1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Advert keeps turning up and making noise on facebook

Discussion in 'Virus & Other Malware Removal' started by nomad3000, Mar 27, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. nomad3000

    nomad3000 Thread Starter

    Joined:
    Mar 27, 2012
    Messages:
    2
    I keep getting an advert on facebook and a few other sites that have sound and say 'Congratulations you've won'. It has also happened a couple of times when no advert is there. Here is requested info:


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 23:31:30, on 27/03/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
    C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
    C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
    C:\Program Files (x86)\Launch Manager\LManager.exe
    C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\Launch Manager\LMworker.exe
    C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\Downloads\SysInfo.exe
    C:\Users\Damon\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: TheBflix - {00993761-7465-41C6-AEEE-44F8BC92EE98} - C:\ProgramData\TheBflix\bhoclass.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
    O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
    O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
    O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
    O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Damon\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Spotify] "C:\Users\Damon\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 12658 bytes





    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Damon at 23:31:44 on 2012-03-27
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.5996.3863 [GMT 1:00]
    .
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    C:\Program Files (x86)\Launch Manager\LMutilps32.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
    C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
    C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
    C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
    C:\Program Files (x86)\Launch Manager\LManager.exe
    C:\Windows\system32\igfxext.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
    C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
    C:\Program Files (x86)\Launch Manager\LMworker.exe
    C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
    C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\DllHost.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\wuauclt.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\SysWOW64\rundll32.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Damon\Downloads\SysInfo.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://acer.msn.com
    uDefault_Page_URL = hxxp://acer.msn.com
    mDefault_Page_URL = hxxp://acer.msn.com
    mStart Page = hxxp://acer.msn.com
    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    mWinlogon: Userinit=userinit.exe
    BHO: TheBflix Class: {00993761-7465-41c6-aeee-44f8bc92ee98} - C:\ProgramData\TheBflix\bhoclass.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    uRun: [Google Update] "C:\Users\Damon\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [Spotify] "C:\Users\Damon\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
    mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
    mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
    mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
    mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
    mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{6DF10ED5-E8E4-4494-8724-3E1F0FFD1F29} : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{F093FA71-922C-43CF-9ECE-E5AF997F3FFB} : DhcpNameServer = 40.12.1.201 40.12.1.202
    Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: TheBflix Class: {00993761-7465-41C6-AEEE-44F8BC92EE98} - C:\ProgramData\TheBflix\bhoclass.dll
    BHO-X64: TheBflix - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
    BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    mRun-x64: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
    mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
    mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
    mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
    mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
    mRun-x64: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
    R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
    R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
    R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
    R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
    R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-5-12 249648]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-7-14 352336]
    R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-9-12 872552]
    R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-1-18 29696]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-7-14 13336]
    R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-7-14 244624]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2012-2-23 103440]
    R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
    R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-24 256832]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-9-12 2656280]
    R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
    R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
    R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
    R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-23 136176]
    S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-6-7 191752]
    S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-4-2 173424]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-1-23 136176]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
    .
    =============== Created Last 30 ================
    .
    2012-03-27 15:36:09 -------- d-----w- C:\Users\Damon\AppData\Local\{C32A0CED-FB57-4605-BD08-6C4943A1CFF1}
    2012-03-27 15:36:00 -------- d-----w- C:\Users\Damon\AppData\Local\{B28BBB7B-F4FE-46AE-8A57-BA1094D57176}
    2012-03-27 11:45:42 -------- d-----w- C:\Users\Damon\AppData\Local\{AB70E47B-F36A-4D52-9275-380855069F97}
    2012-03-27 11:45:31 -------- d-----w- C:\Users\Damon\AppData\Local\{A2E8673C-8924-4642-A8F4-7A4442916F3F}
    2012-03-27 08:08:08 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8BE9398C-B916-4ACE-8DB9-F6EC2A7EB411}\mpengine.dll
    2012-03-27 08:02:20 -------- d-----w- C:\Users\Damon\AppData\Local\{EA28DC6F-3E0C-4C1D-9451-D7B13BF00219}
    2012-03-27 08:02:10 -------- d-----w- C:\Users\Damon\AppData\Local\{4A525CED-4D87-424B-9CE4-6B14A5B699E7}
    2012-03-26 20:07:34 -------- d-----w- C:\Users\Damon\AppData\Local\{3CE19DA0-5243-4165-96FB-4B58FAAF9C1D}
    2012-03-26 20:07:23 -------- d-----w- C:\Users\Damon\AppData\Local\{633698CB-BBB3-4099-80F4-96FA7D27F214}
    2012-03-26 16:30:35 -------- d-----w- C:\Users\Damon\AppData\Local\{25DE93A3-0375-4153-9EFA-96084BB4C764}
    2012-03-26 16:30:25 -------- d-----w- C:\Users\Damon\AppData\Local\{E0A56876-B15F-4643-9838-0679EA54F57B}
    2012-03-26 12:22:48 -------- d-----w- C:\Users\Damon\AppData\Local\{CFFAD0E8-46F5-4618-98B0-221FD12D1862}
    2012-03-26 12:22:37 -------- d-----w- C:\Users\Damon\AppData\Local\{40120F5F-1552-408B-9885-564DEA6DF05C}
    2012-03-26 11:52:48 -------- d-----w- C:\Users\Damon\AppData\Local\{F596641A-F7E0-4B86-90CD-28DF1371D074}
    2012-03-26 11:52:37 -------- d-----w- C:\Users\Damon\AppData\Local\{115EED9F-F284-4805-9151-7D8F684CBC30}
    2012-03-25 18:06:05 -------- d-----w- C:\Users\Damon\AppData\Local\{86C00CB6-6892-406A-997D-B16083F7BBE8}
    2012-03-25 18:05:54 -------- d-----w- C:\Users\Damon\AppData\Local\{0E258BF8-11C9-4107-BCAD-61A4131AEC84}
    2012-03-24 11:38:59 -------- d-----w- C:\Users\Damon\AppData\Local\{5CB5F611-7A0E-4760-A3C9-A9CE7D01E45D}
    2012-03-24 11:38:47 -------- d-----w- C:\Users\Damon\AppData\Local\{7FA54FD0-8EEE-4729-A984-9E7FB438D8DA}
    2012-03-24 05:14:37 -------- d-----w- C:\Users\Damon\AppData\Local\{536730CC-FC54-4039-A4D2-6FAD34822CE4}
    2012-03-24 05:14:27 -------- d-----w- C:\Users\Damon\AppData\Local\{F6A55162-4841-45D4-BBE5-3C076BEB248E}
    2012-03-23 18:10:17 -------- d-----w- C:\Users\Damon\AppData\Local\{ED00D579-6823-4A28-8A5C-1EA98DE90F65}
    2012-03-23 18:10:05 -------- d-----w- C:\Users\Damon\AppData\Local\{B1F580E1-C390-4870-9383-6BBEF5777300}
    2012-03-23 17:26:07 -------- d-----w- C:\Users\Damon\AppData\Local\{D1A5487A-42CF-42CB-AEB2-D9A1F1D9C046}
    2012-03-23 17:25:57 -------- d-----w- C:\Users\Damon\AppData\Local\{D5FA9F3A-C98C-4049-996E-F321D165B37E}
    2012-03-22 16:52:03 -------- d-----w- C:\Users\Damon\AppData\Local\{8FB0487F-5BAC-4DEC-B8FC-7CD2202EB595}
    2012-03-22 16:51:52 -------- d-----w- C:\Users\Damon\AppData\Local\{DD36FD30-DB5D-4A5D-8959-50620FA2F612}
    2012-03-22 10:14:21 -------- d-----w- C:\Users\Damon\AppData\Local\{E196EE75-55FB-4FF1-A340-328A8E6B3E76}
    2012-03-22 10:14:11 -------- d-----w- C:\Users\Damon\AppData\Local\{97B633FC-6420-4660-A328-BF23493AF4D4}
    2012-03-21 23:57:52 -------- d-----w- C:\Users\Damon\AppData\Local\{CC8D167D-B8C8-4599-A86D-24B2ACDAAA56}
    2012-03-21 23:57:42 -------- d-----w- C:\Users\Damon\AppData\Local\{A74A5FFF-02D8-4E0F-898F-C317E5F1FEFF}
    2012-03-21 16:53:29 -------- d-----w- C:\Users\Damon\AppData\Local\{648D9643-73B4-42C4-A56A-5229235DAC6D}
    2012-03-21 16:53:17 -------- d-----w- C:\Users\Damon\AppData\Local\{7793BE9A-B369-401D-B648-079583BA05AD}
    2012-03-20 12:21:09 -------- d-----w- C:\Users\Damon\AppData\Local\{3925EACE-3C2E-42C2-B8DD-EF628A0082CF}
    2012-03-20 12:20:57 -------- d-----w- C:\Users\Damon\AppData\Local\{32EEBAE0-D732-4E44-A255-94F8C01E3BC7}
    2012-03-19 16:48:18 -------- d-----w- C:\Users\Damon\AppData\Local\{B34E81E0-14B1-42B2-AE5F-0E70D403A0E4}
    2012-03-19 16:48:05 -------- d-----w- C:\Users\Damon\AppData\Local\{B8167C61-F0E7-4C7C-AD83-75230D5DBCA7}
    2012-03-19 10:53:19 -------- d-----w- C:\Users\Damon\AppData\Local\{3A3C9775-9311-45AA-BCCF-AA666CD7579D}
    2012-03-19 10:53:08 -------- d-----w- C:\Users\Damon\AppData\Local\{87C15BB8-58C9-4C4E-AEFF-6DE38DA63D96}
    2012-03-18 21:44:48 -------- d-----w- C:\Users\Damon\AppData\Local\{799904E6-922C-4508-A230-F7D5C1E11ACA}
    2012-03-18 21:44:37 -------- d-----w- C:\Users\Damon\AppData\Local\{C6E9F4B9-B774-43D7-A79B-BF13A9186F34}
    2012-03-18 11:24:56 -------- d-----w- C:\Users\Damon\AppData\Local\{C2946436-1820-444D-9B4C-3D35615E7050}
    2012-03-18 11:24:46 -------- d-----w- C:\Users\Damon\AppData\Local\{E380509C-D63D-4A86-9201-21F5F0A9DA24}
    2012-03-17 23:53:31 -------- d-----w- C:\Users\Damon\AppData\Local\{B3AC2908-6637-415A-ACB4-8F10FA9E0BDA}
    2012-03-17 23:53:21 -------- d-----w- C:\Users\Damon\AppData\Local\{93BCB9B8-2EC7-4854-BC8D-054F0494FD05}
    2012-03-17 12:44:02 -------- d-----w- C:\Users\Damon\AppData\Local\{E3D70F3E-96C2-4655-9901-FE1316C212A6}
    2012-03-17 12:43:52 -------- d-----w- C:\Users\Damon\AppData\Local\{9A9A62DD-D2E9-4BD9-86D8-CDA76A08DCEC}
    2012-03-16 22:54:32 -------- d-----w- C:\Users\Damon\AppData\Local\{84AAE1D9-E146-45E7-A823-9439858E131F}
    2012-03-16 22:54:13 -------- d-----w- C:\Users\Damon\AppData\Local\{9F31AC82-ECA4-4C88-BC57-1486DFF0D47D}
    2012-03-15 19:56:37 -------- d-----w- C:\Users\Damon\AppData\Local\{0A17873D-D31F-4486-B20F-8DDD2E87625B}
    2012-03-15 19:56:27 -------- d-----w- C:\Users\Damon\AppData\Local\{B0B570D6-BC93-4AA3-8997-EBE00BAC17E0}
    2012-03-15 16:46:05 -------- d-----w- C:\Users\Damon\AppData\Local\{D72E2929-1C71-4F87-8C16-EB126AC64F7A}
    2012-03-15 16:45:46 -------- d-----w- C:\Users\Damon\AppData\Local\{C3ABCA6B-C661-4BFC-AB42-C06F60E3463D}
    2012-03-14 23:59:34 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2012-03-14 23:59:34 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
    2012-03-14 23:59:33 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
    2012-03-14 23:54:42 -------- d-----w- C:\Users\Damon\AppData\Local\{E95002BC-7CD7-41A9-AC7C-FBAFE067AE2B}
    2012-03-14 23:54:32 -------- d-----w- C:\Users\Damon\AppData\Local\{EA86CD5E-4459-43D8-B478-B980454C3278}
    2012-03-13 19:52:13 3145728 ----a-w- C:\Windows\System32\win32k.sys
    2012-03-13 19:51:38 1544192 ----a-w- C:\Windows\System32\DWrite.dll
    2012-03-13 19:51:38 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2012-03-13 19:43:46 -------- d-----w- C:\Users\Damon\AppData\Local\{1B004720-61F8-44A8-8370-B408910BFE28}
    2012-03-13 19:43:28 -------- d-----w- C:\Users\Damon\AppData\Local\{51BD61A0-CFA1-4D9A-A3A5-C35FC8A482AF}
    2012-03-13 18:11:26 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
    2012-03-13 18:11:26 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
    2012-03-13 18:11:26 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
    2012-03-13 18:11:26 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
    2012-03-13 18:11:26 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
    2012-03-13 18:11:26 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
    2012-03-13 18:11:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
    2012-03-13 17:58:37 -------- d-----w- C:\Users\Damon\AppData\Local\Microsoft Help
    2012-03-13 08:19:41 -------- d-----w- C:\Users\Damon\AppData\Local\{C7FB6E41-B55E-4483-8C3C-FF2F35547A9D}
    2012-03-13 08:19:30 -------- d-----w- C:\Users\Damon\AppData\Local\{5145323B-61FB-45C7-B2F8-8908B3B201D1}
    2012-03-12 23:13:59 -------- d-----w- C:\Users\Damon\AppData\Local\{CE001F9A-88DF-4638-A7BD-E242C0F0EB6A}
    2012-03-12 23:13:49 -------- d-----w- C:\Users\Damon\AppData\Local\{5FB97524-ACBB-4DEE-95F3-280FD5296183}
    2012-03-12 12:14:00 -------- d-----w- C:\Users\Damon\AppData\Local\{A3B398CE-E957-46F7-85D1-BC9885474E1A}
    2012-03-12 12:13:50 -------- d-----w- C:\Users\Damon\AppData\Local\{EDC1A7BE-99F9-48B5-9FED-52D39C96DC7B}
    2012-03-11 22:44:25 -------- d-----w- C:\Users\Damon\AppData\Local\{90A95DCA-1A16-4B94-8D2F-E5952CAEAE74}
    2012-03-11 16:53:23 -------- d-----w- C:\Users\Damon\AppData\Local\{5C9E92A4-9B6A-4FFC-A0D6-6FF2194D07A4}
    2012-03-11 16:53:12 -------- d-----w- C:\Users\Damon\AppData\Local\{C5C4C6F8-A5A5-442B-A4E8-1FC1C4E15E63}
    2012-03-10 10:23:29 -------- d-----w- C:\Users\Damon\AppData\Local\{FA572548-21A1-4CF7-98B2-378FEBBAAD03}
    2012-03-10 10:23:13 -------- d-----w- C:\Users\Damon\AppData\Local\{07D19698-9FB0-4728-BC46-24FBCCAD2A82}
    2012-03-09 23:58:28 -------- d-----w- C:\Users\Damon\AppData\Local\{BE5E707E-5601-462F-ADB4-7746336F57AE}
    2012-03-09 23:58:18 -------- d-----w- C:\Users\Damon\AppData\Local\{E2E0461D-6907-4228-90FD-DAF78029FC27}
    2012-03-09 17:06:34 -------- d-----w- C:\Users\Damon\AppData\Local\{2658FBB6-0374-4794-9026-A93D5E6B6775}
    2012-03-09 17:06:20 -------- d-----w- C:\Users\Damon\AppData\Local\{2725D670-5CF6-49F9-A366-A29E6043DA0B}
    2012-03-08 17:35:02 -------- d-----w- C:\Users\Damon\AppData\Local\{223FF328-4D51-42DC-85CC-421291C953D4}
    2012-03-08 17:34:52 -------- d-----w- C:\Users\Damon\AppData\Local\{2B4FE15C-401C-4C7E-ACA4-91BC73D0BE20}
    2012-03-08 09:02:14 -------- d-----w- C:\Users\Damon\AppData\Local\{D2CA7E2A-B050-4291-A81B-DA53B654088E}
    2012-03-08 09:01:54 -------- d-----w- C:\Users\Damon\AppData\Local\{E99AF29B-633A-4AE2-B623-75E099AAAC84}
    2012-03-08 00:20:52 -------- d-----w- C:\Users\Damon\AppData\Local\{0E0B4383-D2C4-42A2-AE01-A0123D40FBD3}
    2012-03-08 00:20:42 -------- d-----w- C:\Users\Damon\AppData\Local\{C2D87D0A-8A2C-424E-BDC1-17885EECD6D4}
    2012-03-07 17:33:24 -------- d-----w- C:\Users\Damon\AppData\Local\{190ABC93-A65F-48A5-8ECC-B57F84599127}
    2012-03-07 17:33:14 -------- d-----w- C:\Users\Damon\AppData\Local\{E84BE20E-7C29-4650-BA68-E32B91DDFFFC}
    2012-03-06 20:10:31 -------- d-----w- C:\Users\Damon\AppData\Local\{2EDCE230-BFED-4550-A389-39CECF58DEC7}
    2012-03-06 20:10:19 -------- d-----w- C:\Users\Damon\AppData\Local\{C48CBD5F-AA42-48F4-B824-1F9B19D48106}
    2012-03-06 20:09:53 -------- d-----w- C:\Users\Damon\AppData\Local\{E64EBDA6-114F-4F89-B832-ADF039B752AA}
    2012-03-06 20:09:42 -------- d-----w- C:\Users\Damon\AppData\Local\{3F191012-C411-4AA6-B46F-EEE9CE13476D}
    2012-03-06 11:56:35 -------- d-----w- C:\Users\Damon\AppData\Local\{0E22539B-26AE-442A-B53C-BE2F4C21DC99}
    2012-03-06 11:56:24 -------- d-----w- C:\Users\Damon\AppData\Local\{860D90B0-6DD6-46DA-B4BF-BBD24CD7E943}
    2012-03-05 19:18:09 -------- d-----w- C:\Users\Damon\AppData\Local\{9AF0D42C-3A3F-4478-88F3-9B669788EA9A}
    2012-03-05 19:17:58 -------- d-----w- C:\Users\Damon\AppData\Local\{9B9CACF5-3283-4327-8D80-74BC37A4B5A9}
    2012-03-04 18:35:08 -------- d-----w- C:\Users\Damon\AppData\Local\{A038124E-2283-4CB8-BE50-9DC0B50EE3A1}
    2012-03-04 18:34:52 -------- d-----w- C:\Users\Damon\AppData\Local\{537B3061-6B87-4EFE-B6B1-DC87EC7FDFBD}
    2012-03-04 00:04:29 -------- d-----w- C:\Users\Damon\AppData\Local\{87E95053-DE4D-4719-BAAC-1D0B93A382E8}
    2012-03-04 00:04:16 -------- d-----w- C:\Users\Damon\AppData\Local\{74B4FDF1-E5A2-46D2-8D17-F7B006B6A224}
    2012-03-02 23:59:48 -------- d-----w- C:\Users\Damon\AppData\Local\{DD777B84-1AFB-4A86-831D-E54854E1ECD6}
    2012-03-02 23:59:35 -------- d-----w- C:\Users\Damon\AppData\Local\{2308CC87-BDBE-483F-A40B-AE726E5BEB9E}
    2012-03-02 16:40:02 -------- d-----w- C:\Users\Damon\AppData\Local\{21F66B3E-2652-4E89-B8E5-4D62BF74EEF8}
    2012-03-02 16:39:52 -------- d-----w- C:\Users\Damon\AppData\Local\{5B3F804A-F28C-48F6-97AD-C34B88A8ABE3}
    2012-03-01 16:52:36 -------- d-----w- C:\Users\Damon\AppData\Local\{9CE86366-2459-43C5-A136-F0DD18344261}
    2012-03-01 16:52:26 -------- d-----w- C:\Users\Damon\AppData\Local\{D526295D-D6DC-4265-8890-04DB47DF3D33}
    2012-03-01 01:17:45 -------- d-----w- C:\Users\Damon\AppData\Local\{2398A68E-DD02-4EB4-999C-717D2801867A}
    2012-02-29 19:19:58 -------- d-----w- C:\Users\Damon\AppData\Local\{3CD2D8AC-9702-49FC-8643-A1EA8A9AB853}
    2012-02-29 19:19:48 -------- d-----w- C:\Users\Damon\AppData\Local\{C55CA4A2-7847-45BA-9DDA-51957C2D7A86}
    2012-02-29 16:48:04 -------- d-----w- C:\Users\Damon\AppData\Local\{A2BEF9EF-A7F5-4527-9605-04EC26E2F264}
    2012-02-29 16:47:54 -------- d-----w- C:\Users\Damon\AppData\Local\{1C964D53-D1B1-4ACA-B936-705D440456F4}
    2012-02-28 18:33:39 -------- d-----w- C:\Users\Damon\AppData\Local\{C65832DB-B8F1-423C-9DD9-3E87B339C34C}
    2012-02-28 18:33:29 -------- d-----w- C:\Users\Damon\AppData\Local\{8404021A-B27E-41FC-B1C3-8DB99F9FBB7A}
    2012-02-28 15:56:55 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2012-02-28 13:41:14 -------- d-----w- C:\Users\Damon\AppData\Local\{1989892E-691D-4F97-A9B7-0C891115CE65}
    2012-02-28 13:41:02 -------- d-----w- C:\Users\Damon\AppData\Local\{BD916C97-2878-4D54-BA33-62F21D7D2A5B}
    2012-02-28 00:00:52 -------- d-----w- C:\Users\Damon\AppData\Roaming\AVG2012
    2012-02-27 23:59:28 -------- d--h--w- C:\ProgramData\Common Files
    2012-02-27 23:59:21 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
    2012-02-27 23:58:59 -------- d-----w- C:\Windows\System32\drivers\AVG
    2012-02-27 23:58:59 -------- d-----w- C:\ProgramData\AVG2012
    2012-02-27 23:58:16 -------- d-----w- C:\Program Files (x86)\AVG
    2012-02-27 23:51:47 -------- d-----w- C:\ProgramData\MFAData
    2012-02-27 23:44:47 -------- d-----w- C:\Users\Damon\AppData\Local\{24081720-6A79-46EF-87DC-43CBCBDAF0DA}
    2012-02-27 23:44:24 -------- d-----w- C:\Users\Damon\AppData\Local\{39075E0A-D1F4-478E-B838-D3350EB1FBC8}
    2012-02-27 20:56:48 -------- d-----w- C:\Users\Damon\AppData\Local\{503497EA-1E5B-4ECE-9A29-59B652B0D5C3}
    2012-02-27 20:56:30 -------- d-----w- C:\Users\Damon\AppData\Local\{78D3E521-BB46-431C-9EC0-42C8C287DD0E}
    2012-02-27 18:24:20 -------- d-----w- C:\Users\Damon\AppData\Local\{E3A8B69C-4999-42C8-B505-D07CFAAF19EB}
    2012-02-27 18:24:09 -------- d-----w- C:\Users\Damon\AppData\Local\{B276D4BE-192B-431C-BF48-6A3694F24210}
    .
    ==================== Find3M ====================
    .
    2012-02-23 09:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
    2012-01-09 13:05:39 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll
    2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
    2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl
    2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
    .
    ============= FINISH: 23:32:02.97 ===============



    No ark.txt due to having 64-bit OP.

    Thanks
     

    Attached Files:

  2. nomad3000

    nomad3000 Thread Starter

    Joined:
    Mar 27, 2012
    Messages:
    2
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1046872