spikenla
2010-07-17, 17:07
Computer freezes before any scans can complete.
DDS (Ver_10-03-17.01) - NTFSX64
Run by Aaron at 9:05:08.37 on Sat 07/17/2010
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3934.2088 [GMT -5:00]
AV: Norton AntiVirus *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton AntiVirus *disabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
FW: Norton AntiVirus *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\TAMSvr.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\ThpSrv.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RAVCpl64.exe
C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
C:\Program Files\TrueSuite Access Manager\usbnotify.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TSS.exe
C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe
C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Aaron\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.toshibadirect.com/dpdstart
uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~2\common~1\symant~1\ids\IPSBHO.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~2\micros~2\office14\GROOVEEX.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files (x86)\java\jre1.6.0_06\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~2\micros~2\office14\URLREDIR.DLL
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [Google Update] "c:\users\aaron\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\DTLite.exe" -autorun
mRun: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
mRun: [NDSTray.exe] NDSTray.exe
mRun: [cfFncEnabler.exe] cfFncEnabler.exe
mRun: [ToshibaServiceStation] "c:\program files (x86)\toshiba\toshiba service station\TSS.exe" /hide
mRun: [PCMAgent] "c:\program files (x86)\cyberlink\powercinema for toshiba\PCMAgent.exe"
mRun: [CLMLServer] "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\CLMLSvc.exe"
mRun: [ccApp] "c:\program files (x86)\common files\symantec shared\ccApp.exe"
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [BCSSync] "c:\program files (x86)\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~2\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\micros~2\office14\ONBttnIE.dll/105
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files (x86)\java\jre1.6.0_06\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files (x86)\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files (x86)\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\common files\microsoft shared\office14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~2\micros~2\office14\GROOVEEX.DLL
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg64.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
mRun-x64: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun-x64: [Persistence] c:\windows\system32\igfxpers.exe
mRun-x64: [RtHDVCpl] RAVCpl64.exe
mRun-x64: [Skytel] Skytel.exe
mRun-x64: [FingerPrintNotifer] "c:\program files\truesuite access manager\FpNotifier.exe"
mRun-x64: [UsbMonitor] "c:\program files\truesuite access manager\usbnotify.exe"
mRun-x64: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun-x64: [ThpSrv] c:\windows\system32\thpsrv /logon
mRun-x64: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun-x64: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun-x64: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun-x64: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
============= SERVICES / DRIVERS ===============
R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [2008-1-12 33400]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [2007-9-4 14872]
R0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\drivers\tos_sps64.sys [2010-5-26 504912]
R1 IDSvia64;Symantec Intrusion Prevention Driver;c:\progra~3\symantec\defini~1\symcdata\ipsdefs\20100604.001\IDSvia64.sys [2010-6-8 396336]
R2 Authentec memory manager;Authentec memory manager service;c:\windows\system32\TAMSvr.exe [2010-5-26 48128]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\toshiba\configfree\CFProcSRVC.exe [2008-6-27 36864]
R2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\toshiba\configfree\CFSvcs.exe [2008-7-10 40960]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files (x86)\common files\symantec shared\CCSVCHST.EXE [2008-2-6 149352]
R2 OpenLibSys;OpenLibSys;c:\program files (x86)\nxp\fm radio\OpenLibSysX64.sys [2010-5-26 14544]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2010-7-5 1153368]
R2 TMachInfo;TMachInfo;c:\program files (x86)\toshiba\toshiba service station\TMachInfo.exe [2008-9-9 46392]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2008-7-17 139776]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-9-9 8704]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-30 126976]
R3 NETw5v64;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit ;c:\windows\system32\drivers\NETw5v64.sys [2008-4-28 4730368]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-8-25 89600]
R3 Symantec Core LC;Symantec Core LC;c:\progra~2\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-9-9 1245064]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 47664]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2010-4-19 50688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-7-14 135664]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2010-5-26 25424]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2008-1-20 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework64\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2010-5-28 93184]
S4 KR10I64;KR10I64;c:\windows\system32\drivers\KR10I64.sys [2008-9-9 248320]
S4 KR10N64;KR10N64;c:\windows\system32\drivers\KR10N64.sys [2008-9-9 237568]
=============== Created Last 30 ================
2010-07-06 04:18:04 0 d-sh--w- C:\found.000
2010-07-05 21:14:04 0 d-----w- c:\programdata\Spybot - Search & Destroy
2010-07-05 21:14:04 0 d-----w- c:\program files (x86)\Spybot - Search & Destroy
2010-07-04 15:38:36 65536 --sha-w- c:\users\aaron\NTUSER.DAT{0a6c6c7e-8782-11df-be59-001e33a4850f}.TM.blf
2010-07-04 15:38:36 524288 --sha-w- c:\users\aaron\NTUSER.DAT{0a6c6c7e-8782-11df-be59-001e33a4850f}.TMContainer00000000000000000002.regtrans-ms
2010-07-04 15:38:36 524288 --sha-w- c:\users\aaron\NTUSER.DAT{0a6c6c7e-8782-11df-be59-001e33a4850f}.TMContainer00000000000000000001.regtrans-ms
2010-07-01 21:25:41 252 ----a-w- c:\users\aaron\SyncDocs.conf
2010-06-27 23:54:35 0 d-----w- c:\programdata\WinZip
2010-06-27 23:52:00 0 d-----w- c:\program files\7-Zip
2010-06-27 23:19:08 517960 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-06-27 23:19:08 515416 ----a-w- c:\windows\syswow64\XAudio2_5.dll
2010-06-27 23:19:06 238936 ----a-w- c:\windows\syswow64\xactengine3_5.dll
2010-06-27 23:19:06 176968 ----a-w- c:\windows\system32\xactengine3_5.dll
2010-06-27 23:19:05 2582888 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-06-27 23:19:05 1974616 ----a-w- c:\windows\syswow64\D3DCompiler_42.dll
2010-06-27 23:19:03 5554512 ----a-w- c:\windows\system32\d3dcsx_42.dll
2010-06-27 23:19:03 5501792 ----a-w- c:\windows\syswow64\d3dcsx_42.dll
2010-06-27 23:19:01 285024 ----a-w- c:\windows\system32\d3dx11_42.dll
2010-06-27 23:19:01 235344 ----a-w- c:\windows\syswow64\d3dx11_42.dll
2010-06-27 23:19:00 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-06-27 23:19:00 453456 ----a-w- c:\windows\syswow64\d3dx10_42.dll
2010-06-27 23:17:59 2332368 ----a-w- c:\windows\syswow64\d3dx9_29.dll
2010-06-27 23:17:58 2323664 ----a-w- c:\windows\syswow64\d3dx9_28.dll
2010-06-27 23:17:58 2319568 ----a-w- c:\windows\syswow64\d3dx9_27.dll
2010-06-27 23:17:56 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2010-06-27 23:17:56 2297552 ----a-w- c:\windows\syswow64\d3dx9_26.dll
2010-06-27 23:17:55 2337488 ----a-w- c:\windows\syswow64\d3dx9_25.dll
2010-06-27 23:17:53 2222800 ----a-w- c:\windows\syswow64\d3dx9_24.dll
2010-06-27 22:43:20 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-27 22:43:10 0 d-----w- c:\program files (x86)\DAEMON Tools Lite
2010-06-27 22:40:07 0 d-----w- c:\users\aaron\appdata\roaming\DAEMON Tools Lite
2010-06-27 22:40:04 0 d-----w- c:\programdata\DAEMON Tools Lite
2010-06-24 21:03:27 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-06-24 21:03:27 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2010-06-24 21:03:27 107368 ----a-w- c:\windows\syswow64\GEARAspi.dll
2010-06-24 21:02:51 0 d-----w- c:\program files\iPod
2010-06-24 21:02:41 0 d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2010-06-24 21:02:41 0 d-----w- c:\program files\iTunes
2010-06-24 21:02:41 0 d-----w- c:\program files (x86)\iTunes
2010-06-24 21:01:35 0 d-----w- c:\programdata\Apple Computer
2010-06-24 20:59:41 0 d-----w- c:\program files\common files\Apple
2010-06-24 20:59:25 0 d-----w- c:\program files\Bonjour
2010-06-24 20:59:25 0 d-----w- c:\program files (x86)\Bonjour
2010-06-24 20:59:17 0 d-----w- c:\programdata\Apple
2010-06-22 22:12:11 32256 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-22 22:12:11 28672 ----a-w- c:\windows\syswow64\Apphlpdm.dll
2010-06-22 22:12:10 4240384 ----a-w- c:\windows\syswow64\GameUXLegacyGDFs.dll
2010-06-22 22:12:10 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
==================== Find3M ====================
2010-06-24 21:01:01 86016 ----a-w- c:\windows\inf\infstor.dat
2010-06-24 21:01:01 51200 ----a-w- c:\windows\inf\infpub.dat
2010-06-24 21:01:01 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-06-16 20:51:17 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-06-16 00:12:17 99384 ----a-w- c:\users\aaron\appdata\roaming\inst.exe
2010-06-16 00:12:17 82816 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-06-16 00:12:17 82816 ----a-w- c:\users\aaron\appdata\roaming\pcouffin.sys
2010-05-30 03:01:32 855 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.INF
2010-05-30 03:01:32 172080 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2010-05-30 03:01:32 10655 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.CAT
2010-05-28 02:07:57 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-05-26 16:53:52 48128 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 16:16:50 34304 ----a-w- c:\windows\syswow64\atmlib.dll
2010-05-26 14:56:53 366080 ----a-w- c:\windows\system32\atmfd.dll
2010-05-26 14:25:15 289792 ----a-w- c:\windows\syswow64\atmfd.dll
2010-05-26 10:56:12 6 --sh--r- c:\windows\system32\drivers\taishop.sys
2010-05-26 06:29:37 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2010-05-26 06:21:12 525792 ----a-w- c:\windows\DIFxAPI.dll
2010-05-26 06:21:09 319488 ----a-w- c:\windows\HideWin.exe
2010-05-21 19:14:28 270208 ------w- c:\windows\system32\MpSigStub.exe
2010-05-18 21:55:18 95520 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 21:55:18 69408 ----a-w- c:\windows\system32\jdns_sd.dll
2010-05-18 21:55:18 237856 ----a-w- c:\windows\system32\dnssdX.dll
2010-05-18 21:55:18 119584 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-18 21:35:16 91424 ----a-w- c:\windows\syswow64\dnssd.dll
2010-05-18 21:35:16 75040 ----a-w- c:\windows\syswow64\jdns_sd.dll
2010-05-18 21:35:16 197920 ----a-w- c:\windows\syswow64\dnssdX.dll
2010-05-18 21:35:16 107808 ----a-w- c:\windows\syswow64\dns-sd.exe
2010-05-04 19:18:31 1032704 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 19:12:17 86528 ----a-w- c:\windows\system32\ieencode.dll
2010-05-04 18:42:57 833024 ----a-w- c:\windows\syswow64\wininet.dll
2010-05-04 18:42:38 1174528 ----a-w- c:\windows\syswow64\urlmon.dll
2010-05-04 18:41:08 146432 ----a-w- c:\windows\syswow64\occache.dll
2010-05-04 18:39:56 671232 ----a-w- c:\windows\syswow64\mstime.dll
2010-05-04 18:39:32 476672 ----a-w- c:\windows\syswow64\mshtmled.dll
2010-05-04 18:39:32 3586048 ----a-w- c:\windows\syswow64\mshtml.dll
2010-05-04 18:39:31 458240 ----a-w- c:\windows\syswow64\msfeeds.dll
2010-05-04 18:38:18 28160 ----a-w- c:\windows\syswow64\jsproxy.dll
2010-05-04 18:37:46 6069248 ----a-w- c:\windows\syswow64\ieframe.dll
2010-05-04 18:37:46 270848 ----a-w- c:\windows\syswow64\iertutil.dll
2010-05-04 18:37:46 193024 ----a-w- c:\windows\syswow64\iepeers.dll
2010-05-04 18:37:45 78336 ----a-w- c:\windows\syswow64\ieencode.dll
2010-05-04 18:37:45 389120 ----a-w- c:\windows\syswow64\iedkcs32.dll
2010-05-04 18:37:45 380928 ----a-w- c:\windows\syswow64\ieapfltr.dll
2010-05-04 18:37:44 230400 ----a-w- c:\windows\syswow64\ieaksie.dll
2010-05-04 17:27:37 32768 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-04 16:53:56 26624 ----a-w- c:\windows\syswow64\ieUnatt.exe
2010-05-01 14:26:09 2749952 ----a-w- c:\windows\system32\win32k.sys
2010-04-23 14:24:29 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-23 13:55:52 2048 ----a-w- c:\windows\syswow64\tzres.dll
2010-04-20 01:47:42 3062048 ----a-w- c:\windows\system32\usbaaplrc.dll
2008-09-09 20:11:28 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 03:21:59 174 --sha-w- c:\program files\desktop.ini
2008-01-21 03:21:59 174 --sha-w- c:\program files (x86)\desktop.ini
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
============= FINISH: 9:05:46.07 ===============
DDS (Ver_10-03-17.01) - NTFSX64
Run by Aaron at 9:05:08.37 on Sat 07/17/2010
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3934.2088 [GMT -5:00]
AV: Norton AntiVirus *On-access scanning disabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton AntiVirus *disabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
FW: Norton AntiVirus *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\TAMSvr.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\ThpSrv.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RAVCpl64.exe
C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
C:\Program Files\TrueSuite Access Manager\usbnotify.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TSS.exe
C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe
C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\iTunes\iTunes.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Aaron\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.toshibadirect.com/dpdstart
uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~2\common~1\symant~1\ids\IPSBHO.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~2\micros~2\office14\GROOVEEX.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files (x86)\java\jre1.6.0_06\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.5126.1836\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~2\micros~2\office14\URLREDIR.DLL
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\TOSCDSPD.exe
uRun: [Google Update] "c:\users\aaron\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [DAEMON Tools Lite] "c:\program files (x86)\daemon tools lite\DTLite.exe" -autorun
mRun: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
mRun: [NDSTray.exe] NDSTray.exe
mRun: [cfFncEnabler.exe] cfFncEnabler.exe
mRun: [ToshibaServiceStation] "c:\program files (x86)\toshiba\toshiba service station\TSS.exe" /hide
mRun: [PCMAgent] "c:\program files (x86)\cyberlink\powercinema for toshiba\PCMAgent.exe"
mRun: [CLMLServer] "c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\clml\CLMLSvc.exe"
mRun: [ccApp] "c:\program files (x86)\common files\symantec shared\ccApp.exe"
mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [BCSSync] "c:\program files (x86)\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~2\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\micros~2\office14\ONBttnIE.dll/105
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - c:\program files (x86)\java\jre1.6.0_06\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files (x86)\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files (x86)\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\common files\microsoft shared\office14\MSOXMLMF.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~2\micros~2\office14\GROOVEEX.DLL
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg64.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\google toolbar\GoogleToolbar_64.dll
mRun-x64: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun-x64: [Persistence] c:\windows\system32\igfxpers.exe
mRun-x64: [RtHDVCpl] RAVCpl64.exe
mRun-x64: [Skytel] Skytel.exe
mRun-x64: [FingerPrintNotifer] "c:\program files\truesuite access manager\FpNotifier.exe"
mRun-x64: [UsbMonitor] "c:\program files\truesuite access manager\usbnotify.exe"
mRun-x64: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun-x64: [ThpSrv] c:\windows\system32\thpsrv /logon
mRun-x64: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
mRun-x64: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
mRun-x64: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
mRun-x64: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
============= SERVICES / DRIVERS ===============
R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\drivers\thpdrv.sys [2008-1-12 33400]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\drivers\Thpevm.sys [2007-9-4 14872]
R0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\drivers\tos_sps64.sys [2010-5-26 504912]
R1 IDSvia64;Symantec Intrusion Prevention Driver;c:\progra~3\symantec\defini~1\symcdata\ipsdefs\20100604.001\IDSvia64.sys [2010-6-8 396336]
R2 Authentec memory manager;Authentec memory manager service;c:\windows\system32\TAMSvr.exe [2010-5-26 48128]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\toshiba\configfree\CFProcSRVC.exe [2008-6-27 36864]
R2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\toshiba\configfree\CFSvcs.exe [2008-7-10 40960]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files (x86)\common files\symantec shared\CCSVCHST.EXE [2008-2-6 149352]
R2 OpenLibSys;OpenLibSys;c:\program files (x86)\nxp\fm radio\OpenLibSysX64.sys [2010-5-26 14544]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2010-7-5 1153368]
R2 TMachInfo;TMachInfo;c:\program files (x86)\toshiba\toshiba service station\TMachInfo.exe [2008-9-9 46392]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2008-7-17 139776]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-9-9 8704]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-30 126976]
R3 NETw5v64;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit ;c:\windows\system32\drivers\NETw5v64.sys [2008-4-28 4730368]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-8-25 89600]
R3 Symantec Core LC;Symantec Core LC;c:\progra~2\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-9-9 1245064]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 47664]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2010-4-19 50688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-7-14 135664]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2010-5-26 25424]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2008-1-20 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework64\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2010-5-28 93184]
S4 KR10I64;KR10I64;c:\windows\system32\drivers\KR10I64.sys [2008-9-9 248320]
S4 KR10N64;KR10N64;c:\windows\system32\drivers\KR10N64.sys [2008-9-9 237568]
=============== Created Last 30 ================
2010-07-06 04:18:04 0 d-sh--w- C:\found.000
2010-07-05 21:14:04 0 d-----w- c:\programdata\Spybot - Search & Destroy
2010-07-05 21:14:04 0 d-----w- c:\program files (x86)\Spybot - Search & Destroy
2010-07-04 15:38:36 65536 --sha-w- c:\users\aaron\NTUSER.DAT{0a6c6c7e-8782-11df-be59-001e33a4850f}.TM.blf
2010-07-04 15:38:36 524288 --sha-w- c:\users\aaron\NTUSER.DAT{0a6c6c7e-8782-11df-be59-001e33a4850f}.TMContainer00000000000000000002.regtrans-ms
2010-07-04 15:38:36 524288 --sha-w- c:\users\aaron\NTUSER.DAT{0a6c6c7e-8782-11df-be59-001e33a4850f}.TMContainer00000000000000000001.regtrans-ms
2010-07-01 21:25:41 252 ----a-w- c:\users\aaron\SyncDocs.conf
2010-06-27 23:54:35 0 d-----w- c:\programdata\WinZip
2010-06-27 23:52:00 0 d-----w- c:\program files\7-Zip
2010-06-27 23:19:08 517960 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-06-27 23:19:08 515416 ----a-w- c:\windows\syswow64\XAudio2_5.dll
2010-06-27 23:19:06 238936 ----a-w- c:\windows\syswow64\xactengine3_5.dll
2010-06-27 23:19:06 176968 ----a-w- c:\windows\system32\xactengine3_5.dll
2010-06-27 23:19:05 2582888 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-06-27 23:19:05 1974616 ----a-w- c:\windows\syswow64\D3DCompiler_42.dll
2010-06-27 23:19:03 5554512 ----a-w- c:\windows\system32\d3dcsx_42.dll
2010-06-27 23:19:03 5501792 ----a-w- c:\windows\syswow64\d3dcsx_42.dll
2010-06-27 23:19:01 285024 ----a-w- c:\windows\system32\d3dx11_42.dll
2010-06-27 23:19:01 235344 ----a-w- c:\windows\syswow64\d3dx11_42.dll
2010-06-27 23:19:00 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-06-27 23:19:00 453456 ----a-w- c:\windows\syswow64\d3dx10_42.dll
2010-06-27 23:17:59 2332368 ----a-w- c:\windows\syswow64\d3dx9_29.dll
2010-06-27 23:17:58 2323664 ----a-w- c:\windows\syswow64\d3dx9_28.dll
2010-06-27 23:17:58 2319568 ----a-w- c:\windows\syswow64\d3dx9_27.dll
2010-06-27 23:17:56 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
2010-06-27 23:17:56 2297552 ----a-w- c:\windows\syswow64\d3dx9_26.dll
2010-06-27 23:17:55 2337488 ----a-w- c:\windows\syswow64\d3dx9_25.dll
2010-06-27 23:17:53 2222800 ----a-w- c:\windows\syswow64\d3dx9_24.dll
2010-06-27 22:43:20 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-27 22:43:10 0 d-----w- c:\program files (x86)\DAEMON Tools Lite
2010-06-27 22:40:07 0 d-----w- c:\users\aaron\appdata\roaming\DAEMON Tools Lite
2010-06-27 22:40:04 0 d-----w- c:\programdata\DAEMON Tools Lite
2010-06-24 21:03:27 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-06-24 21:03:27 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2010-06-24 21:03:27 107368 ----a-w- c:\windows\syswow64\GEARAspi.dll
2010-06-24 21:02:51 0 d-----w- c:\program files\iPod
2010-06-24 21:02:41 0 d-----w- c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2010-06-24 21:02:41 0 d-----w- c:\program files\iTunes
2010-06-24 21:02:41 0 d-----w- c:\program files (x86)\iTunes
2010-06-24 21:01:35 0 d-----w- c:\programdata\Apple Computer
2010-06-24 20:59:41 0 d-----w- c:\program files\common files\Apple
2010-06-24 20:59:25 0 d-----w- c:\program files\Bonjour
2010-06-24 20:59:25 0 d-----w- c:\program files (x86)\Bonjour
2010-06-24 20:59:17 0 d-----w- c:\programdata\Apple
2010-06-22 22:12:11 32256 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-22 22:12:11 28672 ----a-w- c:\windows\syswow64\Apphlpdm.dll
2010-06-22 22:12:10 4240384 ----a-w- c:\windows\syswow64\GameUXLegacyGDFs.dll
2010-06-22 22:12:10 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
==================== Find3M ====================
2010-06-24 21:01:01 86016 ----a-w- c:\windows\inf\infstor.dat
2010-06-24 21:01:01 51200 ----a-w- c:\windows\inf\infpub.dat
2010-06-24 21:01:01 143360 ----a-w- c:\windows\inf\infstrng.dat
2010-06-16 20:51:17 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-06-16 00:12:17 99384 ----a-w- c:\users\aaron\appdata\roaming\inst.exe
2010-06-16 00:12:17 82816 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-06-16 00:12:17 82816 ----a-w- c:\users\aaron\appdata\roaming\pcouffin.sys
2010-05-30 03:01:32 855 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.INF
2010-05-30 03:01:32 172080 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2010-05-30 03:01:32 10655 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.CAT
2010-05-28 02:07:57 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-05-26 16:53:52 48128 ----a-w- c:\windows\system32\atmlib.dll
2010-05-26 16:16:50 34304 ----a-w- c:\windows\syswow64\atmlib.dll
2010-05-26 14:56:53 366080 ----a-w- c:\windows\system32\atmfd.dll
2010-05-26 14:25:15 289792 ----a-w- c:\windows\syswow64\atmfd.dll
2010-05-26 10:56:12 6 --sh--r- c:\windows\system32\drivers\taishop.sys
2010-05-26 06:29:37 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2010-05-26 06:21:12 525792 ----a-w- c:\windows\DIFxAPI.dll
2010-05-26 06:21:09 319488 ----a-w- c:\windows\HideWin.exe
2010-05-21 19:14:28 270208 ------w- c:\windows\system32\MpSigStub.exe
2010-05-18 21:55:18 95520 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 21:55:18 69408 ----a-w- c:\windows\system32\jdns_sd.dll
2010-05-18 21:55:18 237856 ----a-w- c:\windows\system32\dnssdX.dll
2010-05-18 21:55:18 119584 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-18 21:35:16 91424 ----a-w- c:\windows\syswow64\dnssd.dll
2010-05-18 21:35:16 75040 ----a-w- c:\windows\syswow64\jdns_sd.dll
2010-05-18 21:35:16 197920 ----a-w- c:\windows\syswow64\dnssdX.dll
2010-05-18 21:35:16 107808 ----a-w- c:\windows\syswow64\dns-sd.exe
2010-05-04 19:18:31 1032704 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 19:12:17 86528 ----a-w- c:\windows\system32\ieencode.dll
2010-05-04 18:42:57 833024 ----a-w- c:\windows\syswow64\wininet.dll
2010-05-04 18:42:38 1174528 ----a-w- c:\windows\syswow64\urlmon.dll
2010-05-04 18:41:08 146432 ----a-w- c:\windows\syswow64\occache.dll
2010-05-04 18:39:56 671232 ----a-w- c:\windows\syswow64\mstime.dll
2010-05-04 18:39:32 476672 ----a-w- c:\windows\syswow64\mshtmled.dll
2010-05-04 18:39:32 3586048 ----a-w- c:\windows\syswow64\mshtml.dll
2010-05-04 18:39:31 458240 ----a-w- c:\windows\syswow64\msfeeds.dll
2010-05-04 18:38:18 28160 ----a-w- c:\windows\syswow64\jsproxy.dll
2010-05-04 18:37:46 6069248 ----a-w- c:\windows\syswow64\ieframe.dll
2010-05-04 18:37:46 270848 ----a-w- c:\windows\syswow64\iertutil.dll
2010-05-04 18:37:46 193024 ----a-w- c:\windows\syswow64\iepeers.dll
2010-05-04 18:37:45 78336 ----a-w- c:\windows\syswow64\ieencode.dll
2010-05-04 18:37:45 389120 ----a-w- c:\windows\syswow64\iedkcs32.dll
2010-05-04 18:37:45 380928 ----a-w- c:\windows\syswow64\ieapfltr.dll
2010-05-04 18:37:44 230400 ----a-w- c:\windows\syswow64\ieaksie.dll
2010-05-04 17:27:37 32768 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-04 16:53:56 26624 ----a-w- c:\windows\syswow64\ieUnatt.exe
2010-05-01 14:26:09 2749952 ----a-w- c:\windows\system32\win32k.sys
2010-04-23 14:24:29 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-23 13:55:52 2048 ----a-w- c:\windows\syswow64\tzres.dll
2010-04-20 01:47:42 3062048 ----a-w- c:\windows\system32\usbaaplrc.dll
2008-09-09 20:11:28 665600 ----a-w- c:\windows\inf\drvindex.dat
2008-01-21 03:21:59 174 --sha-w- c:\program files\desktop.ini
2008-01-21 03:21:59 174 --sha-w- c:\program files (x86)\desktop.ini
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 15:14:56 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 15:14:56 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
============= FINISH: 9:05:46.07 ===============