bigmm79
2011-05-31, 06:14
Browser hijacking - had answer.com toolbar, thought I removed it - doesn't show up in any list of programs. Anyway, both ie and firefox redirect to unwanted pages upon start-up, won't go to set homepage.
Here is DDS log - Thanks!
.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Run by Matt at 21:07:06 on 2011-05-30
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3838.2295 [GMT -6:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Norton Security Suite *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
FW: Norton Security Suite *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Program Files (x86)\Jetico\BCWipe\BCWipeSvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\DAODx.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\ASUS\EPU\EPU.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\ProgramData\Norton\NUA.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\SysWOW64\DeltaIITray.exe
C:\PROGRA~2\Jetico\BCWipe\BCResident.exe
C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Matt\Downloads\dds.scr
C:\Windows\SysWOW64\WSCRIPT.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.ask.com/?l=dis&o=101912
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll
uRun: [NortonUpdateAgent] C:\ProgramData\Norton\NUA.exe
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
mRun: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X4\Programs\QFSCHD140.EXE"
mRun: [Conime] %windir%\system32\conime.exe
mRun: [BCWipeTM Startup] "C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe" startup
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [M-Audio Taskbar Icon] C:\Windows\system32\DeltaIITray.exe
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X4\Programs\WPLauncher.hta
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
mRun-x64: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
mRun-x64: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\ulsqagmq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.drugereport.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&q=
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\ulsqagmq.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0403000.005\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0403000.005\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110518.001\BHDrvx64.sys [2011-5-18 1127032]
R1 ccHP;Symantec Hash Provider;C:\Windows\system32\drivers\N360x64\0403000.005\ccHPx64.sys --> C:\Windows\system32\drivers\N360x64\0403000.005\ccHPx64.sys [?]
R1 fsh;fsh;C:\Windows\system32\drivers\fsh.sys --> C:\Windows\system32\drivers\fsh.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110527.001\IDSviA64.sys [2011-5-30 476792]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0403000.005\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0403000.005\Ironx64.SYS [?]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\system32\Drivers\N360x64\0403000.005\SYMTDIV.SYS --> C:\Windows\system32\Drivers\N360x64\0403000.005\SYMTDIV.SYS [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-3-17 90112]
R2 BCWipeSvc;BCWipe service;C:\Program Files (x86)\Jetico\BCWipe\BCWipeSvc.exe [2009-12-8 95544]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe [2010-2-11 300400]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-3-1 373640]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2010-9-17 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe [2010-12-18 126392]
R3 DELTAII;Service for M-Audio Delta Driver (WDM);C:\Windows\system32\DRIVERS\MAudioDelta.sys --> C:\Windows\system32\DRIVERS\MAudioDelta.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-5-9 136824]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-5-25 2151128]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
S3 LeapFrog-USBLAN;LeapFrog-USBLAN;C:\Windows\system32\DRIVERS\btblan.sys --> C:\Windows\system32\DRIVERS\btblan.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 BCSWAP;BCSWAP;C:\Windows\system32\drivers\BCSWAP.sys --> C:\Windows\system32\drivers\BCSWAP.sys [?]
.
=============== Created Last 30 ================
.
2011-05-31 03:03:11 -------- d-----w- C:\Program Files\CCleaner
2011-05-31 02:46:03 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-05-31 02:46:03 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-05-31 02:40:38 16432 ----a-w- C:\Windows\System32\lsdelete.exe
2011-05-31 00:42:50 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2011-05-31 00:35:01 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys
2011-05-31 00:34:43 -------- d-----w- C:\Program Files (x86)\Lavasoft
2011-05-31 00:26:36 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60F1A16D-BA8D-4A5A-BAC1-82E61C0884BA}\mpengine.dll
2011-05-26 04:16:40 -------- d-----w- C:\Users\Matt\AppData\Local\Nero_AG
2011-05-26 04:16:14 -------- d-----w- C:\Users\Matt\AppData\Local\Nero
2011-05-26 04:14:16 -------- d-----w- C:\ProgramData\Nero
2011-05-26 03:11:21 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll
2011-05-26 03:11:00 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll
2011-05-26 03:10:39 3727720 ----a-w- C:\Windows\SysWow64\d3dx9_35.dll
2011-05-26 03:10:18 3497832 ----a-w- C:\Windows\SysWow64\d3dx9_34.dll
2011-05-26 02:54:49 -------- d-----w- C:\Program Files (x86)\DVD Shrink
2011-05-26 02:32:05 -------- d-----w- C:\Program Files (x86)\UltraISO
2011-05-26 02:32:05 -------- d-----w- C:\Program Files (x86)\Common Files\EZB Systems
2011-05-25 01:47:29 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-05-25 01:47:22 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-05-25 01:47:22 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-05-20 00:08:32 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-18 02:13:24 0 ---ha-w- C:\Users\Matt\AppData\Local\BIT79E3.tmp
2011-05-13 00:15:02 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-13 00:14:58 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-13 00:14:58 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-10 01:46:56 14336 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys
2011-05-10 01:45:45 -------- d-----w- C:\Program Files\Microsoft IntelliPoint
2011-05-10 01:43:38 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-05-10 01:43:38 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-05-04 02:02:52 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-05-04 02:02:51 89048 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2011-05-04 02:02:51 781272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-05-04 02:02:51 465880 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
2011-05-04 02:02:51 1974616 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-05-04 02:02:51 1892184 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-05-04 02:02:51 1874904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-05-04 02:02:51 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
2011-05-01 21:45:06 -------- d-----w- C:\LEBOWSKI
2011-05-01 21:44:37 -------- d-----w- C:\Program Files (x86)\DVD Decrypter
2011-05-01 21:35:44 611840 ----a-w- C:\Windows\SysWow64\DVD43.dll
2011-05-01 21:35:44 -------- d-----w- C:\Program Files (x86)\DVD43 Plug-in
2011-05-01 21:28:31 -------- d-----w- C:\Users\Matt\AppData\Local\HandBrake
2011-05-01 21:28:27 -------- d-----w- C:\Users\Matt\AppData\Roaming\HandBrake
.
==================== Find3M ====================
.
2011-04-13 21:04:38 45432 ----a-w- C:\Windows\System32\drivers\point64.sys
2011-04-13 21:04:38 1721576 ----a-w- C:\Windows\System32\wdfcoinstaller01009.dll
2011-04-09 05:00:28 464896 ----a-w- C:\Windows\System32\ipcoin815.dll
2011-04-08 16:21:30 848 --sha-w- C:\ProgramData\KGyGaAvL.sys
2011-04-06 22:26:58 96544 ----a-w- C:\Windows\System32\dnssd.dll
2011-04-06 22:26:58 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2011-04-06 22:20:16 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-04-06 22:20:16 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-03-12 12:03:46 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-03-12 11:31:58 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-03-11 06:23:13 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-03-11 06:23:06 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-03-11 06:23:06 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-03-11 06:23:06 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-03-11 06:23:00 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-03-11 06:22:41 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-03-11 06:22:40 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-11 06:18:20 2566144 ----a-w- C:\Windows\System32\esent.dll
2011-03-11 06:15:54 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-11 05:39:35 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2011-03-11 05:37:34 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-03-04 06:17:25 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17:24 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58:32 3133440 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 21:07:27.70 ===============
Here is DDS log - Thanks!
.
DDS (Ver_11-05-19.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Run by Matt at 21:07:06 on 2011-05-30
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3838.2295 [GMT -6:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: Norton Security Suite *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
FW: Norton Security Suite *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Program Files (x86)\Jetico\BCWipe\BCWipeSvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\DAODx.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\ASUS\EPU\EPU.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\ProgramData\Norton\NUA.exe
C:\Program Files\ASUS\TurboV\TurboV.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\SysWOW64\DeltaIITray.exe
C:\PROGRA~2\Jetico\BCWipe\BCResident.exe
C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Matt\Downloads\dds.scr
C:\Windows\SysWOW64\WSCRIPT.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.ask.com/?l=dis&o=101912
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\coIEPlg.dll
uRun: [NortonUpdateAgent] C:\ProgramData\Norton\NUA.exe
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [TurboV] "C:\Program Files\ASUS\TurboV\TurboV.exe"
mRun: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X4\Programs\QFSCHD140.EXE"
mRun: [Conime] %windir%\system32\conime.exe
mRun: [BCWipeTM Startup] "C:\Program Files (x86)\Jetico\BCWipe\BCWipeTM.exe" startup
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [M-Audio Taskbar Icon] C:\Windows\system32\DeltaIITray.exe
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X4\Programs\WPLauncher.hta
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
mRun-x64: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
mRun-x64: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\ulsqagmq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.drugereport.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&q=
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Matt\AppData\Roaming\Mozilla\Firefox\Profiles\ulsqagmq.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0403000.005\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0403000.005\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0403000.005\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20110518.001\BHDrvx64.sys [2011-5-18 1127032]
R1 ccHP;Symantec Hash Provider;C:\Windows\system32\drivers\N360x64\0403000.005\ccHPx64.sys --> C:\Windows\system32\drivers\N360x64\0403000.005\ccHPx64.sys [?]
R1 fsh;fsh;C:\Windows\system32\drivers\fsh.sys --> C:\Windows\system32\drivers\fsh.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20110527.001\IDSviA64.sys [2011-5-30 476792]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0403000.005\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0403000.005\Ironx64.SYS [?]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\system32\Drivers\N360x64\0403000.005\SYMTDIV.SYS --> C:\Windows\system32\Drivers\N360x64\0403000.005\SYMTDIV.SYS [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2010-3-17 90112]
R2 BCWipeSvc;BCWipe service;C:\Program Files (x86)\Jetico\BCWipe\BCWipeSvc.exe [2009-12-8 95544]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\ekdiscovery.exe [2010-2-11 300400]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-3-1 373640]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2010-9-17 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\4.3.0.5\ccsvchst.exe [2010-12-18 126392]
R3 DELTAII;Service for M-Audio Delta Driver (WDM);C:\Windows\system32\DRIVERS\MAudioDelta.sys --> C:\Windows\system32\DRIVERS\MAudioDelta.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-5-9 136824]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-5-25 2151128]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 136176]
S3 LeapFrog-USBLAN;LeapFrog-USBLAN;C:\Windows\system32\DRIVERS\btblan.sys --> C:\Windows\system32\DRIVERS\btblan.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 BCSWAP;BCSWAP;C:\Windows\system32\drivers\BCSWAP.sys --> C:\Windows\system32\drivers\BCSWAP.sys [?]
.
=============== Created Last 30 ================
.
2011-05-31 03:03:11 -------- d-----w- C:\Program Files\CCleaner
2011-05-31 02:46:03 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-05-31 02:46:03 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-05-31 02:40:38 16432 ----a-w- C:\Windows\System32\lsdelete.exe
2011-05-31 00:42:50 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2011-05-31 00:35:01 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys
2011-05-31 00:34:43 -------- d-----w- C:\Program Files (x86)\Lavasoft
2011-05-31 00:26:36 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60F1A16D-BA8D-4A5A-BAC1-82E61C0884BA}\mpengine.dll
2011-05-26 04:16:40 -------- d-----w- C:\Users\Matt\AppData\Local\Nero_AG
2011-05-26 04:16:14 -------- d-----w- C:\Users\Matt\AppData\Local\Nero
2011-05-26 04:14:16 -------- d-----w- C:\ProgramData\Nero
2011-05-26 03:11:21 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll
2011-05-26 03:11:00 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll
2011-05-26 03:10:39 3727720 ----a-w- C:\Windows\SysWow64\d3dx9_35.dll
2011-05-26 03:10:18 3497832 ----a-w- C:\Windows\SysWow64\d3dx9_34.dll
2011-05-26 02:54:49 -------- d-----w- C:\Program Files (x86)\DVD Shrink
2011-05-26 02:32:05 -------- d-----w- C:\Program Files (x86)\UltraISO
2011-05-26 02:32:05 -------- d-----w- C:\Program Files (x86)\Common Files\EZB Systems
2011-05-25 01:47:29 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-05-25 01:47:22 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-05-25 01:47:22 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-05-20 00:08:32 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-18 02:13:24 0 ---ha-w- C:\Users\Matt\AppData\Local\BIT79E3.tmp
2011-05-13 00:15:02 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-13 00:14:58 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-13 00:14:58 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-10 01:46:56 14336 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys
2011-05-10 01:45:45 -------- d-----w- C:\Program Files\Microsoft IntelliPoint
2011-05-10 01:43:38 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-05-10 01:43:38 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-05-04 02:02:52 142296 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-05-04 02:02:51 89048 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2011-05-04 02:02:51 781272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-05-04 02:02:51 465880 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
2011-05-04 02:02:51 1974616 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-05-04 02:02:51 1892184 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-05-04 02:02:51 1874904 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-05-04 02:02:51 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
2011-05-01 21:45:06 -------- d-----w- C:\LEBOWSKI
2011-05-01 21:44:37 -------- d-----w- C:\Program Files (x86)\DVD Decrypter
2011-05-01 21:35:44 611840 ----a-w- C:\Windows\SysWow64\DVD43.dll
2011-05-01 21:35:44 -------- d-----w- C:\Program Files (x86)\DVD43 Plug-in
2011-05-01 21:28:31 -------- d-----w- C:\Users\Matt\AppData\Local\HandBrake
2011-05-01 21:28:27 -------- d-----w- C:\Users\Matt\AppData\Roaming\HandBrake
.
==================== Find3M ====================
.
2011-04-13 21:04:38 45432 ----a-w- C:\Windows\System32\drivers\point64.sys
2011-04-13 21:04:38 1721576 ----a-w- C:\Windows\System32\wdfcoinstaller01009.dll
2011-04-09 05:00:28 464896 ----a-w- C:\Windows\System32\ipcoin815.dll
2011-04-08 16:21:30 848 --sha-w- C:\ProgramData\KGyGaAvL.sys
2011-04-06 22:26:58 96544 ----a-w- C:\Windows\System32\dnssd.dll
2011-04-06 22:26:58 119584 ----a-w- C:\Windows\System32\dns-sd.exe
2011-04-06 22:20:16 91424 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-04-06 22:20:16 107808 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-03-12 12:03:46 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-03-12 11:31:58 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-03-11 06:23:13 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-03-11 06:23:06 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-03-11 06:23:06 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-03-11 06:23:06 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-03-11 06:23:00 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-03-11 06:22:41 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-03-11 06:22:40 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-11 06:18:20 2566144 ----a-w- C:\Windows\System32\esent.dll
2011-03-11 06:15:54 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-11 05:39:35 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2011-03-11 05:37:34 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-03-04 06:17:25 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17:24 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17:10 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-03-03 06:14:38 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-03-03 05:27:30 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58:32 3133440 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 21:07:27.70 ===============