gatrbeight
2011-02-11, 01:01
Please find the files created here. Original Post will be deleted.
DDS (Ver_10-12-12.02) - NTFSx86
Run by Mike at 18:53:04.73 on Thu 02/10/2011
Internet Explorer: 9.0.7930.16406
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2815.1138 [GMT -5:00]
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\agrsmsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\lxeaserv.exe
C:\Windows\system32\lxeacoms.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Common Files\Sonic Shared\CineTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Mike\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0409&m=et1810
mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0409&m=et1810
mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0409&m=et1810
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - c:\program files\lexmark printable web\bho.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: @c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [eRecoveryService]
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [lxeamon.exe] "c:\program files\lexmark s300-s400 series\lxeamon.exe"
mRun: [EzPrint] "c:\program files\lexmark s300-s400 series\ezprint.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\users\mike\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\users\mike\appdata\roaming\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\FINDFAST.EXE
StartupFolder: c:\users\mike\appdata\roaming\micros~1\windows\startm~1\programs\startup\office~1.lnk - c:\program files\microsoft office\office\OSA.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\sonicc~1.lnk - c:\program files\common files\sonic shared\CineTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
============= SERVICES / DRIVERS ===============
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]
R1 MpKsl424fa16c;MpKsl424fa16c;c:\programdata\microsoft\microsoft antimalware\definition updates\{30161c5f-96e2-4870-88c0-512734baa8cd}\MpKsl424fa16c.sys [2011-2-10 28752]
R2 ETService;Empowering Technology Service;c:\program files\emachines\emachines recovery management\service\ETService.exe [2009-4-29 24576]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe -service --> c:\windows\system32\lxeacoms.exe -service [?]
R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxeaserv.exe [2010-5-22 193192]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2010-11-11 206360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Norton Internet Security;Norton Internet Security;"c:\program files\norton internet security\engine\16.0.0.125\ccsvchst.exe" /s "norton internet security" /m "c:\program files\norton internet security\engine\16.0.0.125\dimaster.dll" /prefetch:1 --> c:\program files\norton internet security\engine\16.0.0.125\ccSvcHst.exe [?]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-2-6 1153368]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-2-8 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 OlCamudp;OLYMPUS Digital Camera;c:\windows\system32\drivers\olcamudp.sys [2009-11-1 10379]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
=============== Created Last 30 ================
2011-02-10 21:44:35 -------- d-----w- c:\program files\RegServe
2011-02-10 21:25:15 -------- d-----w- c:\users\mike\appdata\roaming\Safer Networking
2011-02-10 21:15:09 -------- d-----w- c:\program files\Safer Networking
2011-02-10 20:28:18 -------- d-----w- c:\progra~2\FrontLine Registry Cleaner
2011-02-10 20:28:12 -------- d-----w- c:\program files\Frontline Registry Cleaner
2011-02-10 20:19:43 28752 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{30161c5f-96e2-4870-88c0-512734baa8cd}\MpKsl424fa16c.sys
2011-02-10 20:19:31 5890896 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{30161c5f-96e2-4870-88c0-512734baa8cd}\mpengine.dll
2011-02-08 19:28:22 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-08 19:28:17 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-08 19:09:26 -------- d-----w- c:\windows\en
2011-02-08 19:07:42 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-02-08 19:05:37 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-02-08 19:03:31 -------- d-----w- c:\windows\PCHEALTH
2011-02-08 19:02:22 -------- d-----w- c:\program files\Microsoft
2011-02-08 19:02:17 -------- d-----w- c:\program files\MSN Toolbar
2011-02-08 19:02:05 -------- d-----w- c:\program files\Bing Bar Installer
2011-02-08 19:02:04 469256 ----a-w- c:\program files\common files\windows live\.cache\ab4a69861cbc7c207\InstallManager_WLE_WLE.exe
2011-02-08 19:01:58 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-02-08 19:01:58 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-08 19:01:57 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-08 19:01:51 15712 ----a-w- c:\program files\common files\windows live\.cache\a500ea461cbc7c206\MeshBetaRemover.exe
2011-02-08 19:01:47 94040 ----a-w- c:\program files\common files\windows live\.cache\a24e9b861cbc7c205\DSETUP.dll
2011-02-08 19:01:47 525656 ----a-w- c:\program files\common files\windows live\.cache\a24e9b861cbc7c205\DXSETUP.exe
2011-02-08 19:01:47 1691480 ----a-w- c:\program files\common files\windows live\.cache\a24e9b861cbc7c205\dsetup32.dll
2011-02-08 19:01:43 94040 ----a-w- c:\program files\common files\windows live\.cache\9f1e91461cbc7c204\DSETUP.dll
2011-02-08 19:01:43 525656 ----a-w- c:\program files\common files\windows live\.cache\9f1e91461cbc7c204\DXSETUP.exe
2011-02-08 19:01:43 1691480 ----a-w- c:\program files\common files\windows live\.cache\9f1e91461cbc7c204\dsetup32.dll
2011-02-08 19:01:04 -------- d-----w- c:\users\mike\appdata\local\Windows Live
2011-02-08 18:59:47 2381824 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-08 18:59:47 1448448 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-08 18:56:59 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-02-08 18:56:43 292352 ----a-w- c:\windows\system32\atmfd.dll
2011-02-08 18:56:42 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-08 18:13:59 94208 ----a-w- c:\program files\internet explorer\en\iediag.resources.dll
2011-02-08 18:12:32 -------- d-----w- c:\program files\Feedback Tool
2011-02-07 16:06:11 -------- d-----w- c:\users\mike\appdata\local\Threat Expert
2011-02-07 16:02:59 -------- d-----w- c:\program files\common files\PC Tools
2011-02-07 16:01:38 -------- d-----w- c:\progra~2\PC Tools
2011-02-06 19:23:38 -------- d-----w- c:\users\mike\appdata\local\Microsoft Corporation
2011-02-06 19:16:54 5890896 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-02-06 19:16:12 439632 ------w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{2099e4d1-2346-466a-ab73-bfc1be76e7f2}\gapaengine.dll
2011-02-06 19:10:19 -------- d-----w- c:\program files\Microsoft Security Client
2011-02-06 19:09:58 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2011-02-06 13:28:35 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-02-06 13:28:35 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2011-02-04 16:32:09 -------- d-----w- c:\program files\common files\AnswerWorks 5.0
2011-02-04 16:32:07 733184 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iKernel.dll
2011-02-04 16:32:07 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\ctor.dll
2011-02-04 16:32:07 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\DotNetInstaller.exe
2011-02-04 16:32:07 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iscript.dll
2011-02-04 16:32:07 172032 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iuser.dll
2011-02-04 16:32:06 303236 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\setup.dll
2011-02-04 16:32:06 180356 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iGdi.dll
2011-02-04 16:30:59 -------- d-----w- c:\users\mike\appdata\roaming\Intuit
2011-02-04 16:30:59 -------- d-----w- c:\program files\Quicken
2011-02-04 07:12:21 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{7846b0ca-faa4-4080-8c0e-aa9acd90f460}\mpengine.dll
2011-02-03 20:20:08 -------- d-----w- c:\users\mike\appdata\roaming\Malwarebytes
2011-02-03 20:20:00 -------- d-----w- c:\progra~2\Malwarebytes
2011-02-03 20:19:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-03 15:36:05 -------- d-----w- c:\users\mike\appdata\roaming\Tific
2011-02-03 15:25:08 -------- d-----w- c:\program files\Trend Micro
2011-01-30 20:35:06 -------- d-----w- c:\program files\HRBlock2010
2011-01-30 18:02:02 -------- d-----w- c:\users\mike\appdata\roaming\MozillaControl
2011-01-30 18:01:50 -------- d-----w- c:\progra~2\Wolters Kluwer
2011-01-30 18:01:11 -------- d-----w- c:\program files\H&R Block Business 2010
2011-01-30 17:49:17 -------- d-----w- c:\users\mike\appdata\local\Intuit_Inc
2011-01-12 03:47:18 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2011-01-12 03:47:18 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2011-01-12 03:47:18 413696 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 03:47:18 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2011-01-12 03:47:18 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2011-01-12 03:47:18 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2011-01-12 03:47:16 1169408 ----a-w- c:\windows\system32\sdclt.exe
==================== Find3M ====================
2011-01-20 16:08:16 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08:06 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08:06 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:08:06 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08:06 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:07:58 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07:42 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04:54 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 14:28:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27:50 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26:30 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24:32 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24:26 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15:10 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12:46 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47:51 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:44:05 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-01-20 13:44:03 797184 ----a-w- c:\windows\system32\FntCache.dll
2010-12-31 13:57:01 2039808 ----a-w- c:\windows\system32\win32k.sys
============= FINISH: 18:53:42.65 ===============
DDS (Ver_10-12-12.02) - NTFSx86
Run by Mike at 18:53:04.73 on Thu 02/10/2011
Internet Explorer: 9.0.7930.16406
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2815.1138 [GMT -5:00]
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\agrsmsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
C:\Program Files\Lexmark S300-S400 Series\lxeamon.exe
C:\Program Files\Lexmark S300-S400 Series\ezprint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\lxeaserv.exe
C:\Windows\system32\lxeacoms.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files\Common Files\Sonic Shared\CineTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Mike\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0409&m=et1810
mStart Page = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0409&m=et1810
mDefault_Page_URL = hxxp://homepage.emachines.com/rdr.aspx?b=ACEW&l=0409&s=1&o=vp32&d=0409&m=et1810
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - c:\program files\lexmark printable web\bho.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: @c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2322.0\npwinext.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [eRecoveryService]
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [lxeamon.exe] "c:\program files\lexmark s300-s400 series\lxeamon.exe"
mRun: [EzPrint] "c:\program files\lexmark s300-s400 series\ezprint.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
StartupFolder: c:\users\mike\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\users\mike\appdata\roaming\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\FINDFAST.EXE
StartupFolder: c:\users\mike\appdata\roaming\micros~1\windows\startm~1\programs\startup\office~1.lnk - c:\program files\microsoft office\office\OSA.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\sonicc~1.lnk - c:\program files\common files\sonic shared\CineTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
============= SERVICES / DRIVERS ===============
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]
R1 MpKsl424fa16c;MpKsl424fa16c;c:\programdata\microsoft\microsoft antimalware\definition updates\{30161c5f-96e2-4870-88c0-512734baa8cd}\MpKsl424fa16c.sys [2011-2-10 28752]
R2 ETService;Empowering Technology Service;c:\program files\emachines\emachines recovery management\service\ETService.exe [2009-4-29 24576]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe -service --> c:\windows\system32\lxeacoms.exe -service [?]
R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxeaserv.exe [2010-5-22 193192]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2010-11-11 206360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Norton Internet Security;Norton Internet Security;"c:\program files\norton internet security\engine\16.0.0.125\ccsvchst.exe" /s "norton internet security" /m "c:\program files\norton internet security\engine\16.0.0.125\dimaster.dll" /prefetch:1 --> c:\program files\norton internet security\engine\16.0.0.125\ccSvcHst.exe [?]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-2-6 1153368]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2011-2-8 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 OlCamudp;OLYMPUS Digital Camera;c:\windows\system32\drivers\olcamudp.sys [2009-11-1 10379]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
=============== Created Last 30 ================
2011-02-10 21:44:35 -------- d-----w- c:\program files\RegServe
2011-02-10 21:25:15 -------- d-----w- c:\users\mike\appdata\roaming\Safer Networking
2011-02-10 21:15:09 -------- d-----w- c:\program files\Safer Networking
2011-02-10 20:28:18 -------- d-----w- c:\progra~2\FrontLine Registry Cleaner
2011-02-10 20:28:12 -------- d-----w- c:\program files\Frontline Registry Cleaner
2011-02-10 20:19:43 28752 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{30161c5f-96e2-4870-88c0-512734baa8cd}\MpKsl424fa16c.sys
2011-02-10 20:19:31 5890896 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{30161c5f-96e2-4870-88c0-512734baa8cd}\mpengine.dll
2011-02-08 19:28:22 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-08 19:28:17 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-08 19:09:26 -------- d-----w- c:\windows\en
2011-02-08 19:07:42 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-02-08 19:05:37 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-02-08 19:03:31 -------- d-----w- c:\windows\PCHEALTH
2011-02-08 19:02:22 -------- d-----w- c:\program files\Microsoft
2011-02-08 19:02:17 -------- d-----w- c:\program files\MSN Toolbar
2011-02-08 19:02:05 -------- d-----w- c:\program files\Bing Bar Installer
2011-02-08 19:02:04 469256 ----a-w- c:\program files\common files\windows live\.cache\ab4a69861cbc7c207\InstallManager_WLE_WLE.exe
2011-02-08 19:01:58 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-02-08 19:01:58 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-08 19:01:57 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-08 19:01:51 15712 ----a-w- c:\program files\common files\windows live\.cache\a500ea461cbc7c206\MeshBetaRemover.exe
2011-02-08 19:01:47 94040 ----a-w- c:\program files\common files\windows live\.cache\a24e9b861cbc7c205\DSETUP.dll
2011-02-08 19:01:47 525656 ----a-w- c:\program files\common files\windows live\.cache\a24e9b861cbc7c205\DXSETUP.exe
2011-02-08 19:01:47 1691480 ----a-w- c:\program files\common files\windows live\.cache\a24e9b861cbc7c205\dsetup32.dll
2011-02-08 19:01:43 94040 ----a-w- c:\program files\common files\windows live\.cache\9f1e91461cbc7c204\DSETUP.dll
2011-02-08 19:01:43 525656 ----a-w- c:\program files\common files\windows live\.cache\9f1e91461cbc7c204\DXSETUP.exe
2011-02-08 19:01:43 1691480 ----a-w- c:\program files\common files\windows live\.cache\9f1e91461cbc7c204\dsetup32.dll
2011-02-08 19:01:04 -------- d-----w- c:\users\mike\appdata\local\Windows Live
2011-02-08 18:59:47 2381824 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-08 18:59:47 1448448 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-08 18:56:59 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-02-08 18:56:43 292352 ----a-w- c:\windows\system32\atmfd.dll
2011-02-08 18:56:42 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-02-08 18:13:59 94208 ----a-w- c:\program files\internet explorer\en\iediag.resources.dll
2011-02-08 18:12:32 -------- d-----w- c:\program files\Feedback Tool
2011-02-07 16:06:11 -------- d-----w- c:\users\mike\appdata\local\Threat Expert
2011-02-07 16:02:59 -------- d-----w- c:\program files\common files\PC Tools
2011-02-07 16:01:38 -------- d-----w- c:\progra~2\PC Tools
2011-02-06 19:23:38 -------- d-----w- c:\users\mike\appdata\local\Microsoft Corporation
2011-02-06 19:16:54 5890896 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2011-02-06 19:16:12 439632 ------w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{2099e4d1-2346-466a-ab73-bfc1be76e7f2}\gapaengine.dll
2011-02-06 19:10:19 -------- d-----w- c:\program files\Microsoft Security Client
2011-02-06 19:09:58 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2011-02-06 13:28:35 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-02-06 13:28:35 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2011-02-04 16:32:09 -------- d-----w- c:\program files\common files\AnswerWorks 5.0
2011-02-04 16:32:07 733184 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iKernel.dll
2011-02-04 16:32:07 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\ctor.dll
2011-02-04 16:32:07 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\DotNetInstaller.exe
2011-02-04 16:32:07 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iscript.dll
2011-02-04 16:32:07 172032 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iuser.dll
2011-02-04 16:32:06 303236 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\setup.dll
2011-02-04 16:32:06 180356 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iGdi.dll
2011-02-04 16:30:59 -------- d-----w- c:\users\mike\appdata\roaming\Intuit
2011-02-04 16:30:59 -------- d-----w- c:\program files\Quicken
2011-02-04 07:12:21 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{7846b0ca-faa4-4080-8c0e-aa9acd90f460}\mpengine.dll
2011-02-03 20:20:08 -------- d-----w- c:\users\mike\appdata\roaming\Malwarebytes
2011-02-03 20:20:00 -------- d-----w- c:\progra~2\Malwarebytes
2011-02-03 20:19:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-03 15:36:05 -------- d-----w- c:\users\mike\appdata\roaming\Tific
2011-02-03 15:25:08 -------- d-----w- c:\program files\Trend Micro
2011-01-30 20:35:06 -------- d-----w- c:\program files\HRBlock2010
2011-01-30 18:02:02 -------- d-----w- c:\users\mike\appdata\roaming\MozillaControl
2011-01-30 18:01:50 -------- d-----w- c:\progra~2\Wolters Kluwer
2011-01-30 18:01:11 -------- d-----w- c:\program files\H&R Block Business 2010
2011-01-30 17:49:17 -------- d-----w- c:\users\mike\appdata\local\Intuit_Inc
2011-01-12 03:47:18 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll
2011-01-12 03:47:18 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll
2011-01-12 03:47:18 413696 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 03:47:18 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll
2011-01-12 03:47:18 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll
2011-01-12 03:47:18 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll
2011-01-12 03:47:16 1169408 ----a-w- c:\windows\system32\sdclt.exe
==================== Find3M ====================
2011-01-20 16:08:16 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08:06 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08:06 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:08:06 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08:06 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:07:58 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07:42 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07:16 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06:38 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06:35 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04:54 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:04:54 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 14:28:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27:50 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26:30 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24:32 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-20 14:24:26 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15:10 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14:39 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14:03 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14:03 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12:46 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11:34 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47:51 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:44:05 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-01-20 13:44:03 797184 ----a-w- c:\windows\system32\FntCache.dll
2010-12-31 13:57:01 2039808 ----a-w- c:\windows\system32\win32k.sys
============= FINISH: 18:53:42.65 ===============