. DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_27 Run by Benjy at 18:39:30 on 2011-11-12 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.3325.1576 [GMT 0:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\atieclxx.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\FsUsbExService.Exe C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\taskeng.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\McAfee\SiteAdvisor\McSACore.exe C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\STacSV.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\Pen_Tablet.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\Dell\apache\bin\httpd.exe C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe C:\Program Files\Common Files\Dell\apache\bin\httpd.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\WTablet\Pen_TabletUser.exe C:\Windows\system32\Pen_Tablet.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\ehome\ehsched.exe C:\Windows\ehome\ehRecvr.exe c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe C:\Windows\Explorer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.sky.com/ uInternet Settings,ProxyOverride = *.local uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLL BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20111105171446.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll uRun: [OfficeSyncProcess] "c:\program files\microsoft office\office14\MSOSYNC.EXE" uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe mRun: [Bluetooth HCI Monitor] RunDll32 HCIMNTR.DLL,RunCheckHCIMode mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe" mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe" mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatchTray10.exe" mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide mRun: [Logitech Hardware Abstraction Layer] "c:\program files\common files\logitech\khalshared\KHALMNPR.EXE" mRun: [Logitech BT Wizard] LBTWiz.exe -silent mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE mRun: [ECenter] c:\dell\e-center\EULALauncher.exe mRun: [MCE Standby Tool] "c:\program files\mce standby tool\mst.exe" engine mRun: [AirPort Base Station Agent] "c:\program files\airport\APAgent.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime StartupFolder: c:\users\benjy\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\benjy\appdata\roaming\dropbox\bin\Dropbox.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {08E730A4-FB02-45BD-A900-01E4AD8016F6} IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{037AB0C3-65E5-4264-BEC4-A079293BF0BA} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{0C1C1AB7-7886-45EA-88BA-FDA141144A56} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{1CA01406-E3EB-4CCA-814B-8684C1FFA636} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{32E6C059-9570-42DF-BCE2-45B3C24ECC57} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{4E274CD6-B2A7-493F-89A8-2A251EEBB3C2} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{8A7A1891-51BC-427A-9679-46E165123075} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{8FABE2CF-F5A9-4634-8162-7FBC5EE2B647} : DhcpNameServer = 192.168.0.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\benjy\appdata\roaming\mozilla\firefox\profiles\9qnqdam4.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - www.empireonline.com FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - prefs.js: keyword.enabled - false FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll FF - plugin: c:\program files\vistacodecpack\rm\browser\plugins\nppl3260.dll FF - plugin: c:\program files\vistacodecpack\rm\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\benjy\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll . ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-10-24 64512] R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2010-8-13 461864] R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2010-8-13 64712] R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-8-13 164776] R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2011/04/02 18:25:08];c:\program files\cyberlink\powerdvd dx\000.fcl [2008-9-27 87536] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-4-20 176128] R2 Apache2.2;Remote Access Media Server;c:\program files\common files\dell\apache\bin\httpd.exe [2007-9-21 15872] R2 dsl-fs-sync;Remote Access File Sync Service;c:\program files\common files\dell\remote access file sync service\dsl_fs_sync.exe [2009-4-13 189680] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504] R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-10-21 217088] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-8-18 2152152] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2010-1-11 94880] R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-8-13 214904] R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-8-13 214904] R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2010-8-13 214904] R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2010-8-13 166024] R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2010-8-13 160344] R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\common files\mcafee\systemcore\mfevtps.exe [2010-8-13 148520] R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2009-9-15 2749736] R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-4-20 7772160] R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-4-20 243712] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdLH3.sys [2011-3-30 97808] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-8-13 57432] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-10-21 36640] R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-7-14 1443584] R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-8-18 15232] R3 LazerUsb;Lumanate Lazer USB;c:\windows\system32\drivers\LazerUsb.sys [2007-10-16 5739520] R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-8-13 180072] R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-8-13 59288] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-8-13 338040] R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192su.sys [2011-2-16 516608] S2 CLKMSVC10_06A08EA1;CyberLink Product - 2011/04/02 18:24:50;c:\program files\cyberlink\powerdvd dx\kernel\bd\navfilter\kmsvc.exe [2011-4-2 240360] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 dsl-db;Remote Access DB;c:\program files\common files\dell\mysql\bin\mysqld.exe [2007-9-14 5730304] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-17 135664] S2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe [2008-5-14 309744] S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatch10.exe [2008-5-14 166384] S2 SessionLauncher;SessionLauncher; [x] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2011-2-6 30312] S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2011-2-6 20032] S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-20 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-5-17 135664] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-8-13 87808] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2008-5-14 1120752] S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8192cu.sys [2010-12-31 700008] S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [2010-7-29 112384] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-2-6 121192] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-2-6 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-2-6 136680] S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2009-9-15 15656] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-3-9 92592] S4 uvnc_service;UltraVNC Server;c:\programdata\ultravnc\winvnc.exe -service --> c:\programdata\ultravnc\winvnc.exe -service [?] . =============== Created Last 30 ================ . 2011-11-12 18:28:02 -------- d-----w- c:\users\benjy\appdata\local\temp 2011-11-12 18:07:55 -------- d-----w- C:\$RECYCLE.BIN 2011-11-12 18:06:22 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{26a561e6-e477-4461-b44e-7e4ca5e60acc}\offreg.dll 2011-11-12 17:40:36 98816 ----a-w- c:\windows\sed.exe 2011-11-12 17:40:36 518144 ----a-w- c:\windows\SWREG.exe 2011-11-12 17:40:36 256000 ----a-w- c:\windows\PEV.exe 2011-11-12 17:40:36 208896 ----a-w- c:\windows\MBR.exe 2011-11-11 17:12:50 16432 ----a-w- c:\windows\system32\lsdelete.exe 2011-11-11 08:22:24 6668624 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{26a561e6-e477-4461-b44e-7e4ca5e60acc}\mpengine.dll 2011-11-09 21:32:06 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat 2011-11-09 21:31:50 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-11-09 21:31:44 707584 ----a-w- c:\program files\common files\system\wab32.dll 2011-11-05 17:14:37 28504 ----a-w- c:\program files\mozilla firefox\ScriptFF.dll 2011-10-24 16:27:33 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys 2011-10-24 16:27:23 -------- d-----w- c:\program files\Lavasoft 2011-10-16 18:55:32 18139008 ----a-w- c:\program files\common files\microsoft shared\office14\MSO.DLL . ==================== Find3M ==================== . 2011-10-05 16:31:09 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-04 08:00:00 74752 ----a-w- c:\windows\system32\ff_vfw.dll 2011-09-06 13:30:12 2043392 ----a-w- c:\windows\system32\win32k.sys 2011-09-01 02:35:59 1798144 ----a-w- c:\windows\system32\jscript9.dll 2011-09-01 02:28:15 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-09-01 02:22:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-08-25 16:15:04 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2011-08-25 16:14:01 563712 ----a-w- c:\windows\system32\oleaut32.dll 2011-08-25 16:14:01 238080 ----a-w- c:\windows\system32\oleacc.dll 2011-08-25 13:31:01 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2011-08-15 10:00:06 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2011-08-15 10:00:06 87808 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2011-08-15 10:00:06 64712 ----a-w- c:\windows\system32\drivers\mfenlfk.sys 2011-08-15 10:00:06 59288 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2011-08-15 10:00:06 57432 ----a-w- c:\windows\system32\drivers\cfwids.sys 2011-08-15 10:00:06 461864 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2011-08-15 10:00:06 338040 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2011-08-15 10:00:06 180072 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2011-08-15 10:00:06 164776 ----a-w- c:\windows\system32\drivers\mfewfpk.sys 2011-08-15 10:00:06 119808 ----a-w- c:\windows\system32\drivers\mfeapfk.sys . ============= FINISH: 18:40:44.07 ===============