.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Jock at 19:58:02 on 2012-04-12
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4010.930 [GMT 1:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\ccSvcHst.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\AIM\aim.exe
C:\Users\Jock\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
C:\Program Files (x86)\Ginger\GingerClient.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
C:\Program Files\SRS Labs\SRS Control Panel\srspanel_64.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Ginger\GingerServices\GingerServices.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\igfxext.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe
C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page =
hxxp://isearch.avg.com/?cid={48AEED14-1377-413A-A2AF-5014F8DA6763}&mid=1d15d0654f9d47d1ba16653dd932c8da-055f4bebbaaa84848773987d26365bcb1bd81593&lang=en&ds=st011&pr=sa&d=2012-04-07 17:10:55&v=10.0.0.7&sap=hp
uDefault_Page_URL =
hxxp://samsung.msn.commStart Page =
hxxp://samsung.msn.comuInternet Settings,ProxyOverride = *.local
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
mWinlogon: Userinit=userinit.exe
BHO: Ginger Grammar & Spell Checker: {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} - C:\Program Files (x86)\Ginger\GingerIEAddin\adxloader.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\IPS\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
BHO: Samsung BHO Class: {aa609d72-8482-4076-8991-8cdae5b93bcb} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
BHO: Codecv Class: {bbc95637-ac5d-4c51-965e-82d984447f2e} - C:\ProgramData\Codecv\bhoclass.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\coIEPlg.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US
uRun: [googletalk] C:\Users\Jock\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [EnhanceViews_AutoWatched_Program_By_Carbon0x] C:\Users\Jock\Desktop\Enhanceviews Autowatcher v1.93(3).exe
uRun: [Facebook Update] "C:\Users\Jock\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\Jock\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Ginger.lnk - C:\Windows\Installer\{1A10532B-CC99-415C-A51F-B8418DE7A395}\NewShortcut1_07A8F5336D4F4AA6858FD2E3E66AF10F.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
DPF: {0920DBB1-D098-4ACE-9DDD-7A6F18A9ED66} -
hxxps://britishgastopup.paypoint.com/HomeVend.cabDPF: {283B7DE7-A1ED-4D27-AA59-C6E7427544D2} -
hxxps://bg.itronenergypoint.net/IHVConnect/KeyBoxControl.cabTCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{71A12470-5355-462F-A8C3-0A5D9E13CAD4} : DhcpNameServer = 194.168.4.100 194.168.8.100
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Ginger Grammar & Spell Checker: {0877c1fc-19c6-4fe2-8e3d-699d8edb2964} - C:\Program Files (x86)\Ginger\GingerIEAddin\adxloader.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\coIEPlg.dll
BHO-X64: Norton Identity Protection - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\IPS\IPSBHO.DLL
BHO-X64: Norton Vulnerability Protection - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
BHO-X64: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
BHO-X64: Samsung BHO Helper - No File
BHO-X64: Codecv Class: {BBC95637-AC5D-4C51-965E-82D984447F2E} - C:\ProgramData\Codecv\bhoclass.dll
BHO-X64: Codecv - No File
BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
BHO-X64: uTorrentBar - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\coIEPlg.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
mRun-x64: [RemoteControl10] "C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jock\AppData\Roaming\Mozilla\Firefox\Profiles\k7xmnb30.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}FF - prefs.js: browser.startup.homepage -
hxxp://www.google.co.uk/FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\Retrogamer_4wEI\Installr\1.bin\NP4wEISb.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Jock\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\Jock\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1306020.00A\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1306020.00A\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1306020.00A\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1306020.00A\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120402.001\BHDrvx64.sys [2012-4-3 1160824]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1306020.00A\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1306020.00A\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120411.001\IDSviA64.sys [2012-4-12 488568]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;\??\C:\Windows\system32\Drivers\SABI.sys --> C:\Windows\system32\Drivers\SABI.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1306020.00A\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1306020.00A\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1306020.00A\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1306020.00A\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-12 140672]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 GingerUpdateService;GingerUpdateService;C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe [2012-4-1 170824]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-12 654408]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\ccsvchst.exe [2012-3-29 138232]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-3-29 138360]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 t_mouse.sys;iBall Advanced Mouse;C:\Windows\system32\DRIVERS\t_mouse.sys --> C:\Windows\system32\DRIVERS\t_mouse.sys [?]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-9 253600]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 BTWAMPFL;BTWAMPFL;C:\Windows\system32\DRIVERS\btwampfl.sys --> C:\Windows\system32\DRIVERS\btwampfl.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 GemCCID;GemCCID;C:\Windows\system32\Drivers\GemCCID.sys --> C:\Windows\system32\Drivers\GemCCID.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 Samsung UPD Service;Samsung UPD Service;"C:\Windows\System32\SUPDSvc.exe" --> C:\Windows\System32\SUPDSvc.exe [?]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
.
=============== Created Last 30 ================
.
2012-04-12 17:01:12 2301208 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-04-12 17:01:01 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-04-12 17:00:57 710992 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-04-12 15:00:46 -------- d-----w- C:\Users\Jock\AppData\Roaming\Traffic Travis v4
2012-04-12 15:00:00 -------- d-----w- C:\Users\Jock\AppData\Roaming\Affilorama
2012-04-12 14:36:33 -------- d-----w- C:\Users\Jock\AppData\Roaming\Malwarebytes
2012-04-12 14:36:02 -------- d-----w- C:\ProgramData\Malwarebytes
2012-04-12 14:36:01 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-04-12 14:36:00 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-04-12 13:57:06 -------- d-----w- C:\Users\Jock\AppData\Roaming\SUPERAntiSpyware.com
2012-04-12 13:56:28 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-04-12 13:56:28 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-04-12 13:51:28 -------- d-----w- C:\Users\Jock\AppData\Local\{247628A3-1CEC-485B-B3B8-BC426977BC15}
2012-04-11 22:11:00 -------- d-----w- C:\Users\Jock\AppData\Local\{B4B1B841-3A79-4868-BB3E-E073F7E88F15}
2012-04-11 10:40:03 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FFC04099-39BE-452C-9A03-35F47CA18D76}\mpengine.dll
2012-04-11 10:10:48 -------- d-----w- C:\Users\Jock\AppData\Local\{FE1F1695-41FC-4105-911C-05BBCFF0B43E}
2012-04-10 15:47:42 -------- d-----w- C:\Users\Jock\AppData\Local\{49742E2C-49AD-4334-8DA3-B4F462AA98DA}
2012-04-10 03:47:18 -------- d-----w- C:\Users\Jock\AppData\Local\{854DE2F1-3AFF-4431-9315-29B0877B600E}
2012-04-09 14:05:21 8767136 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-04-09 13:17:38 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-09 13:00:47 -------- d-----w- C:\Users\Jock\AppData\Local\{CC85AAB4-39E4-445C-893C-DEB0AE69816A}
2012-04-08 23:49:24 -------- d-----w- C:\Users\Jock\AppData\Local\{D0C90D18-6CBA-48C0-BF73-8EB548302444}
2012-04-08 23:08:30 -------- d-----w- C:\Users\Jock\AppData\Roaming\EurekaLog
2012-04-08 17:25:17 -------- d-----w- C:\Users\Jock\AppData\Roaming\Article Marketing Robot
2012-04-08 17:25:17 -------- d-----w- C:\Program Files (x86)\Article Marketing Robot
2012-04-08 11:48:47 -------- d-----w- C:\Users\Jock\AppData\Local\{AEA6ABA7-483F-459C-89B4-7A2B2B223062}
2012-04-07 23:48:23 -------- d-----w- C:\Users\Jock\AppData\Local\{F7352335-0903-48F5-BDEF-F5EF3D543B0B}
2012-04-07 17:06:49 -------- d-----w- C:\Users\Jock\AppData\Local\Chromium
2012-04-07 16:12:19 -------- d-----w- C:\Program Files (x86)\SEGA
2012-04-07 16:10:56 -------- d-----w- C:\ProgramData\AVG Secure Search
2012-04-07 16:10:53 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2012-04-07 16:10:53 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2012-04-07 16:10:47 125376 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2012-04-07 16:10:46 -------- d-----w- C:\Program Files (x86)\PowerISO
2012-04-07 11:47:49 -------- d-----w- C:\Users\Jock\AppData\Local\{C05C9877-251B-48F6-9C9E-47FAA1C98705}
2012-04-07 00:48:44 -------- d-----w- C:\Users\Jock\AppData\Local\{F6C4ED37-B853-4808-A38C-50E5B0773293}
2012-04-06 18:12:59 68104 ----a-w- C:\Windows\System32\XAPOFX1_0.dll
2012-04-06 17:59:36 -------- d-----w- C:\Users\Jock\AppData\Local\SKIDROW
2012-04-06 17:59:32 -------- d-----w- C:\Users\Jock\AppData\Roaming\Sports Interactive
2012-04-06 17:59:32 -------- d-----w- C:\Users\Jock\AppData\Local\Sports Interactive
2012-04-06 12:47:49 -------- d-----w- C:\Users\Jock\AppData\Local\{593501EB-BA0D-40EF-A289-F9EE6C891E08}
2012-04-06 00:46:59 -------- d-----w- C:\Users\Jock\AppData\Local\{0268BB64-D011-4E0D-BA65-B7FF2F96C58A}
2012-04-05 12:46:36 -------- d-----w- C:\Users\Jock\AppData\Local\{C858D049-AA34-457D-9B97-6C9591D5049E}
2012-04-05 01:34:02 2301208 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-04-05 01:33:52 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-04-05 01:33:42 710992 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-04-05 00:24:54 -------- d-----w- C:\Users\Jock\AppData\Local\{3C3F1C8F-CED1-4DBE-BB24-32431C27666B}
2012-04-04 12:24:41 -------- d-----w- C:\Users\Jock\AppData\Local\{C45720AF-6DDB-4655-8FD0-A1E4207C3F4C}
2012-04-04 00:10:19 -------- d-----w- C:\Users\Jock\AppData\Local\{31D46827-A758-4D00-8446-8A8BCD65D20F}
2012-04-03 12:09:54 -------- d-----w- C:\Users\Jock\AppData\Local\{E033B796-ACC7-4EEE-8191-C639238CE42E}
2012-04-02 23:51:00 -------- d-----w- C:\ProgramData\Premium
2012-04-02 23:50:48 -------- d-----w- C:\ProgramData\Codecv
2012-04-02 23:50:41 -------- d-----w- C:\codec-info
2012-04-02 23:50:27 -------- d-----w- C:\ProgramData\InstallMate
2012-04-02 23:02:49 -------- d-----w- C:\Users\Jock\AppData\Local\{4D9A290F-1B75-446D-A2D7-C4A2D4ACC852}
2012-04-02 11:02:36 -------- d-----w- C:\Users\Jock\AppData\Local\{F6618C60-258C-4AEC-9887-D799BE47FCB8}
2012-04-01 22:51:30 -------- d-----w- C:\Users\Jock\AppData\Local\{2F5BDC24-2F96-499E-976F-1FAF9284B151}
2012-04-01 10:51:18 -------- d-----w- C:\Users\Jock\AppData\Local\{76278707-0B3D-424C-94DA-32EBD487CB01}
2012-03-31 14:58:33 -------- d-----w- C:\Users\Jock\AppData\Local\{482FCEFB-BD75-4CD2-99F0-75B170149D40}
2012-03-31 02:57:58 -------- d-----w- C:\Users\Jock\AppData\Local\{7624AE1D-0A76-45C9-A229-2EEB3E88C5E5}
2012-03-30 17:55:35 -------- d-----w- C:\Users\Jock\AppData\Local\CyberLink
2012-03-30 14:57:35 -------- d-----w- C:\Users\Jock\AppData\Local\{0551DB28-5627-41A0-A208-D5CAF452287B}
2012-03-30 02:57:10 -------- d-----w- C:\Users\Jock\AppData\Local\{9BB52DC1-1AA2-497C-936B-B6C7D6D6DC5F}
2012-03-29 12:50:47 405624 ----a-w- C:\Windows\System32\drivers\NISx64\1306020.00A\symnets.sys
2012-03-29 12:50:47 1092728 ----a-w- C:\Windows\System32\drivers\NISx64\1306020.00A\symefa64.sys
2012-03-29 12:50:46 738936 ----a-w- C:\Windows\System32\drivers\NISx64\1306020.00A\srtsp64.sys
2012-03-29 12:50:46 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1306020.00A\symds64.sys
2012-03-29 12:50:46 37496 ----a-w- C:\Windows\System32\drivers\NISx64\1306020.00A\srtspx64.sys
2012-03-29 12:50:46 190072 ----a-w- C:\Windows\System32\drivers\NISx64\1306020.00A\ironx64.sys
2012-03-29 12:50:46 167048 ----a-w- C:\Windows\System32\drivers\NISx64\1306020.00A\ccsetx64.sys
2012-03-29 12:50:18 -------- d-----w- C:\Windows\System32\drivers\NISx64\1306020.00A
2012-03-29 12:27:04 -------- d-----w- C:\Users\Jock\AppData\Local\{6881A53E-1B5A-448A-A0C4-A86C358D9D2D}
2012-03-29 01:35:52 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-03-29 01:10:27 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-03-29 01:09:48 -------- d-----w- C:\Program Files (x86)\Norton Internet Security
2012-03-29 01:09:47 -------- d-----w- C:\ProgramData\Norton
2012-03-29 01:07:53 -------- d-----w- C:\ProgramData\NortonInstaller
2012-03-29 01:07:53 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2012-03-29 00:56:39 -------- d-----w- C:\Program Files\Symantec
2012-03-29 00:56:39 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2012-03-29 00:55:52 -------- d-----w- C:\Windows\System32\drivers\NISx64
2012-03-28 21:54:49 -------- d-----w- C:\Users\Jock\AppData\Local\{E4A78821-BF38-4983-A104-1277E206F610}
2012-03-28 21:54:26 -------- d-----w- C:\Users\Jock\AppData\Local\{A2EC3730-6DB6-49E6-B367-6EFFD8D6761A}
2012-03-28 09:53:11 -------- d-----w- C:\Users\Jock\AppData\Local\{AE6B374D-9E0F-4F69-A0A3-FE0FC1DDB4BD}
2012-03-28 09:52:46 -------- d-----w- C:\Users\Jock\AppData\Local\{03B58C70-79FF-4197-8E8C-CBCC93784241}
2012-03-27 21:51:25 -------- d-----w- C:\Users\Jock\AppData\Local\{DE1F6E92-5BBD-4673-AEF1-93D3A762B5D5}
2012-03-27 21:51:04 -------- d-----w- C:\Users\Jock\AppData\Local\{790E7FA3-BC30-4F58-AA52-9D73A20494ED}
2012-03-27 09:49:37 -------- d-----w- C:\Users\Jock\AppData\Local\{F2816DC8-3AD9-4E20-AA24-9326CDB7F3A8}
2012-03-27 09:49:15 -------- d-----w- C:\Users\Jock\AppData\Local\{D0B3CAC2-B49D-4C39-88B3-09C3AF73D909}
2012-03-26 21:47:38 -------- d-----w- C:\Users\Jock\AppData\Local\{C217CB0F-6CE7-4227-993A-064B47575FC1}
2012-03-26 21:47:16 -------- d-----w- C:\Users\Jock\AppData\Local\{196F655D-190B-41CA-A28F-1CD886A3539A}
2012-03-26 09:45:20 -------- d-----w- C:\Users\Jock\AppData\Local\{4B7D1DF0-A661-411F-891C-CA108CC1D9AA}
2012-03-26 09:44:56 -------- d-----w- C:\Users\Jock\AppData\Local\{CA4B4FE5-6AC5-490E-9013-DDFE0282BBA5}
2012-03-25 14:23:32 -------- d-----w- C:\Users\Jock\AppData\Local\{0CF09E8A-5F77-49BB-ADF1-17738879DB76}
2012-03-25 14:23:09 -------- d-----w- C:\Users\Jock\AppData\Local\{9853A715-EF5E-4D8C-BD68-2068B26D85DD}
2012-03-25 02:21:40 -------- d-----w- C:\Users\Jock\AppData\Local\{C55C0CD0-39F1-47E3-8DE6-0C4139E02034}
2012-03-25 02:21:19 -------- d-----w- C:\Users\Jock\AppData\Local\{9CEF8275-E8C7-4C89-9BD9-F3AFEFF41F4A}
2012-03-24 14:19:56 -------- d-----w- C:\Users\Jock\AppData\Local\{B07CA83D-DFB3-48F3-B210-1AD9A589FF68}
2012-03-24 14:19:34 -------- d-----w- C:\Users\Jock\AppData\Local\{1C724F6F-89DF-430A-AD18-89D51CB720D8}
2012-03-24 02:17:59 -------- d-----w- C:\Users\Jock\AppData\Local\{86615EE5-FFDE-4684-87CF-2C05AD126304}
2012-03-24 02:17:36 -------- d-----w- C:\Users\Jock\AppData\Local\{6974546E-B903-461D-9A5E-2940D7296A3A}
2012-03-23 14:15:20 -------- d-----w- C:\Users\Jock\AppData\Local\{47FE49ED-B7AB-4212-8BB9-26A46B1747AD}
2012-03-23 14:15:04 -------- d-----w- C:\Users\Jock\AppData\Local\{54DDD240-0DD4-459D-B6D6-190BBB546E93}
2012-03-22 18:19:56 -------- d-----w- C:\Users\Jock\AppData\Roaming\Acapela Group
2012-03-22 18:03:51 -------- d-----w- C:\Program Files (x86)\Ginger
2012-03-22 15:30:35 -------- d-----w- C:\Users\Jock\AppData\Local\{D8DDF2E4-F98A-4BB2-9BDC-5C3586C9971E}
2012-03-22 15:30:13 -------- d-----w- C:\Users\Jock\AppData\Local\{98CD3489-BD07-4B81-B4E6-D1827D5F8B3F}
2012-03-22 03:28:56 -------- d-----w- C:\Users\Jock\AppData\Local\{D08A75CA-197C-4894-B6B8-6D62ABAE919B}
2012-03-22 03:28:34 -------- d-----w- C:\Users\Jock\AppData\Local\{1650E38B-EF6B-46D2-9652-9AC77A63F1DA}
2012-03-21 15:27:08 -------- d-----w- C:\Users\Jock\AppData\Local\{81E0C6B2-15AE-4420-B7AF-EFEDC96AF3B1}
2012-03-21 15:26:55 -------- d-----w- C:\Users\Jock\AppData\Local\{567E86B1-A0C9-44E6-B76E-A6D35B30C1B9}
2012-03-21 01:18:29 -------- d-----w- C:\Users\Jock\AppData\Local\{7494122C-5DC3-4B51-965B-773F095540C3}
2012-03-21 01:18:07 -------- d-----w- C:\Users\Jock\AppData\Local\{906FE2B5-98BB-4AF5-A825-1126687DD7DB}
2012-03-20 13:16:48 -------- d-----w- C:\Users\Jock\AppData\Local\{444039A5-49CF-44E5-909A-76ED62C4843C}
2012-03-20 13:16:25 -------- d-----w- C:\Users\Jock\AppData\Local\{E296B18B-AE9C-400D-8944-03792616561A}
2012-03-20 01:16:58 -------- d-----w- C:\Users\Jock\AppData\Local\Facebook
2012-03-20 01:14:45 -------- d-----w- C:\Users\Jock\AppData\Local\{33BD446C-60F8-4567-8A4A-F6FDE7EB0486}
2012-03-19 13:11:57 -------- d-----w- C:\Users\Jock\AppData\Local\{153BDFC1-52A1-4CA5-8EBA-D5CF1794CD88}
2012-03-19 13:11:44 -------- d-----w- C:\Users\Jock\AppData\Local\{4CB171EA-1FF5-48BF-B1B1-CB911A1C4AAB}
2012-03-18 15:23:25 -------- d-----w- C:\Users\Jock\AppData\Local\{92D319EE-1664-4F5D-9C7A-B8A31D96BBA0}
2012-03-18 15:23:03 -------- d-----w- C:\Users\Jock\AppData\Local\{0DCF42F7-539D-41DB-981B-0DA38DD02B2E}
2012-03-18 03:21:25 -------- d-----w- C:\Users\Jock\AppData\Local\{67013C29-5AF5-4ACE-A631-50D9A9598A9C}
2012-03-18 03:21:03 -------- d-----w- C:\Users\Jock\AppData\Local\{905487BB-5B17-46F9-B1D7-FD0D93A887FF}
2012-03-17 23:08:37 592824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-17 23:08:37 44472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-03-17 15:19:32 -------- d-----w- C:\Users\Jock\AppData\Local\{77969797-7CB7-45A2-87A5-86932B03F1C6}
2012-03-17 15:19:10 -------- d-----w- C:\Users\Jock\AppData\Local\{20655B00-33F0-428E-832F-E6A8A8F1B5D6}
2012-03-17 03:17:36 -------- d-----w- C:\Users\Jock\AppData\Local\{B1E3BCD7-9EA5-4871-A1D3-A690135B8F83}
2012-03-17 03:17:13 -------- d-----w- C:\Users\Jock\AppData\Local\{BFE246B9-74A1-4C9A-B536-9B64F8F73587}
2012-03-16 15:15:31 -------- d-----w- C:\Users\Jock\AppData\Local\{385FEC50-ED20-462F-A82D-3CF4BA0EE183}
2012-03-16 15:15:19 -------- d-----w- C:\Users\Jock\AppData\Local\{F344A2F5-672D-4DC3-86C2-58A21095B79A}
2012-03-15 15:22:52 -------- d-----w- C:\Users\Jock\AppData\Local\{0E2599A6-163D-44E6-9D09-E878129D52F8}
2012-03-15 15:22:30 -------- d-----w- C:\Users\Jock\AppData\Local\{6363F251-D9FE-4294-9EF3-FE7541C1DA5E}
2012-03-15 03:19:44 -------- d-----w- C:\Users\Jock\AppData\Local\{9D3E51E4-4A06-40B6-A673-D640572A80D2}
2012-03-15 03:19:22 -------- d-----w- C:\Users\Jock\AppData\Local\{A27A705B-E0FC-4FBA-B9A7-097625A08D95}
2012-03-15 03:06:00 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-15 03:05:58 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-15 03:05:57 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-14 15:17:50 -------- d-----w- C:\Users\Jock\AppData\Local\{30316F29-BA57-439C-9BA0-69D56307FA32}
2012-03-14 15:17:28 -------- d-----w- C:\Users\Jock\AppData\Local\{4833F87B-A95C-4D94-B2B4-0B86C3F75704}
2012-03-14 14:23:00 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-03-14 14:22:59 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-14 14:22:59 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-14 14:22:33 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-14 14:22:33 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-14 14:22:33 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-14 14:22:33 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-14 14:22:32 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-14 14:22:32 77312 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-14 14:22:32 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-14 03:15:44 -------- d-----w- C:\Users\Jock\AppData\Local\{9D82D5B1-19CE-4D68-8F67-6797DF0832E8}
2012-03-14 03:15:32 -------- d-----w- C:\Users\Jock\AppData\Local\{8E40490D-CA9E-4C86-956B-04E909ED11A2}
.
==================== Find3M ====================
.
2012-04-09 14:05:44 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 09:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 19:59:55.86 ===============