1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Under attack

Discussion in 'Virus & Other Malware Removal' started by moose69, Dec 3, 2011.

Thread Status:
Not open for further replies.
  1. moose69

    moose69 Thread Starter

    Joined:
    Aug 20, 2003
    Messages:
    367
    My Pc started running slowly and outlook would not send so I ran spybot and cleaned about 400 identified threats. outlook still wont send so I am posting a hijack this log and also a DDS log hopefully someone can solve the problem.

    HJT:

    "Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 16:22:45, on 03/12/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v8.00 (8.00.7601.17514)
    Boot mode: Normal

    Running processes:
    C:\Windows\vsnp2uvc.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    F:\Kaspersky\avp.exe
    C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - F:\Kaspersky\ievkbd.dll
    O2 - BHO: Search Assistant BHO - {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Password Depot 5 - {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} - "C:\Program Files (x86)\AceBIT\Password Depot 5\pdIEAddOn.dll" (file missing)
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Toolbar BHO - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\PROGRA~2\TELEVI~2\bar\1.bin\64bar.dll
    O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~2\INBOXT~1\Inbox.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - F:\Kaspersky\klwtbbho.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~2\INBOXT~1\Inbox.dll
    O3 - Toolbar: TelevisionFanatic - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll
    O4 - HKLM\..\Run: [StillImageMonitor] C:\W
    O4 - HKLM\..\Run: [ScanRegistry] C:\W
    O4 - HKLM\..\Run: [AVP] "F:\Kaspersky\avp.exe"
    O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [TelevisionFanatic Browser Plugin Loader] C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Seamus\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [DIMDownloading your update...1300677038363] "C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe" "c:\programdata\corel\downloads\540215253_610005\1300677038363\dim_params.xml" -Launch=3 -uibase="c:\users\seamus\appdata\roaming\corel\messages\540215253_610005\en\messagecache1\workflow"
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    O8 - Extra context menu item: Add to Anti-Banner - F:\Kaspersky\ie_banner_deny.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
    O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - F:\Kaspersky\klwtbbho.dll
    O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
    O9 - Extra button: Password Depot 5 - {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} - "C:\Program Files (x86)\AceBIT\Password Depot 5\PasswordDepot.exe" (file missing)
    O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - F:\Kaspersky\klwtbbho.dll
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: Absolute Poker - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Seamus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (HKCU)
    O9 - Extra 'Tools' menuitem: Absolute Poker - {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Seamus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (HKCU)
    O9 - Extra button: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Users\Seamus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: Absolute Poker Basic - {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Users\Seamus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O20 - AppInit_DLLs: F:\KASPER~1\mzvkbd3.dll,F:\KASPER~1\sbhook.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - F:\Kaspersky\avp.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Crypkey License - Unknown owner - crypserv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Expat Shield Service (ExpatShieldService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
    O23 - Service: Expat Shield Routing Service (ExpatSrv) - AnchorFree Inc. - C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
    O23 - Service: Expat Shield Tray Service (ExpatTrayService) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.EXE
    O23 - Service: Expat Shield Monitoring Service (ExpatWd) - Unknown owner - C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
    O23 - Service: Flash Media Server (FMS) (FMS) - Macromedia, Inc. - C:\Program Files (x86)\Macromedia\Flash Media Server 2\FMSMaster.exe
    O23 - Service: Flash Media Administration Server (FMSAdmin) - Macromedia, Inc. - C:\Program Files (x86)\Macromedia\Flash Media Server 2\FMSAdmin.exe
    O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
    O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: PRTG 8 Core Server Service (PRTG7CoreService) - Paessler AG - C:\Program Files (x86)\PRTG Network Monitor\PRTG Server.exe
    O23 - Service: PRTG 8 Probe Service (PRTG7ProbeService) - Paessler AG - C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TelevisionFanaticService - COMPANYVERS_NAME - C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

    --
    End of file - 16433 bytes"

    DDS:
    ".
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29
    Run by Seamus at 16:25:56 on 2011-12-03
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.353.1033.18.3199.1523 [GMT 0:00]
    .
    AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
    FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    F:\Kaspersky\avp.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\crypserv.exe
    C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe
    C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe
    C:\Program Files (x86)\Expat Shield\bin\hsswd.exe
    C:\Program Files (x86)\Macromedia\Flash Media Server 2\FMSMaster.exe
    C:\Program Files (x86)\Macromedia\Flash Media Server 2\FMSAdmin.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    C:\Program Files (x86)\Macromedia\Flash Media Server 2\FMSEdge.exe
    C:\Program Files (x86)\Macromedia\Flash Media Server 2\FMSCore.exe
    C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Windows\vsnp2uvc.exe
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    F:\Kaspersky\avp.exe
    C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64brmon.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe
    c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Program Files\CyberLink\Shared files\RichVideo64.exe
    C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\System32\LocationNotifications.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\DllHost.exe
    C:\Program Files (x86)\Nero\Update\NASvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\AceBIT\Password Depot 5\PasswordDepot.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.myheritage.com
    mStart Page = hxxp://search.myheritage.com
    uInternet Settings,ProxyOverride = *.local
    mSearchAssistant = about:blank
    uURLSearchHooks: N/A: {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
    mWinlogon: Userinit=userinit.exe
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO: Expat Shield Class: {3706ee7c-3cad-445d-8a43-03ebc3b75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - F:\Kaspersky\ievkbd.dll
    BHO: Search Assistant BHO: {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Password Depot 5: {9f79b165-70f7-4c46-b1a5-8828e2ff21f9} - "C:\Program Files (x86)\AceBIT\Password Depot 5\pdIEAddOn.dll"
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Toolbar BHO: {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\PROGRA~2\TELEVI~2\bar\1.bin\64bar.dll
    BHO: Inbox Toolbar: {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - C:\PROGRA~2\INBOXT~1\Inbox.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - F:\Kaspersky\klwtbbho.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} - C:\PROGRA~2\INBOXT~1\Inbox.dll
    TB: TelevisionFanatic: {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [AdobeBridge]
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [Google Update] "C:\Users\Seamus\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [DIMDownloading your update...1300677038363] "C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe" "c:\programdata\corel\downloads\540215253_610005\1300677038363\dim_params.xml" -Launch=3 -uibase="c:\users\seamus\appdata\roaming\corel\messages\540215253_610005\en\messagecache1\workflow"
    mRun: [StillImageMonitor] C:\W
    mRun: [ScanRegistry] C:\W
    mRun: [AVP] "F:\Kaspersky\avp.exe"
    mRun: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
    mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [TelevisionFanatic Browser Plugin Loader] C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    StartupFolder: C:\Users\Seamus\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
    mPolicies-system: EnableLinkedConnections = 1 (0x1)
    IE: Add to Anti-Banner - F:\Kaspersky\ie_banner_deny.htm
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
    IE: {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} - "C:\Program Files (x86)\AceBIT\Password Depot 5\PasswordDepot.exe"
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
    IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - F:\Kaspersky\klwtbbho.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - F:\Kaspersky\klwtbbho.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: DhcpNameServer = 8.8.8.8 8.8.4.4
    TCP: Interfaces\{0C074613-0B1E-4492-B23E-EB809089244D} : DhcpNameServer = 92.61.192.14 92.61.192.15
    TCP: Interfaces\{4C323A49-82AF-414B-9F8B-CA8EF30BA552} : DhcpNameServer = 92.61.192.14 92.61.192.15
    TCP: Interfaces\{86D4AE25-591D-4BE0-A6CF-7598D790E8E6} : DhcpNameServer = 92.61.192.14 92.61.192.15
    TCP: Interfaces\{86D4AE25-591D-4BE0-A6CF-7598D790E8E6}\3427F6373716E6341626C656D2432653639303 : DhcpNameServer = 92.61.192.14 92.61.192.15
    TCP: Interfaces\{9F3F2AE9-76A5-4956-A7EF-CBBA45BF32F2} : DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{BE178FF4-DA4D-4003-A3E3-A5E517B0D82F} : DhcpNameServer = 62.40.32.33 8.8.8.8
    TCP: Interfaces\{D11C34DF-075F-4757-A023-ADB2F62B6921} : DhcpNameServer = 92.61.192.14 92.61.192.15
    TCP: Interfaces\{DACC455D-D6BA-43CB-AD14-58D45514D19E} : DhcpNameServer = 92.61.192.14 92.61.192.15
    TCP: Interfaces\{DB25425B-EF47-4DB5-A8D2-15C3514B3799} : DhcpNameServer = 10.201.48.1
    TCP: Interfaces\{F2A523A2-9C5A-4C2E-B813-7AC835DDE1A7} : DhcpNameServer = 8.8.8.8 8.8.4.4
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~2\INBOXT~1\Inbox.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs: F:\KASPER~1\mzvkbd3.dll,F:\KASPER~1\sbhook.dll
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO-X64: HP Print Enhancer - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO-X64: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll
    BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - F:\Kaspersky\ievkbd.dll
    BHO-X64: IEVkbdBHO - No File
    BHO-X64: Search Assistant BHO: {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64SrcAs.dll
    BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    BHO-X64: Search Helper - No File
    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Password Depot 5: {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} - "C:\Program Files (x86)\AceBIT\Password Depot 5\pdIEAddOn.dll"
    BHO-X64: Password Depot 5 - No File
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO-X64: SkypeIEPluginBHO - No File
    BHO-X64: Toolbar BHO: {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\PROGRA~2\TELEVI~2\bar\1.bin\64bar.dll
    BHO-X64: Inbox Toolbar: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~2\INBOXT~1\Inbox.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - F:\Kaspersky\klwtbbho.dll
    BHO-X64: link filter bho - No File
    BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    BHO-X64: HP Smart BHO Class - No File
    TB-X64: &Inbox Toolbar: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~2\INBOXT~1\Inbox.dll
    TB-X64: TelevisionFanatic: {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\64bar.dll
    TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    mRun-x64: [StillImageMonitor] C:\W
    mRun-x64: [ScanRegistry] C:\W
    mRun-x64: [AVP] "F:\Kaspersky\avp.exe"
    mRun-x64: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
    mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [TelevisionFanatic Browser Plugin Loader] C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    IE-X64: {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} - "C:\Program Files (x86)\AceBIT\Password Depot 5\PasswordDepot.exe"
    IE-X64: {1FBA04EE-3024-11d2-8F1F-0000F87ABD16} - C:\Users\Seamus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk
    IE-X64: {5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - C:\Users\Seamus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk
    AppInit_DLLs-X64: F:\KASPER~1\mzvkbd3.dll,F:\KASPER~1\sbhook.dll
    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Seamus\AppData\Roaming\Mozilla\Firefox\Profiles\jnac3qps.default\
    FF - prefs.js: browser.search.selectedEngine - Facemoods Search
    FF - prefs.js: browser.startup.homepage - about:home
    FF - prefs.js: keyword.URL - hxxp://www.scanquery.com/?tmp=nemo_results_removelink&prt=ScnqryPB&keywords=
    FF - component: C:\Program Files (x86)\AceBIT\Password Depot 5\Firefox\components\pdFirefox.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
    FF - component: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
    FF - component: c:\program files (x86)\mozilla firefox\extensions\[email protected]\components\abhelperxpcom.dll
    FF - component: c:\program files (x86)\mozilla firefox\extensions\[email protected]\components\kavlinkfilter.dll
    FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
    FF - component: C:\Users\Seamus\AppData\Roaming\Mozilla\Firefox\Profiles\jnac3qps.default\extensions\[email protected]\components\plugins.dll
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\TelevisionFanatic\bar\1.bin\NP64Stub.dll
    FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
    FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    FF - plugin: C:\Users\Seamus\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\ElRawDsk.sys --> C:\Windows\system32\drivers\ElRawDsk.sys [?]
    R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/12/12 01:34:10];C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [2009-5-7 146928]
    R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
    R2 AVP;Kaspersky Anti-Virus Service;F:\Kaspersky\avp.exe -r --> F:\Kaspersky\avp.exe -r [?]
    R2 ExpatShieldService;Expat Shield Service;C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [2011-10-6 288088]
    R2 ExpatSrv;Expat Shield Routing Service;C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe [2011-5-26 363336]
    R2 ExpatWd;Expat Shield Monitoring Service;C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat --> C:\Program Files (x86)\Expat Shield\bin\hsswd.exe -product Expat [?]
    R2 FMS;Flash Media Server (FMS);C:\Program Files (x86)\Macromedia\Flash Media Server 2\FMSMaster.exe [2011-2-24 893031]
    R2 FMSAdmin;Flash Media Administration Server;C:\Program Files (x86)\Macromedia\Flash Media Server 2\FMSAdmin.exe [2011-2-24 1171558]
    R2 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2011-4-24 724664]
    R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2011-4-24 724664]
    R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-8-8 2214504]
    R2 PRTG7ProbeService;PRTG 8 Probe Service;C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe [2011-3-25 3881744]
    R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2011-7-15 386344]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-4-16 1153368]
    R2 TelevisionFanaticService;TelevisionFanaticService;C:\PROGRA~2\TELEVI~2\bar\1.bin\64barsvc.exe [2011-10-7 42504]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
    R3 seehcri;Sony Ericsson seehcri Device Driver;C:\Windows\system32\DRIVERS\seehcri.sys --> C:\Windows\system32\DRIVERS\seehcri.sys [?]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 PRTG7CoreService;PRTG 8 Core Server Service;C:\Program Files (x86)\PRTG Network Monitor\PRTG Server.exe [2011-3-25 4157200]
    S3 AF9035HB;AF9035 Hybrid Device;C:\Windows\system32\Drivers\AF9035HB.sys --> C:\Windows\system32\Drivers\AF9035HB.sys [?]
    S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2011-2-13 14216]
    S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2011-2-13 8456]
    S3 ExpatTrayService;Expat Shield Tray Service;C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.exe [2011-10-6 71554]
    S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-10-11 1038088]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
    S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\system32\DRIVERS\ggflt.sys --> C:\Windows\system32\DRIVERS\ggflt.sys [?]
    S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?]
    S3 netr28ux;Linksys USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?]
    S3 PSSDK42;PSSDK42;\??\C:\Windows\system32\Drivers\pssdk42.sys --> C:\Windows\system32\Drivers\pssdk42.sys [?]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
    S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8187.sys --> C:\Windows\system32\DRIVERS\RTL8187.sys [?]
    S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8187B.sys --> C:\Windows\system32\DRIVERS\RTL8187B.sys [?]
    S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8192su.sys --> C:\Windows\system32\DRIVERS\RTL8192su.sys [?]
    S3 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;C:\Windows\system32\DRIVERS\rtlprot.sys --> C:\Windows\system32\DRIVERS\rtlprot.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 vpcuxd;USB Virtualization Stub Service;C:\Windows\system32\DRIVERS\vpcuxd.sys --> C:\Windows\system32\DRIVERS\vpcuxd.sys [?]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S3 WatAdminSvc;WatAdminSvc;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== File Associations ===============
    .
    JSEFile=NOTEPAD.EXE %1
    VBEFile=NOTEPAD.EXE %1
    VBSFile=NOTEPAD.EXE %1
    .
    =============== Created Last 30 ================
    .
    2011-12-03 16:13:39 388096 ----a-r- C:\Users\Seamus\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-12-03 16:13:39 -------- d-----w- C:\Program Files (x86)\Trend Micro
    2011-12-03 14:31:15 -------- d-----w- C:\Users\Seamus\AppData\Local\{A3610DD9-37A2-4DFB-90A4-6C599B71673D}
    2011-12-03 14:31:03 -------- d-----w- C:\Users\Seamus\AppData\Local\{34BCD1E5-8372-467B-A8CA-960D88E91408}
    2011-12-02 21:01:36 -------- d-----w- C:\Users\Seamus\AppData\Local\{5E4168CA-0333-4082-92AB-CBA88B394326}
    2011-12-02 09:00:49 -------- d-----w- C:\Users\Seamus\AppData\Local\{3599842D-1464-428D-BB73-193E32AA7A00}
    2011-12-02 09:00:26 -------- d-----w- C:\Users\Seamus\AppData\Local\{33874E4C-4754-4240-9B9B-DC161F59BC27}
    2011-12-01 20:59:58 -------- d-----w- C:\Users\Seamus\AppData\Local\{A3114CF7-0FD8-49F9-8566-1632BD30B1F8}
    2011-12-01 20:59:35 -------- d-----w- C:\Users\Seamus\AppData\Local\{3263B531-49AE-4A03-875B-080B88FF6EED}
    2011-12-01 15:51:18 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{25ABDDE7-D4E5-4AAA-82F5-38A87AACF373}\offreg.dll
    2011-12-01 08:59:02 -------- d-----w- C:\Users\Seamus\AppData\Local\{E3D2E2B5-16F6-41FD-B264-7866D16DE48F}
    2011-12-01 08:58:39 -------- d-----w- C:\Users\Seamus\AppData\Local\{2D70AB44-E494-4D1B-9CFE-3DB286803DF7}
    2011-11-30 20:58:09 -------- d-----w- C:\Users\Seamus\AppData\Local\{5C84F2E1-2D62-49EF-B807-173EA99D655A}
    2011-11-30 20:57:45 -------- d-----w- C:\Users\Seamus\AppData\Local\{6CBD3707-2723-444F-8F14-344A38141B62}
    2011-11-30 08:57:18 -------- d-----w- C:\Users\Seamus\AppData\Local\{3B8AC459-6E90-4E11-98C8-5EE9C64748CD}
    2011-11-29 09:00:46 8570192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{25ABDDE7-D4E5-4AAA-82F5-38A87AACF373}\mpengine.dll
    2011-11-29 08:57:09 -------- d-----w- C:\Users\Seamus\AppData\Local\{35596C46-216B-4DC8-8230-D7C48CE69AA2}
    2011-11-28 22:38:40 -------- d-----w- C:\Users\Seamus\AppData\Local\MPlayer
    2011-11-28 22:37:12 -------- d-----w- C:\Program Files (x86)\PS3 Media Server
    2011-11-28 17:08:25 -------- d-----w- C:\Users\Seamus\AppData\Local\{4F8689AD-516E-4D7B-B9D1-31CCFCCB7191}
    2011-11-28 17:08:12 -------- d-----w- C:\Users\Seamus\AppData\Local\{83A9F590-D5DC-4D58-AA69-DD8CF7C23B6C}
    2011-11-28 00:33:16 -------- d-----w- C:\Users\Seamus\AppData\Local\{4B7369FE-5451-402F-9970-54350C06F0B4}
    2011-11-27 12:32:35 -------- d-----w- C:\Users\Seamus\AppData\Local\{401727BC-4336-4183-A5BD-2B5ECA1B3347}
    2011-11-27 12:32:13 -------- d-----w- C:\Users\Seamus\AppData\Local\{C516C25C-2590-4946-A0E6-7CD38296AA77}
    2011-11-27 00:31:45 -------- d-----w- C:\Users\Seamus\AppData\Local\{CE21333E-A4D6-44B3-9F41-2CF34DA592A4}
    2011-11-26 12:30:55 -------- d-----w- C:\Users\Seamus\AppData\Local\{75D476B0-2B18-45C0-98FD-EDDAC3820609}
    2011-11-26 12:30:31 -------- d-----w- C:\Users\Seamus\AppData\Local\{698225C3-84C3-4B11-9384-D677FD9D7E60}
    2011-11-25 21:05:16 -------- d-----w- C:\Users\Seamus\AppData\Local\{C068F2D2-B864-448C-B3D9-17602273B0F8}
    2011-11-25 21:04:53 -------- d-----w- C:\Users\Seamus\AppData\Local\{429A76E3-549D-487F-83B2-0A7878F3F4F6}
    2011-11-25 09:04:24 -------- d-----w- C:\Users\Seamus\AppData\Local\{811A4FCD-ECAF-47B6-8B6D-D78BFF331BDB}
    2011-11-25 09:04:01 -------- d-----w- C:\Users\Seamus\AppData\Local\{D4DEC71A-DA2E-4ED6-BF1B-E46E3E850F56}
    2011-11-24 18:44:03 -------- d-----w- C:\Users\Seamus\AppData\Local\{6E502B0C-66E0-4953-9F19-18EC19E1501B}
    2011-11-24 06:43:24 -------- d-----w- C:\Users\Seamus\AppData\Local\{AF2E8D35-839D-4CAE-9DD5-C2A7BE1858EC}
    2011-11-23 18:42:42 -------- d-----w- C:\Users\Seamus\AppData\Local\{E4960815-0C77-4651-8D76-095500ABB365}
    2011-11-23 18:42:21 -------- d-----w- C:\Users\Seamus\AppData\Local\{B219EE93-405A-4771-B8C9-6A850A863CA3}
    2011-11-22 22:24:14 -------- d-----w- C:\Users\Seamus\AppData\Local\{5AFFC52F-F768-4C84-93E4-8B645C16735A}
    2011-11-22 10:23:35 -------- d-----w- C:\Users\Seamus\AppData\Local\{2157F770-3195-430A-865B-883831525929}
    2011-11-22 10:23:21 -------- d-----w- C:\Users\Seamus\AppData\Local\{D8FC2309-ACED-49E4-A98A-A31AB3666744}
    2011-11-21 22:31:45 -------- d-----w- C:\Users\Seamus\AppData\Local\{DF7868F2-218A-426A-8751-1FC88B2B74D2}
    2011-11-21 00:31:18 -------- d-----w- C:\Users\Seamus\AppData\Roaming\cYo
    2011-11-21 00:31:18 -------- d-----w- C:\Users\Seamus\AppData\Local\cYo
    2011-11-21 00:30:08 -------- d-----w- C:\Program Files\ComicRack
    2011-11-20 13:58:36 -------- d-----w- C:\Users\Seamus\AppData\Local\{CB1A5693-E91A-4E61-9E47-F34DF82CC583}
    2011-11-20 13:58:24 -------- d-----w- C:\Users\Seamus\AppData\Local\{B094A7A9-FD43-464B-ADAB-260CD0615ABE}
    2011-11-19 21:59:21 -------- d-----w- C:\Users\Seamus\AppData\Local\{ABAF2680-EBD3-4F39-99F1-63C58BE67187}
    2011-11-19 13:41:10 -------- d-----w- C:\Python27
    2011-11-19 13:04:18 -------- d-----w- C:\Users\Seamus\Books
    2011-11-19 13:02:23 -------- d-----w- C:\Users\Seamus\.FBReader
    2011-11-19 13:01:51 -------- d-----w- C:\Program Files (x86)\FBReader
    2011-11-19 09:59:07 -------- d-----w- C:\Users\Seamus\AppData\Local\{52C8DEBE-445A-485D-BA29-767495AB0501}
    2011-11-18 20:46:34 -------- d-----w- C:\Users\Seamus\AppData\Local\{3C4CF1CA-81D5-4348-89B7-319178B6BACD}
    2011-11-18 20:46:11 -------- d-----w- C:\Users\Seamus\AppData\Local\{E5155D3E-2611-49C5-A0FC-5967C6A0E96A}
    2011-11-18 08:45:34 -------- d-----w- C:\Users\Seamus\AppData\Local\{3D78274F-CCF7-4129-81A7-4B9628327D47}
    2011-11-18 08:45:02 -------- d-----w- C:\Users\Seamus\AppData\Local\{13014C05-E8C3-48AD-AD4F-796BE02D9397}
    2011-11-17 15:13:30 -------- d-----w- C:\Users\Seamus\AppData\Local\{F12BDE70-ACC0-4742-871D-A5F061C7962F}
    2011-11-17 15:13:07 -------- d-----w- C:\Users\Seamus\AppData\Local\{5146C129-9B6C-4478-97D3-E64404F52840}
    2011-11-17 08:27:20 -------- d-----w- C:\Users\Seamus\AppData\Local\{9CFC3B07-4D01-420E-A309-33AF659B9ED4}
    2011-11-16 22:20:34 -------- d-----w- C:\Users\Seamus\AppData\Roaming\Box.Net
    2011-11-16 22:17:47 -------- d-----w- C:\Users\Seamus\AppData\Local\assembly
    2011-11-16 22:16:46 -------- d-----w- C:\Program Files (x86)\Box
    2011-11-16 22:10:48 -------- d-----w- C:\Users\Seamus\AppData\Roaming\Box
    2011-11-16 13:35:50 -------- d-----w- C:\Users\Seamus\AppData\Local\{F253614F-DF00-48E2-AC02-F4D77186CA88}
    2011-11-15 22:33:38 -------- d-----w- C:\Users\Seamus\AppData\Local\{D4D0D980-555C-486E-B10F-333A8AEDDA12}
    2011-11-15 10:33:01 -------- d-----w- C:\Users\Seamus\AppData\Local\{AE6A0C88-97CE-4557-81BF-9B15C8514BCD}
    2011-11-15 10:32:38 -------- d-----w- C:\Users\Seamus\AppData\Local\{5409FB44-56E4-43C1-9C3B-8C12E7FB7D08}
    2011-11-14 22:32:10 -------- d-----w- C:\Users\Seamus\AppData\Local\{4100AF61-9957-4B5E-AA24-078609A3B9C0}
    2011-11-14 22:31:48 -------- d-----w- C:\Users\Seamus\AppData\Local\{B37DE539-1D4E-4E7B-9712-EEBA5E80896D}
    2011-11-14 10:31:20 -------- d-----w- C:\Users\Seamus\AppData\Local\{727F6865-BB29-437F-9640-568D200EF2C6}
    2011-11-14 10:30:57 -------- d-----w- C:\Users\Seamus\AppData\Local\{4BEBF796-7A03-4499-BEA4-C512851EB284}
    2011-11-13 22:30:29 -------- d-----w- C:\Users\Seamus\AppData\Local\{4E7B7A14-AD2C-4497-BE0D-FE472F50A7D3}
    2011-11-13 22:30:06 -------- d-----w- C:\Users\Seamus\AppData\Local\{287B8EDE-D81C-4506-9DFF-D032F764DC0D}
    2011-11-13 10:29:51 -------- d-----w- C:\Users\Seamus\AppData\Local\{A805115B-2DFF-4CBD-9346-807BAFAEC786}
    2011-11-13 10:29:27 -------- d-----w- C:\Users\Seamus\AppData\Local\{056895C8-B93B-4C10-AA09-1BA4021F01D0}
    2011-11-13 01:56:55 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
    2011-11-13 01:56:55 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
    2011-11-13 01:56:54 3144704 ----a-w- C:\Windows\System32\win32k.sys
    2011-11-13 01:56:54 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2011-11-12 22:23:13 -------- d-----w- C:\Users\Seamus\AppData\Local\{60B784DA-3CE6-49D1-A5EC-4BEE9B13F40B}
    2011-11-12 10:22:33 -------- d-----w- C:\Users\Seamus\AppData\Local\{A43398B6-647D-4A29-BB25-44050E11B862}
    2011-11-11 22:21:53 -------- d-----w- C:\Users\Seamus\AppData\Local\{F167B4B1-FFD0-4EBE-B36F-42BF58DA25C0}
    2011-11-11 10:21:11 -------- d-----w- C:\Users\Seamus\AppData\Local\{83A87906-217E-40B6-9CB2-0436AC3B85FD}
    2011-11-10 22:20:31 -------- d-----w- C:\Users\Seamus\AppData\Local\{E363BD0C-3F27-402D-B070-5A8FDD5FF3CE}
    2011-11-10 22:20:08 -------- d-----w- C:\Users\Seamus\AppData\Local\{D59B323C-3878-4998-8E95-39C997E7C5E9}
    2011-11-10 10:19:24 -------- d-----w- C:\Users\Seamus\AppData\Local\{A3231384-E6A4-4FD4-925A-DBB7AD287B03}
    2011-11-10 10:18:51 -------- d-----w- C:\Users\Seamus\AppData\Local\{C968B6CC-4EA1-4240-9886-5534EEF24EFC}
    2011-11-09 22:07:37 -------- d-----w- C:\Users\Seamus\AppData\Local\{A32284F9-CCFA-43D7-AFB0-816880BDABF5}
    2011-11-09 10:06:59 -------- d-----w- C:\Users\Seamus\AppData\Local\{0F1B85D0-4715-4C90-BAD2-32B7080C40E5}
    2011-11-08 22:06:17 -------- d-----w- C:\Users\Seamus\AppData\Local\{0BB98F28-9850-4051-9F94-EBBA02C35A6B}
    2011-11-08 10:05:28 -------- d-----w- C:\Users\Seamus\AppData\Local\{43B6FE74-403F-4D98-A7CB-490BD824B16B}
    2011-11-07 22:04:59 -------- d-----w- C:\Users\Seamus\AppData\Local\{CCA3BBFE-A85E-4E33-BAF0-9A783A401AE2}
    2011-11-07 22:04:36 -------- d-----w- C:\Users\Seamus\AppData\Local\{2281F42A-6E41-466C-AB5D-FAC1405875EC}
    2011-11-07 08:59:34 -------- d-----w- C:\Users\Seamus\AppData\Local\{5B1B36E5-70F0-4B08-A750-C3B08C99C654}
    2011-11-07 08:59:20 -------- d-----w- C:\Users\Seamus\AppData\Local\{3AFBB57D-A018-4C93-92E2-BA61451FB912}
    2011-11-06 01:47:10 -------- d-----w- C:\Users\Seamus\AppData\Local\Ilivid Player
    2011-11-06 01:46:55 -------- dc-h--w- C:\ProgramData\{08E30618-5D06-461B-BBD3-4ADFB0810824}
    2011-11-06 01:46:45 -------- d-----w- C:\Program Files (x86)\iLivid
    2011-11-06 01:45:51 -------- d-----w- C:\Users\Seamus\AppData\Local\PackageAware
    2011-11-06 00:14:33 -------- d-----w- C:\Users\Seamus\AppData\Local\{57F73CEC-835A-4320-AC5E-03197C5B53E6}
    2011-11-06 00:14:10 -------- d-----w- C:\Users\Seamus\AppData\Local\{1B79BA22-BEE7-412C-A989-9AB2639D111C}
    2011-11-05 14:45:08 -------- d-----w- C:\Users\Seamus\AppData\Local\TvEpisodeRenamer
    2011-11-05 14:44:23 -------- d-----w- C:\Program Files (x86)\TvEpisodeRenamer
    2011-11-05 13:25:32 -------- d-----w- C:\Users\Seamus\AppData\Roaming\TVRenamer
    2011-11-05 12:35:15 -------- d-----w- C:\Program Files (x86)\JDownloader
    2011-11-05 12:13:39 -------- d-----w- C:\Users\Seamus\AppData\Local\{A7430DD6-1DD7-4683-831B-095AAD4F7D66}
    2011-11-05 12:13:15 -------- d-----w- C:\Users\Seamus\AppData\Local\{D12F24F9-8429-49F7-97B4-FCC9536F827D}
    2011-11-05 02:15:56 -------- d-----w- C:\Log
    2011-11-05 02:14:55 28664 ----a-w- C:\Windows\System32\Ckldrv.sys
    2011-11-05 02:14:55 27648 ----a-r- C:\Windows\Setup_ck.exe
    2011-11-05 02:14:55 18432 ----a-w- C:\Windows\Setup_ck.dll
    2011-11-05 02:14:55 165888 ----a-w- C:\Windows\Ckconfig.exe
    2011-11-05 02:14:55 122880 ----a-w- C:\Windows\System32\Crypserv.exe
    2011-11-05 02:14:55 11776 ----a-w- C:\Windows\Ckrfresh.exe
    2011-11-05 02:14:44 178176 ----a-w- C:\Windows\SysWow64\StellarProfile.dll
    2011-11-05 02:14:44 1207808 ----a-w- C:\Windows\SysWow64\PhoenixDll.dll
    2011-11-05 02:14:43 -------- d-----w- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery
    2011-11-05 01:41:09 -------- d-----w- C:\Program Files (x86)\DiskInternals
    2011-11-04 09:43:42 -------- d-----w- C:\Users\Seamus\AppData\Local\{CF8438CE-5BE9-4CB0-9F4E-D496F2EFD409}
    2011-11-04 09:43:14 -------- d-----w- C:\Users\Seamus\AppData\Local\{4FB56CA6-7F79-46CA-A103-64D4DBA9F33D}
    .
    ==================== Find3M ====================
    .
    2011-11-16 09:16:21 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-11-01 19:31:19 38320 ----a-w- C:\Windows\SysWow64\f3PSSavr.scr
    2011-10-03 04:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2011-09-17 08:21:57 53312 ----a-w- C:\Windows\System32\drivers\pssdk42.sys
    .
    ============= FINISH: 16:27:51.35 ===============
    Thanks in advance

    moose69
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1029505

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice