B7AC097-4FCF-44F4-B673-3EFA16D8D810}
2011-11-09 10:44:28 -------- d-----w- C:\Users\HerStory\AppData\Local\{FD4CA57B-70DB-4A39-8D04-072577749F3B}
2011-11-08 15:44:55 -------- d-----w- C:\Users\HerStory\AppData\Local\{5DBD3085-6A62-4916-8ADA-8CE103099598}
2011-11-08 15:44:40 -------- d-----w- C:\Users\HerStory\AppData\Local\{4373992F-35FA-4647-A127-5DD30F668769}
2011-11-08 13:09:33 -------- d-----w- C:\Program Files (x86)\MyPoints Point Finder
2011-11-08 03:06:23 -------- d-----w- C:\Users\HerStory\AppData\Local\{7A4A6570-3C26-4A6A-8736-BA8D387221C8}
2011-11-08 03:06:06 -------- d-----w- C:\Users\HerStory\AppData\Local\{36169F21-E4AD-41E5-ACB1-95EEA03F7DFC}
2011-11-07 14:56:15 -------- d-----w- C:\Users\HerStory\AppData\Local\{66082934-91B2-44E1-9A36-878744C1BA5B}
2011-11-07 14:56:00 -------- d-----w- C:\Users\HerStory\AppData\Local\{890017BF-A8F3-48FA-9666-DDF5FA3B517F}
2011-11-07 02:55:44 -------- d-----w- C:\Users\HerStory\AppData\Local\{5AA59484-0B79-4B31-8F68-AABABF31F904}
2011-11-07 02:55:27 -------- d-----w- C:\Users\HerStory\AppData\Local\{A0F25B8C-F713-4262-B7EE-5243E796F1AB}
2011-11-06 14:55:12 -------- d-----w- C:\Users\HerStory\AppData\Local\{BC610447-C0FB-4856-A7FA-009D1CDFCE3A}
2011-11-06 14:55:05 -------- d-----w- C:\Users\HerStory\AppData\Local\{F645729D-4EAB-40F0-89B8-D21F0CC283BE}
2011-11-06 01:20:39 -------- d-----w- C:\Users\HerStory\AppData\Local\{1C3C0C79-46AE-42F3-BFD5-BB7AEC53AE9D}
2011-11-06 01:20:23 -------- d-----w- C:\Users\HerStory\AppData\Local\{8A1407B9-5685-461D-B204-504AF5A0C73C}
2011-11-05 10:53:25 -------- d-----w- C:\Users\HerStory\AppData\Local\{745C8BC6-B2A8-480E-A570-4C158CB5C445}
2011-11-05 10:52:35 -------- d-----w- C:\Users\HerStory\AppData\Local\{2DAE63E6-1E39-452D-9D38-CF41B18CA775}
2011-11-04 13:10:54 -------- d-----w- C:\Users\HerStory\AppData\Local\{E567860D-2A88-4085-8B9F-CCE8517B04AB}
2011-11-04 13:10:09 -------- d-----w- C:\Users\HerStory\AppData\Local\{F6477108-6E27-4C56-A3E8-F87F49CBC3A6}
2011-11-03 14:30:55 -------- d-----w- C:\Users\HerStory\AppData\Local\{9E65A565-7F94-4F27-8AD9-1FD772163F4F}
2011-11-03 14:30:39 -------- d-----w- C:\Users\HerStory\AppData\Local\{0EFA0B51-CD3F-4DEE-BF82-5E851B540D78}
2011-11-03 02:30:10 -------- d-----w- C:\Users\HerStory\AppData\Local\{7722EBEC-49EF-4D96-B8A6-9F2665E2BE35}
2011-11-03 02:29:58 -------- d-----w- C:\Users\HerStory\AppData\Local\{AFDB949E-5652-460A-8BF2-34E20CDD6C11}
2011-11-02 13:27:47 -------- d-----w- C:\Users\HerStory\AppData\Local\{D6CC4F07-AE9E-4B01-BA44-A9B9E6FB8D9F}
2011-11-02 13:27:18 -------- d-----w- C:\Users\HerStory\AppData\Local\{6BE338F1-8FF1-4E20-9F61-59A57DE60F09}
2011-11-02 01:26:44 -------- d-----w- C:\Users\HerStory\AppData\Local\{335A202B-735B-469B-BF74-3E50007B0B9B}
2011-11-02 01:25:55 -------- d-----w- C:\Users\HerStory\AppData\Local\{5EEFA35E-B6B3-4981-9762-BE92FC8C6F10}
2011-11-01 11:41:44 -------- d-----w- C:\Users\HerStory\AppData\Local\{5D9F2A2A-FFCA-4149-8CBE-1D73A7A58ADA}
2011-11-01 11:41:11 -------- d-----w- C:\Users\HerStory\AppData\Local\{1E58EAD6-3B2E-4FC4-8B49-148C190A68A0}
2011-10-31 11:35:56 -------- d-----w- C:\Users\HerStory\AppData\Local\{37460097-1272-437C-8E95-03E2EF4E8F44}
2011-10-31 11:35:40 -------- d-----w- C:\Users\HerStory\AppData\Local\{8DD31F81-8C8F-4A69-8DC3-B9EBFE824E8E}
2011-10-31 03:30:00 -------- d-----w- C:\Users\HerStory\AppData\Local\{C3D4FBB3-8C0F-42F2-8CAB-5F5085A30B31}
2011-10-31 03:29:29 -------- d-----w- C:\Users\HerStory\AppData\Local\{78C55EAC-786F-4E79-9B60-8F6F5EFC0511}
2011-10-30 15:29:14 -------- d-----w- C:\Users\HerStory\AppData\Local\{19F4780E-EFD8-4BBE-91DB-922D7491E298}
2011-10-30 15:28:05 -------- d-----w- C:\Users\HerStory\AppData\Local\{41D699E1-C229-46AA-AC38-DE8E67470988}
2011-10-30 02:37:09 -------- d-----w- C:\Users\HerStory\AppData\Local\{7B224FC8-867D-4570-969B-DD522DA11944}
2011-10-30 02:36:57 -------- d-----w- C:\Users\HerStory\AppData\Local\{11BD9291-A795-4E26-BC5E-66D8B56B328F}
2011-10-29 14:36:41 -------- d-----w- C:\Users\HerStory\AppData\Local\{65D23B8B-3F16-4C70-8793-4C3827A9AB82}
2011-10-29 14:36:25 -------- d-----w- C:\Users\HerStory\AppData\Local\{3C05FA83-935B-4EE5-B17F-21A778A188F9}
2011-10-29 02:36:09 -------- d-----w- C:\Users\HerStory\AppData\Local\{30BA66C2-F094-4A8A-A60F-93D3C750E8E5}
2011-10-29 02:35:42 -------- d-----w- C:\Users\HerStory\AppData\Local\{D0CEAF4E-F959-4DCF-852A-2FC3F4875C07}
2011-10-28 14:35:26 -------- d-----w- C:\Users\HerStory\AppData\Local\{031790C1-5B66-41B6-B62A-CF82C2B08444}
2011-10-28 14:35:02 -------- d-----w- C:\Users\HerStory\AppData\Local\{5D9B3026-69AC-4ABD-821A-1CB8A7B3B6F4}
2011-10-28 02:12:52 -------- d-----w- C:\Users\HerStory\AppData\Local\{1C1C0AA5-CAA9-44AB-B3CC-F8C4750A27DD}
2011-10-28 02:12:34 -------- d-----w- C:\Users\HerStory\AppData\Local\{77E8BD2E-A2ED-4DED-BC14-6B0B44FB415F}
2011-10-27 14:12:19 -------- d-----w- C:\Users\HerStory\AppData\Local\{343CB6B3-CAF4-4C7F-B555-01DBA15B77CB}
2011-10-27 14:12:03 -------- d-----w- C:\Users\HerStory\AppData\Local\{F1327140-E1F7-438A-B60E-CDD5F33BA750}
2011-10-27 02:11:34 -------- d-----w- C:\Users\HerStory\AppData\Local\{12345170-A5F3-45E7-A19B-6C39AE662C26}
2011-10-27 02:11:18 -------- d-----w- C:\Users\HerStory\AppData\Local\{D0C325D8-2506-4CDE-A44E-DA1B071EA50C}
2011-10-26 14:10:47 -------- d-----w- C:\Users\HerStory\AppData\Local\{5206AD1D-84B2-48A5-B8B7-C75580C67A70}
2011-10-26 14:10:32 -------- d-----w- C:\Users\HerStory\AppData\Local\{3E92EC14-03F9-418A-B6E9-F4E3A3197733}
2011-10-26 00:30:24 -------- d-----w- C:\Users\HerStory\AppData\Local\{58A43E02-9DA8-4B10-A6EB-A1DE978E7687}
2011-10-26 00:29:52 -------- d-----w- C:\Users\HerStory\AppData\Local\{8ACD4784-E007-4684-887C-4F71993DC465}
2011-10-24 13:18:36 -------- d-----w- C:\Users\HerStory\AppData\Local\{6D449162-DFC4-41EF-B711-4AE062F9380D}
2011-10-24 13:17:59 -------- d-----w- C:\Users\HerStory\AppData\Local\{6BB3C480-14CC-4E9D-8F2F-9586440FAAC6}
2011-10-23 14:32:53 -------- d-----w- C:\Users\HerStory\AppData\Local\{56337703-668F-4E2F-AF37-CC404DFFB7DA}
2011-10-23 14:32:27 -------- d-----w- C:\Users\HerStory\AppData\Local\{BA52E9A1-2A3B-4FC5-95F6-8121B8CFA9FB}
2011-10-23 01:13:43 -------- d-----w- C:\Users\HerStory\AppData\Local\{2EDACD78-7F68-49B7-BC82-EBBA0B583DA8}
2011-10-23 01:12:50 -------- d-----w- C:\Users\HerStory\AppData\Local\{D3A42B03-4412-4726-89F3-0C96B83C064F}
2011-10-22 13:12:33 -------- d-----w- C:\Users\HerStory\AppData\Local\{E9133AC2-2001-44AF-8CF5-E318943EFCFB}
2011-10-22 13:10:55 -------- d-----w- C:\Users\HerStory\AppData\Local\{88AFF3C6-66AC-4E98-80E2-CDCD148677F5}
2011-10-22 00:48:13 -------- d-----w- C:\Users\HerStory\AppData\Local\{9CC79889-E890-404E-B49C-B60AB557DD53}
2011-10-22 00:47:41 -------- d-----w- C:\Users\HerStory\AppData\Local\{DB59127F-A14A-4685-9A5A-959563E807FB}
2011-10-21 15:16:42 -------- d-----w- C:\Users\HerStory\AppData\Roaming\FTW
2011-10-21 15:16:13 -------- d-----w- C:\Program Files (x86)\Family Tree Maker 2005
2011-10-21 12:30:44 -------- d-----w- C:\Users\HerStory\AppData\Local\{CAC78BED-B17E-4EC7-9834-4A78179AB487}
2011-10-21 12:30:21 -------- d-----w- C:\Users\HerStory\AppData\Local\{6EDB0A47-E64C-43E9-A600-D71A2A361D29}
2011-10-21 00:29:52 -------- d-----w- C:\Users\HerStory\AppData\Local\{9337376F-7F1D-4512-8447-9A7519268078}
2011-10-21 00:29:12 -------- d-----w- C:\Users\HerStory\AppData\Local\{3B43726F-4520-4E7B-84FA-C0F1EC38EFBE}
2011-10-20 12:28:55 -------- d-----w- C:\Users\HerStory\AppData\Local\{FD033C5F-55B5-4AAB-B8A9-4A3EA9F278C0}
2011-10-20 12:28:04 -------- d-----w- C:\Users\HerStory\AppData\Local\{6D8CEC28-4A7D-4ED9-9ED0-2A37035EA39A}
2011-10-20 00:23:27 -------- d-----w- C:\Users\HerStory\AppData\Local\{C63EC5B4-CAB6-4F2A-9C8D-00F6EB623F51}
2011-10-20 00:23:03 -------- d-----w- C:\Users\HerStory\AppData\Local\{F5475855-CE68-4F1C-B468-CF98F0A4DDFE}
2011-10-19 12:22:33 -------- d-----w- C:\Users\HerStory\AppData\Local\{AF15584D-F7EE-4B14-A123-4FDE7219AE25}
2011-10-19 12:21:59 -------- d-----w- C:\Users\HerStory\AppData\Local\{5BEFA36C-4888-489B-82ED-15CE9E49DAFE}
2011-10-18 19:27:48 -------- d-----w- C:\Users\HerStory\AppData\Local\{40522C27-6458-42E0-BACF-5B2B4BCADDE6}
2011-10-18 19:27:20 -------- d-----w- C:\Users\HerStory\AppData\Local\{DA057C99-772B-40B3-B2F5-C3A92084800C}
2011-10-18 00:55:54 -------- d-----w- C:\Users\HerStory\AppData\Local\{D4217F76-B9E9-438A-B4F9-577372887B87}
2011-10-17 12:55:39 -------- d-----w- C:\Users\HerStory\AppData\Local\{C19F81A4-7766-4726-A787-05374B9F0FE4}
2011-10-17 12:54:55 -------- d-----w- C:\Users\HerStory\AppData\Local\{5BA10291-B366-4373-ADCA-CABDC7C366BB}
2011-10-17 00:54:27 -------- d-----w- C:\Users\HerStory\AppData\Local\{5C0EF98D-B8A6-4DDB-8B6D-33C81C4020D6}
2011-10-17 00:53:59 -------- d-----w- C:\Users\HerStory\AppData\Local\{87665974-3DD2-4BC9-9C9C-96ED362E053E}
.
==================== Find3M ====================
.
2011-10-07 15:31:16 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-06 20:45:29 41184 ----a-w- C:\Windows\avastSS.scr
2011-09-06 20:38:18 601944 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-09-06 20:36:30 65368 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-08-31 22:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-08-27 05:37:49 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-08-27 05:37:48 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-08-27 04:26:27 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-08-27 04:26:27 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
.
============= FINISH: 7:42:56.90 ===============
Attached File(s)
-
Attach.txt (8.31K)
Number of downloads: 0 -
Attach.txt (8.31K)
Number of downloads: 0
Back to top
icon on your desktop.
button.
