Please!!!!!!!!!:angry::smile::smile::smile:
DDS (Ver_2012-10-19.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421
Run by Dorian at 22:18:00 on 2012-11-01
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3836.1348 [GMT -4:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Dell\OSD\DellOSDservice.exe
C:\Windows\system32\dleacoms.exe
C:\Program Files\Dell\OSD\DellOSD.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\System32\StikyNot.exe
C:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
-netsvcs
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Users\Dorian\AppData\Local\Temp\_iu14D2N.tmp
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\osk.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ips\ipsbho.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coieplg.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coieplg.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [AdobeBridge] <no file>
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [UCam_Menu] "C:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Dell\Dell TouchCam" UpdateWithCreateOnce "Software\CyberLink\Dell TouchCam\1.1"
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [FAStartup] <no file>
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{550A807D-E2D3-4077-9E89-1A3919BF5D21} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{7B45497D-9677-4742-B7B9-25A4DE468954} : DHCPNameServer = 192.168.0.1
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
x64-Run: [RunDLLEntry_THXCfg] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [RunDLLEntry_EptMon] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\EptMon64.dll,RunDLLEntry EptMon64
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dorian\AppData\Roaming\Mozilla\Firefox\Profiles\0olkcr3p.default\
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - ExtSQL: 2012-10-14 03:15; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn
FF - ExtSQL: 2012-10-14 03:15; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn
FF - ExtSQL: 2012-10-21 23:03; firebug@software.joehewitt.com; C:\Users\Dorian\AppData\Roaming\Mozilla\Firefox\Profiles\0olkcr3p.default\extensions\firebug@software.joehewitt.com.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-12-8 55280]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\0604000.009\symds64.sys [2012-10-14 451192]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0604000.009\symefa64.sys [2012-10-14 1129120]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121005.002\BHDrvx64.sys [2012-10-5 1385632]
R1 ccSet_N360;Norton Security Suite Settings Manager;C:\Windows\System32\drivers\N360x64\0604000.009\ccsetx64.sys [2012-10-14 167072]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121101.002\IDSviA64.sys [2012-11-1 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\0604000.009\ironx64.sys [2012-10-14 190072]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\0604000.009\symnets.sys [2012-10-14 405624]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-29 203264]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 DellOSDservice;DellOSDservice;C:\Program Files\Dell\OSD\DellOSDservice.exe [2010-7-5 7168]
R2 dlea_device;dlea_device;C:\Windows\System32\dleacoms.exe -service --> C:\Windows\System32\dleacoms.exe -service [?]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccsvchst.exe [2012-10-14 138272]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-8 689472]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-10-29 6858240]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-10-29 264192]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2010-10-29 20984]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-10-29 344680]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2009-12-2 721768]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2009-12-2 269672]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2009-12-2 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2009-12-2 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-2 209768]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-14 250808]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-24 238848]
S3 nuviocir;Nuvoton W836x7HG CIR Device Driver;C:\Windows\System32\drivers\nuviocir_win7_x64.sys [2010-12-8 33792]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-15 1255736]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-11-02 01:35:41 -------- d-----w- C:\Users\Dorian\AppData\Local\ElevatedDiagnostics
2012-11-02 01:22:54 20480 ----a-w- C:\Windows\svchost.exe
2012-10-26 03:30:18 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-10-26 03:29:48 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2012-10-25 23:58:01 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2012-10-25 20:24:00 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-10-25 20:24:00 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-10-25 20:24:00 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-10-25 20:24:00 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-10-25 20:24:00 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-10-25 20:24:00 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-10-25 20:24:00 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-10-25 20:22:22 -------- d-----w- C:\Users\Dorian\AppData\Local\Apple
2012-10-24 03:08:16 -------- d-----w- C:\Users\Dorian\AppData\Local\CrashDumps
2012-10-18 00:05:19 -------- d-----w- C:\Users\Dorian\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-10-15 21:53:07 99328 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2012-10-15 21:53:07 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2012-10-15 21:53:07 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2012-10-15 21:53:07 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2012-10-15 21:53:07 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
2012-10-15 21:53:07 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2012-10-15 21:53:07 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-10-15 21:52:56 96768 ----a-w- C:\Windows\System32\fsutil.exe
2012-10-15 21:52:56 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2012-10-15 21:52:56 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2012-10-15 21:52:56 2566144 ----a-w- C:\Windows\System32\esent.dll
2012-10-15 21:52:56 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-10-15 21:52:56 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2012-10-15 21:52:56 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2012-10-15 21:52:56 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2012-10-15 15:14:47 -------- d-----w- C:\Users\Dorian\AppData\Roaming\Malwarebytes
2012-10-15 15:14:31 -------- d-----w- C:\ProgramData\Malwarebytes
2012-10-15 08:36:07 -------- d-----w- C:\Windows\SysWow64\Wat
2012-10-15 08:36:07 -------- d-----w- C:\Windows\System32\Wat
2012-10-15 08:07:19 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2012-10-15 08:07:18 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2012-10-15 07:23:19 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2012-10-15 07:23:19 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2012-10-15 07:23:19 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2012-10-15 07:23:19 444752 ----a-w- C:\Windows\System32\mscoree.dll
2012-10-15 07:23:19 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2012-10-15 07:23:19 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2012-10-15 07:23:19 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2012-10-15 07:23:19 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2012-10-15 07:23:19 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2012-10-15 07:23:19 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2012-10-15 07:05:25 80896 ----a-w- C:\Windows\System32\imagehlp.dll
2012-10-15 07:05:25 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-10-15 07:05:25 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-10-15 07:05:24 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-10-15 07:05:24 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-10-15 03:41:07 -------- d-----w- C:\Users\Dorian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-10-15 03:26:08 -------- d-----w- C:\Users\Dorian\AppData\Roaming\PDAppFlex
2012-10-15 03:03:24 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2012-10-15 01:37:11 -------- d-----w- C:\Users\Dorian\.unlimitedftp
2012-10-15 01:18:45 -------- d-----w- C:\Users\Dorian\AppData\Local\Adobe
2012-10-15 00:23:46 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2012-10-15 00:23:46 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2012-10-15 00:23:46 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2012-10-15 00:23:45 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2012-10-15 00:23:45 31232 ----a-w- C:\Windows\System32\prevhost.exe
2012-10-14 22:14:55 -------- d-----w- C:\ProgramData\VirtualizedApplications
2012-10-14 20:04:31 -------- d-----w- C:\Users\Dorian\AppData\Local\SoftGrid Client
2012-10-14 20:04:29 -------- d-----w- C:\Users\Dorian\AppData\Roaming\SoftGrid Client
2012-10-14 20:02:56 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-10-14 20:02:38 -------- d-----w- C:\Users\Dorian\AppData\Roaming\TP
2012-10-14 08:02:12 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-10-14 08:02:12 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-10-14 08:02:11 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-10-14 08:02:11 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-10-14 08:02:02 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-10-14 08:02:02 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-10-14 08:00:51 442880 ----a-w- C:\Windows\System32\winhttp.dll
2012-10-14 07:59:42 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-10-14 07:58:59 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2012-10-14 07:57:59 59904 ----a-w- C:\Windows\SysWow64\MSDvbNP.ax
2012-10-14 07:56:40 634368 ----a-w- C:\Windows\System32\msvcrt.dll
2012-10-14 07:55:32 182272 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-10-14 07:55:32 1462784 ----a-w- C:\Windows\System32\crypt32.dll
2012-10-14 07:55:32 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-10-14 07:55:32 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-10-14 07:55:32 1157632 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-10-14 07:55:32 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-10-14 07:55:00 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-14 07:54:58 1739160 ----a-w- C:\Windows\System32\ntdll.dll
2012-10-14 07:54:58 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-10-14 07:31:35 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-10-14 07:29:41 405624 ----a-r- C:\Windows\System32\drivers\N360x64\0604000.009\symnets.sys
2012-10-14 07:29:40 451192 ----a-r- C:\Windows\System32\drivers\N360x64\0604000.009\symds64.sys
2012-10-14 07:29:40 37536 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\srtspx64.sys
2012-10-14 07:29:40 1129120 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\symefa64.sys
2012-10-14 07:29:39 737952 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\srtsp64.sys
2012-10-14 07:29:39 190072 ----a-r- C:\Windows\System32\drivers\N360x64\0604000.009\ironx64.sys
2012-10-14 07:29:39 167072 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\ccsetx64.sys
2012-10-14 07:29:19 -------- d-----w- C:\Windows\System32\drivers\N360x64\0604000.009
2012-10-14 07:22:42 77312 ----a-w- C:\Windows\System32\packager.dll
2012-10-14 07:22:42 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-10-14 07:14:29 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-10-14 07:14:29 -------- d-----w- C:\Program Files\Symantec
2012-10-14 07:14:29 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2012-10-14 07:13:44 -------- d-----w- C:\Windows\System32\drivers\N360x64
2012-10-14 07:13:42 -------- d-----w- C:\Program Files (x86)\Norton Security Suite
2012-10-14 06:54:44 -------- d-----w- C:\ProgramData\NortonInstaller
2012-10-14 06:54:44 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2012-10-14 06:10:38 -------- d-----w- C:\Emergency
2012-10-14 05:54:11 -------- d-----w- C:\Windows\SMINST
2012-10-14 05:11:02 -------- d-----w- C:\ProgramData\Norton
2012-10-14 04:50:40 -------- d-----w- C:\Users\Dorian\AppData\Local\Macromedia
2012-10-14 04:50:24 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-14 04:50:24 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-14 04:47:28 -------- d-----w- C:\Users\Dorian\AppData\Local\Mozilla
2012-10-14 04:47:24 -------- d-----w- C:\ProgramData\dl_Cats
2012-10-14 04:47:03 189440 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\dleadrpp.dll
2012-10-14 04:46:05 -------- d-----w- C:\Program Files\Dell V310-V510 Series
2012-10-14 04:40:43 -------- d-----w- C:\Users\Dorian\AppData\Roaming\Fingertapps
2012-10-14 04:38:55 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-10-14 04:38:54 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-10-14 04:38:54 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-10-14 04:34:08 -------- d-----w- C:\Users\Dorian\AppData\Local\Dell
2012-10-14 04:32:36 -------- d-----w- C:\Users\Dorian\AppData\Roaming\Dell
2012-10-14 04:32:30 -------- d-----w- C:\Users\Dorian\AppData\Local\DataSafeOnline
2012-10-14 04:32:28 -------- d-----w- C:\Users\Dorian\AppData\Local\SupportSoft
2012-10-14 04:32:28 -------- d-----w- C:\Users\Dorian\AppData\Local\ATI
2012-10-14 04:32:22 -------- d-----w- C:\Users\Dorian\AppData\Roaming\Dell Touch Zone
2012-10-14 04:31:23 -------- d-sh--w- C:\$RECYCLE.BIN
2012-10-14 04:31:20 -------- d-----w- C:\Users\Dorian\AppData\Local\VirtualStore
2012-10-14 04:29:09 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-10-14 04:28:57 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-10-14 04:27:48 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-10-14 04:27:48 186752 ----a-w- C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-10-26 03:29:31 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-08-31 18:02:20 1656688 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-18 15:43:05 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-08-18 15:43:05 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-08-18 15:43:05 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-08-18 15:42:31 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-08-18 15:40:26 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-08-18 15:37:49 425984 ----a-w- C:\Windows\System32\KernelBase.dll
2012-08-18 15:34:13 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-08-18 11:22:55 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-08-18 11:19:45 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-08-18 11:19:22 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-08-18 11:17:56 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-08-18 11:17:56 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-08-18 09:12:09 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-08-18 09:12:09 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-08-18 09:07:02 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-18 09:07:02 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-18 09:07:02 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-18 09:07:02 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-11 00:53:01 714752 ----a-w- C:\Windows\System32\kerberos.dll
2012-08-10 23:54:04 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
.
============= FINISH: 22:19:59.53 ===============
DDS (Ver_2012-10-19.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421
Run by Dorian at 22:18:00 on 2012-11-01
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3836.1348 [GMT -4:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Dell\OSD\DellOSDservice.exe
C:\Windows\system32\dleacoms.exe
C:\Program Files\Dell\OSD\DellOSD.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccSvcHst.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\System32\StikyNot.exe
C:\Program Files (x86)\Multimedia Card Reader(6366)\ShwiconXP6366.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
-netsvcs
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Users\Dorian\AppData\Local\Temp\_iu14D2N.tmp
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\osk.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ips\ipsbho.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coieplg.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\coieplg.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [AdobeBridge] <no file>
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [UCam_Menu] "C:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Dell\Dell TouchCam" UpdateWithCreateOnce "Software\CyberLink\Dell TouchCam\1.1"
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [FAStartup] <no file>
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{550A807D-E2D3-4077-9E89-1A3919BF5D21} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{7B45497D-9677-4742-B7B9-25A4DE468954} : DHCPNameServer = 192.168.0.1
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
x64-Run: [RunDLLEntry_THXCfg] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [RunDLLEntry_EptMon] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\EptMon64.dll,RunDLLEntry EptMon64
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dorian\AppData\Roaming\Mozilla\Firefox\Profiles\0olkcr3p.default\
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - ExtSQL: 2012-10-14 03:15; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn
FF - ExtSQL: 2012-10-14 03:15; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn
FF - ExtSQL: 2012-10-21 23:03; firebug@software.joehewitt.com; C:\Users\Dorian\AppData\Roaming\Mozilla\Firefox\Profiles\0olkcr3p.default\extensions\firebug@software.joehewitt.com.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-12-8 55280]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\0604000.009\symds64.sys [2012-10-14 451192]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0604000.009\symefa64.sys [2012-10-14 1129120]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121005.002\BHDrvx64.sys [2012-10-5 1385632]
R1 ccSet_N360;Norton Security Suite Settings Manager;C:\Windows\System32\drivers\N360x64\0604000.009\ccsetx64.sys [2012-10-14 167072]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121101.002\IDSviA64.sys [2012-11-1 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\0604000.009\ironx64.sys [2012-10-14 190072]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\0604000.009\symnets.sys [2012-10-14 405624]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-10-29 203264]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 DellOSDservice;DellOSDservice;C:\Program Files\Dell\OSD\DellOSDservice.exe [2010-7-5 7168]
R2 dlea_device;dlea_device;C:\Windows\System32\dleacoms.exe -service --> C:\Windows\System32\dleacoms.exe -service [?]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\6.4.0.9\ccsvchst.exe [2012-10-14 138272]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-8 689472]
R3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-10-29 6858240]
R3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-10-29 264192]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2010-10-29 20984]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-10-29 344680]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2009-12-2 721768]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2009-12-2 269672]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2009-12-2 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2009-12-2 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-2 209768]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-14 250808]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\System32\drivers\facap.sys [2008-9-24 238848]
S3 nuviocir;Nuvoton W836x7HG CIR Device Driver;C:\Windows\System32\drivers\nuviocir_win7_x64.sys [2010-12-8 33792]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-10-15 1255736]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-11-02 01:35:41 -------- d-----w- C:\Users\Dorian\AppData\Local\ElevatedDiagnostics
2012-11-02 01:22:54 20480 ----a-w- C:\Windows\svchost.exe
2012-10-26 03:30:18 1034216 ----a-w- C:\Windows\System32\npDeployJava1.dll
2012-10-26 03:29:48 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2012-10-25 23:58:01 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2012-10-25 20:24:00 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-10-25 20:24:00 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-10-25 20:24:00 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-10-25 20:24:00 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-10-25 20:24:00 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-10-25 20:24:00 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-10-25 20:24:00 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-10-25 20:22:22 -------- d-----w- C:\Users\Dorian\AppData\Local\Apple
2012-10-24 03:08:16 -------- d-----w- C:\Users\Dorian\AppData\Local\CrashDumps
2012-10-18 00:05:19 -------- d-----w- C:\Users\Dorian\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-10-15 21:53:07 99328 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2012-10-15 21:53:07 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2012-10-15 21:53:07 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2012-10-15 21:53:07 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2012-10-15 21:53:07 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
2012-10-15 21:53:07 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2012-10-15 21:53:07 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2012-10-15 21:52:56 96768 ----a-w- C:\Windows\System32\fsutil.exe
2012-10-15 21:52:56 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2012-10-15 21:52:56 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2012-10-15 21:52:56 2566144 ----a-w- C:\Windows\System32\esent.dll
2012-10-15 21:52:56 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2012-10-15 21:52:56 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2012-10-15 21:52:56 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2012-10-15 21:52:56 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2012-10-15 15:14:47 -------- d-----w- C:\Users\Dorian\AppData\Roaming\Malwarebytes
2012-10-15 15:14:31 -------- d-----w- C:\ProgramData\Malwarebytes
2012-10-15 08:36:07 -------- d-----w- C:\Windows\SysWow64\Wat
2012-10-15 08:36:07 -------- d-----w- C:\Windows\System32\Wat
2012-10-15 08:07:19 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2012-10-15 08:07:18 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2012-10-15 07:23:19 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2012-10-15 07:23:19 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2012-10-15 07:23:19 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2012-10-15 07:23:19 444752 ----a-w- C:\Windows\System32\mscoree.dll
2012-10-15 07:23:19 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2012-10-15 07:23:19 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2012-10-15 07:23:19 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2012-10-15 07:23:19 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2012-10-15 07:23:19 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2012-10-15 07:23:19 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2012-10-15 07:05:25 80896 ----a-w- C:\Windows\System32\imagehlp.dll
2012-10-15 07:05:25 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-10-15 07:05:25 158720 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-10-15 07:05:24 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-10-15 07:05:24 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-10-15 03:41:07 -------- d-----w- C:\Users\Dorian\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-10-15 03:26:08 -------- d-----w- C:\Users\Dorian\AppData\Roaming\PDAppFlex
2012-10-15 03:03:24 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2012-10-15 01:37:11 -------- d-----w- C:\Users\Dorian\.unlimitedftp
2012-10-15 01:18:45 -------- d-----w- C:\Users\Dorian\AppData\Local\Adobe
2012-10-15 00:23:46 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
2012-10-15 00:23:46 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
2012-10-15 00:23:46 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
2012-10-15 00:23:45 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2012-10-15 00:23:45 31232 ----a-w- C:\Windows\System32\prevhost.exe
2012-10-14 22:14:55 -------- d-----w- C:\ProgramData\VirtualizedApplications
2012-10-14 20:04:31 -------- d-----w- C:\Users\Dorian\AppData\Local\SoftGrid Client
2012-10-14 20:04:29 -------- d-----w- C:\Users\Dorian\AppData\Roaming\SoftGrid Client
2012-10-14 20:02:56 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-10-14 20:02:38 -------- d-----w- C:\Users\Dorian\AppData\Roaming\TP
2012-10-14 08:02:12 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-10-14 08:02:12 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-10-14 08:02:11 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-10-14 08:02:11 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-10-14 08:02:02 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-10-14 08:02:02 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-10-14 08:00:51 442880 ----a-w- C:\Windows\System32\winhttp.dll
2012-10-14 07:59:42 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-10-14 07:58:59 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2012-10-14 07:57:59 59904 ----a-w- C:\Windows\SysWow64\MSDvbNP.ax
2012-10-14 07:56:40 634368 ----a-w- C:\Windows\System32\msvcrt.dll
2012-10-14 07:55:32 182272 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-10-14 07:55:32 1462784 ----a-w- C:\Windows\System32\crypt32.dll
2012-10-14 07:55:32 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-10-14 07:55:32 139264 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-10-14 07:55:32 1157632 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-10-14 07:55:32 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-10-14 07:55:00 1895280 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-14 07:54:58 1739160 ----a-w- C:\Windows\System32\ntdll.dll
2012-10-14 07:54:58 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-10-14 07:31:35 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-10-14 07:29:41 405624 ----a-r- C:\Windows\System32\drivers\N360x64\0604000.009\symnets.sys
2012-10-14 07:29:40 451192 ----a-r- C:\Windows\System32\drivers\N360x64\0604000.009\symds64.sys
2012-10-14 07:29:40 37536 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\srtspx64.sys
2012-10-14 07:29:40 1129120 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\symefa64.sys
2012-10-14 07:29:39 737952 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\srtsp64.sys
2012-10-14 07:29:39 190072 ----a-r- C:\Windows\System32\drivers\N360x64\0604000.009\ironx64.sys
2012-10-14 07:29:39 167072 ----a-w- C:\Windows\System32\drivers\N360x64\0604000.009\ccsetx64.sys
2012-10-14 07:29:19 -------- d-----w- C:\Windows\System32\drivers\N360x64\0604000.009
2012-10-14 07:22:42 77312 ----a-w- C:\Windows\System32\packager.dll
2012-10-14 07:22:42 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-10-14 07:14:29 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-10-14 07:14:29 -------- d-----w- C:\Program Files\Symantec
2012-10-14 07:14:29 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2012-10-14 07:13:44 -------- d-----w- C:\Windows\System32\drivers\N360x64
2012-10-14 07:13:42 -------- d-----w- C:\Program Files (x86)\Norton Security Suite
2012-10-14 06:54:44 -------- d-----w- C:\ProgramData\NortonInstaller
2012-10-14 06:54:44 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2012-10-14 06:10:38 -------- d-----w- C:\Emergency
2012-10-14 05:54:11 -------- d-----w- C:\Windows\SMINST
2012-10-14 05:11:02 -------- d-----w- C:\ProgramData\Norton
2012-10-14 04:50:40 -------- d-----w- C:\Users\Dorian\AppData\Local\Macromedia
2012-10-14 04:50:24 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-14 04:50:24 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-14 04:47:28 -------- d-----w- C:\Users\Dorian\AppData\Local\Mozilla
2012-10-14 04:47:24 -------- d-----w- C:\ProgramData\dl_Cats
2012-10-14 04:47:03 189440 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\dleadrpp.dll
2012-10-14 04:46:05 -------- d-----w- C:\Program Files\Dell V310-V510 Series
2012-10-14 04:40:43 -------- d-----w- C:\Users\Dorian\AppData\Roaming\Fingertapps
2012-10-14 04:38:55 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-10-14 04:38:54 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-10-14 04:38:54 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-10-14 04:34:08 -------- d-----w- C:\Users\Dorian\AppData\Local\Dell
2012-10-14 04:32:36 -------- d-----w- C:\Users\Dorian\AppData\Roaming\Dell
2012-10-14 04:32:30 -------- d-----w- C:\Users\Dorian\AppData\Local\DataSafeOnline
2012-10-14 04:32:28 -------- d-----w- C:\Users\Dorian\AppData\Local\SupportSoft
2012-10-14 04:32:28 -------- d-----w- C:\Users\Dorian\AppData\Local\ATI
2012-10-14 04:32:22 -------- d-----w- C:\Users\Dorian\AppData\Roaming\Dell Touch Zone
2012-10-14 04:31:23 -------- d-sh--w- C:\$RECYCLE.BIN
2012-10-14 04:31:20 -------- d-----w- C:\Users\Dorian\AppData\Local\VirtualStore
2012-10-14 04:29:09 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2012-10-14 04:28:57 99840 ----a-w- C:\Windows\System32\wudriver.dll
2012-10-14 04:27:48 36864 ----a-w- C:\Windows\System32\wuapp.exe
2012-10-14 04:27:48 186752 ----a-w- C:\Windows\System32\wuwebv.dll
.
==================== Find3M ====================
.
2012-10-26 03:29:31 916456 ----a-w- C:\Windows\System32\deployJava1.dll
2012-09-14 19:23:40 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:30:38 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-08-31 18:02:20 1656688 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-24 18:05:28 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 17:10:47 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-18 15:43:05 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-08-18 15:43:05 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-08-18 15:43:05 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-08-18 15:42:31 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-08-18 15:40:26 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-08-18 15:37:49 425984 ----a-w- C:\Windows\System32\KernelBase.dll
2012-08-18 15:34:13 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-08-18 11:22:55 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-08-18 11:19:45 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-08-18 11:19:22 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-08-18 11:17:56 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-08-18 11:17:56 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-08-18 09:12:09 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-08-18 09:12:09 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-08-18 09:07:02 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-18 09:07:02 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-18 09:07:02 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-18 09:07:02 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-11 00:53:01 714752 ----a-w- C:\Windows\System32\kerberos.dll
2012-08-10 23:54:04 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
.
============= FINISH: 22:19:59.53 ===============