DDS (Ver_10-11-10.01) - NTFSx86
Run by theluckyman at 17:51:37.41 on Sun 11/14/2010
Internet Explorer: 9.0.7930.16406 BrowserJavaVersion: 1.6.0_22
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2942.1755 [GMT -6:00]
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Privoxy\privoxy.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\theluckyman\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe
============== Pseudo HJT Report ===============
uStart Page =
https://encrypted.google.com/
mStart Page = about:blank
uInternet Settings,ProxyOverride = local;<local>
uInternet Settings,ProxyServer = 127.0.0.1:8118
BHO: IDMIEHlprObj Class: {0055c089-8582-441b-a0bf-17b458c2a3a8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Download Guard for Internet Explorer: {20c1a7f0-528e-444f-bac5-5804a61cca7f} - c:\program files\lavasoft\download guard for internet explorer\DownloadGuardBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\privoxy.lnk - c:\program files\privoxy\privoxy.exe
uPolicies-explorer: TaskbarNoNotification = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\internet download manager\IEGetVL.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
LSP: c:\program files\iobit\advanced systemcare 3\SPICtrl.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Hosts: 127.0.0.1
www.spywareinfo.com
================= FIREFOX ===================
FF - ProfilePath - c:\users\theluc~1\appdata\roaming\mozilla\firefox\profiles\eajxme4d.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF - prefs.js: browser.startup.homepage - hxxps://encrypted.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q=
FF - component: c:\users\theluckyman\appdata\roaming\mozilla\firefox\profiles\eajxme4d.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\google\google updater\2.4.1970.7372\npCIDetect14.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft\web platform installer\NPWPIDetector.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\opera\program\plugins\NpDam.dll
FF - plugin: c:\program files\purple communications\p3\npp3remote.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\theluckyman\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: content.notify.backoffcount - 5
FF - user.js: ui.submenuDelay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: content.notify.interval - 600000
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
============= SERVICES / DRIVERS ===============
R0 02558312;02558312 Boot Guard Driver;c:\windows\system32\drivers\02558312.sys [2010-11-11 37392]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-10-12 218592]
R1 dvdfabio;dvdfabio;c:\windows\system32\drivers\dvdfabio.sys [2010-10-29 11392]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-12-2 165264]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-11-13 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-11-13 267944]
R2 IDMWFP;IDMWFP;c:\windows\system32\drivers\idmwfp.sys [2010-10-26 83184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-10-26 304464]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\oo software\defrag\oodag.exe [2010-6-21 1619272]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2011\TuneUpUtilitiesService32.exe [2010-10-27 1483072]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-7-15 101904]
R3 dvdfab;dvdfab;c:\windows\system32\drivers\dvdfab.sys [2010-11-13 49024]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-10-26 20952]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2009-12-2 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-6-29 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2010-9-14 190928]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-10-4 193640]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-6-23 275048]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2010-3-31 379904]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-7 10064]
R3 vdrive;vdrive;c:\windows\system32\drivers\vdrive.sys [2010-10-29 34560]
S2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2009-7-13 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-9-8 1375992]
S2 moohelp;The Cleaner 2011 Helper Service;c:\program files\the cleaner\mhelper.exe [2010-11-13 813056]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-7-7 23456]
S3 DVDHlp;DVDHlp Driver;c:\windows\system32\drivers\dvdhlp.sys [2010-9-9 106432]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-16 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352]
S3 KProcessHacker;KProcessHacker;c:\users\theluckyman\desktop\tool systems\process hacker\kprocesshacker.sys [2010-4-23 59904]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-9-8 15264]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 pbfilter;pbfilter;c:\program files\peerblock\pbfilter.sys [2010-3-17 16472]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-9-18 27192]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-10-12 366840]
S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-10-12 1142224]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\drivers\tapoas.sys [2010-7-21 26112]
S4 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2010-10-6 312152]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
=============== File Associations ===============
JSEFile=NOTEPAD.EXE %1
=============== Created Last 30 ================
2010-11-14 20:34:36 6146896 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{abac0276-ace7-4e32-b114-ceca37081b58}\mpengine.dll
2010-11-14 19:16:03 388096 ----a-r- c:\users\theluc~1\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2010-11-14 16:27:39 -------- d-----w- c:\users\theluc~1\appdata\roaming\Avira
2010-11-14 11:03:37 439632 ------w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{07ea3212-aa65-4dc1-a71f-aa9734637fea}\gapaengine.dll
2010-11-13 22:02:51 -------- d-----w- c:\users\theluc~1\appdata\roaming\thecleaner
2010-11-13 22:02:21 -------- d-----w- c:\program files\The Cleaner
2010-11-13 16:05:24 -------- d-----w- c:\program files\DVDFab Passkey 7
2010-11-13 15:38:35 49024 ----a-w- c:\windows\system32\drivers\dvdfab.sys
2010-11-13 15:38:34 -------- d-----w- c:\program files\DVDFab Passkey
2010-11-13 15:09:05 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-11-12 20:32:11 -------- d-----w- c:\users\theluc~1\appdata\roaming\TweetAdder3
2010-11-12 20:09:16 -------- d-----w- c:\program files\Tweet Adder 3
2010-11-11 23:49:56 -------- d-----w- c:\program files\Cinema Craft Encoder SP v2.67.00.27
2010-11-11 19:59:36 -------- d-----w- c:\progra~2\Kaspersky Lab
2010-11-11 19:19:16 37392 ----a-w- c:\windows\system32\drivers\02558312.sys
2010-11-11 19:19:16 311312 ----a-w- c:\windows\system32\drivers\0255831.sys
2010-11-11 15:07:04 -------- d-----w- c:\program files\GridinSoft Trojan Killer
2010-11-11 15:00:19 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2010-11-11 15:00:19 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2010-11-11 15:00:18 75264 ----a-w- c:\windows\system32\unacev2.dll
2010-11-11 15:00:18 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2010-11-11 15:00:18 153088 ----a-w- c:\windows\system32\unrar3.dll
2010-11-11 14:59:31 -------- d-----w- c:\users\theluc~1\appdata\roaming\Simply Super Software
2010-11-11 14:59:31 -------- d-----w- c:\progra~2\Simply Super Software
2010-11-10 21:13:48 -------- d-----w- c:\windows\TempACB2B7F5-71D4-E64D-BE4F-59120DC00668-Signatures
2010-11-09 01:20:16 -------- d-----w- c:\users\theluc~1\appdata\roaming\SmartPCTools
2010-11-09 01:19:33 -------- d-----w- c:\program files\SmartPCTools
2010-11-06 04:09:47 -------- d-----w- c:\program files\Karen's Power Tools
2010-11-06 04:09:39 -------- d-----w- c:\progra~2\Karen's Power Tools
2010-11-05 00:38:58 -------- d-----w- c:\program files\uTorrent Ultra Accelerator
2010-11-04 01:15:41 -------- d-----w- c:\users\theluc~1\appdata\roaming\IDM
2010-11-04 01:15:41 -------- d-----w- c:\program files\Internet Download Manager
2010-11-04 01:15:41 -------- d-----w- C:\Belgelerim
2010-11-04 01:11:30 -------- d-----w- c:\progra~2\Kaspersky Lab Setup Files
2010-11-04 00:02:47 -------- d-----w- c:\program files\Intelore
2010-11-04 00:01:21 735481 ----a-w- c:\users\theluc~1\appdata\roaming\Setup.exe
2010-11-03 21:41:04 94296 ----a-w- c:\windows\system32\drivers\idmtdi.sys
2010-11-03 15:43:45 -------- d-----w- c:\program files\Nsasoft
2010-10-31 02:56:49 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2010-10-31 02:56:43 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2010-10-31 02:56:43 21312 ----a-w- c:\windows\system32\authuitu.dll
2010-10-31 02:56:04 -------- d-----w- c:\program files\TuneUp Utilities 2011
2010-10-31 02:52:49 -------- d-sh--w- c:\progra~2\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2010-10-31 02:50:52 -------- d-----w- c:\users\theluc~1\appdata\local\Thinstall
2010-10-29 23:51:13 34560 ----a-w- c:\windows\system32\drivers\vdrive.sys
2010-10-29 23:51:13 11392 ----a-w- c:\windows\system32\drivers\dvdfabio.sys
2010-10-29 23:51:13 -------- d-----w- c:\program files\DVDFab Virtual Drive
2010-10-28 23:17:49 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-10-28 13:19:19 -------- d-----w- c:\program files\DVD-RB PRO
2010-10-27 20:53:05 -------- d-----w- C:\IObit
2010-10-26 21:49:11 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-10-26 21:49:11 417792 ----a-w- c:\windows\system32\msdri.dll
2010-10-26 21:49:11 204288 ----a-w- c:\windows\system32\MSNP.ax
2010-10-26 21:49:11 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2010-10-26 21:48:59 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2010-10-26 21:05:10 -------- d-----w- c:\users\theluc~1\appdata\roaming\Process Hacker
2010-10-26 14:02:59 83184 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2010-10-26 10:31:04 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-26 10:30:59 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-25 17:38:47 -------- d-----w- c:\users\theluc~1\appdata\local\AIM
2010-10-25 17:38:46 -------- d-----w- c:\users\theluc~1\appdata\local\AOL
2010-10-25 01:37:23 -------- d-----w- c:\users\theluc~1\appdata\roaming\ScanSpyware
2010-10-24 19:50:39 -------- d-----w- c:\users\theluc~1\appdata\roaming\EurekaLog
2010-10-24 11:36:02 -------- d-----w- c:\users\theluc~1\appdata\local\Apple
2010-10-23 20:08:21 -------- d-----w- c:\users\theluc~1\appdata\roaming\Azureus
2010-10-23 20:06:55 -------- d-----w- c:\program files\Vuze
2010-10-23 10:50:06 -------- d--h--w- c:\progra~2\{CCE9E666-4D7C-4946-A98B-CFDE0A0C1706}
2010-10-23 10:49:53 -------- dc-h--w- c:\progra~2\{437292BE-95BD-4B12-B699-6D217A03ACAF}
2010-10-23 10:49:30 -------- d-----w- c:\program files\Lavasoft
2010-10-22 12:41:30 -------- d-----w- c:\users\theluc~1\appdata\local\Opera
2010-10-22 12:41:25 -------- d-----w- c:\program files\Opera 11.00 alpha
2010-10-21 00:58:43 -------- d-----w- c:\users\theluc~1\appdata\local\Adobe
2010-10-19 12:54:55 -------- d-----w- c:\windows\ehome
2010-10-18 11:57:47 -------- d-----w- c:\users\theluc~1\appdata\roaming\Megaupload
2010-10-18 11:57:06 -------- d-----w- c:\program files\Megaupload
2010-10-18 02:49:11 -------- d-----w- c:\program files\mIRC
2010-10-17 01:56:29 -------- d-----w- c:\windows\en
2010-10-17 01:55:48 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-10-17 01:49:16 2983424 ----a-w- c:\windows\system32\UIRibbon.dll
2010-10-17 01:49:15 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-10-17 01:48:10 469256 ----a-w- c:\program files\common files\windows live\.cache\58e333151cb6d9d06\InstallManager_WLE_WLE.exe
2010-10-17 01:47:58 15712 ----a-w- c:\program files\common files\windows live\.cache\5302cd691cb6d9d05\MeshBetaRemover.exe
2010-10-17 01:47:56 94040 ----a-w- c:\program files\common files\windows live\.cache\51c897c51cb6d9d04\DSETUP.dll
2010-10-17 01:47:56 525656 ----a-w- c:\program files\common files\windows live\.cache\51c897c51cb6d9d04\DXSETUP.exe
2010-10-17 01:47:56 1691480 ----a-w- c:\program files\common files\windows live\.cache\51c897c51cb6d9d04\dsetup32.dll
2010-10-17 01:47:54 94040 ----a-w- c:\program files\common files\windows live\.cache\4f9210441cb6d9d03\DSETUP.dll
2010-10-17 01:47:54 525656 ----a-w- c:\program files\common files\windows live\.cache\4f9210441cb6d9d03\DXSETUP.exe
2010-10-17 01:47:54 1691480 ----a-w- c:\program files\common files\windows live\.cache\4f9210441cb6d9d03\dsetup32.dll
==================== Find3M ====================
2010-10-19 20:51:33 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-14 01:12:18 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-10-09 20:38:51 2 --shatr- c:\windows\winstart.bat
2010-09-28 20:01:30 13824 ----a-w- c:\windows\system32\slwga.dll
2010-09-28 20:01:29 409088 ----a-w- c:\windows\system32\systemcpl.dll
2010-09-23 05:47:28 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-23 05:32:56 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-21 19:03:14 208768 ----a-w- c:\windows\system32\LIVESSP.DLL
2010-09-01 05:46:36 1355264 ----a-w- c:\windows\system32\jscript9.dll
2010-09-01 05:44:32 367104 ----a-w- c:\windows\system32\html.iec
2010-09-01 05:44:30 1448448 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-01 05:44:24 1122304 ----a-w- c:\windows\system32\wininet.dll
2010-09-01 05:44:06 424960 ----a-w- c:\windows\system32\vbscript.dll
2010-09-01 05:43:22 23552 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-01 05:43:12 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2010-09-01 05:43:12 114176 ----a-w- c:\windows\system32\iesysprep.dll
2010-09-01 05:43:10 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2010-09-01 05:43:10 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2010-09-01 05:42:58 51200 ----a-w- c:\windows\system32\admparse.dll
2010-09-01 05:42:54 75264 ----a-w- c:\windows\system32\iesetup.dll
2010-09-01 05:42:48 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2010-09-01 05:42:42 150016 ----a-w- c:\windows\system32\iexpress.exe
2010-09-01 05:42:42 149504 ----a-w- c:\windows\system32\wextract.exe
2010-09-01 05:42:20 33280 ----a-w- c:\windows\system32\imgutil.dll
2010-09-01 05:42:16 48640 ----a-w- c:\windows\system32\mshtmler.dll
2010-09-01 05:42:12 11264 ----a-w- c:\windows\system32\mshta.exe
2010-09-01 05:42:10 2381824 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-01 05:42:04 63488 ----a-w- c:\windows\system32\tdc.ocx
2010-09-01 05:41:46 160768 ----a-w- c:\windows\system32\msls31.dll
2010-09-01 04:23:49 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2010-09-01 02:34:52 2327552 ----a-w- c:\windows\system32\win32k.sys
2010-08-31 04:32:30 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-30 17:43:22 8136704 ---ha-w- c:\windows\system32\SecSigDB.BIN
2010-08-30 17:43:22 450000 ---ha-w- c:\windows\system32\NameDB.BIN
2010-08-27 05:46:48 168448 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 04:39:58 109056 ----a-w- c:\windows\system32\t2embed.dll
2010-08-25 20:20:00 15559228 ----a-w- c:\users\theluc~1\appdata\roaming\DVDneXtCOPY.neXt.Tech.V4.2.5.2.exe
2010-08-21 05:36:33 738816 ----a-w- c:\windows\system32\wmpmde.dll
2010-08-21 05:36:24 224256 ----a-w- c:\windows\system32\schannel.dll
2010-08-21 05:33:24 530432 ----a-w- c:\windows\system32\comctl32.dll
2010-08-21 05:32:37 316928 ----a-w- c:\windows\system32\spoolsv.exe
============= FINISH: 17:53:12.53 ===============