DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by foothill at 23:59:29 on 2011-10-08
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2795.1667 [GMT -4:00]
.
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Agogo 3GP Video Converter\videoto3gp.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10x_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\foothill\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5Q04TR2W\HijackThis[1].exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
uRun: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [MDS_Menu] "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1"
mRun: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
dRunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid}
StartupFolder: C:\Users\foothill\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\foothill\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
DPF: {627C5D14-CB66-493E-B0F3-589C7E2FA832} - hxxp://192.168.2.11/template/WebClient.cab
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{219C4F1B-1F92-4674-8B9E-7F4CE63B2BBA} : DhcpNameServer = 10.0.0.1
TCP: Interfaces\{95CDB13F-ED5C-4A8D-9171-60E24973F93C} : DhcpNameServer = 10.0.0.1
TCP: Interfaces\{95CDB13F-ED5C-4A8D-9171-60E24973F93C}\34F62707F627164756 : DhcpNameServer = 68.87.64.146 68.87.75.194
TCP: Interfaces\{95CDB13F-ED5C-4A8D-9171-60E24973F93C}\C696E6B6379737 : DhcpNameServer = 192.168.2.250 68.87.64.146
TCP: Interfaces\{AF2F4DCB-6845-4EBC-919C-474D8538B6A3} : DhcpNameServer = 8.8.4.4
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No File
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
mRun-x64: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [MDS_Menu] "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer\clear.fi\MediaEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaEspresso\6.1"
mRun-x64: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefragDriver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdvancedSystemCareService;Advanced SystemCare Service;C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-10-3 328536]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2010-11-18 354304]
R2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-1-6 310864]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-12-2 868224]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2011-10-3 820568]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2010-11-11 257344]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-12-2 243232]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-9-27 172912]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-10-07 00:04:48 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E2C6F8A5-2654-4D15-8150-F5BF64CA4E4D}\offreg.dll
2011-10-04 02:45:22 -------- d-----w- C:\Windows\SysWow64\Wat
2011-10-04 02:45:21 -------- d-----w- C:\Windows\System32\Wat
2011-10-04 02:37:37 94208 ----a-w- C:\Program Files (x86)\Common Files\System\Ole DB\msdaosp.dll
2011-10-04 02:37:37 86016 ----a-w- C:\Windows\SysWow64\odbccu32.dll
2011-10-04 02:37:37 81920 ----a-w- C:\Windows\SysWow64\odbccr32.dll
2011-10-04 02:37:37 319488 ----a-w- C:\Windows\SysWow64\odbcjt32.dll
2011-10-04 02:37:37 212992 ----a-w- C:\Windows\System32\odbctrac.dll
2011-10-04 02:37:37 163840 ----a-w- C:\Windows\SysWow64\odbctrac.dll
2011-10-04 02:37:37 163840 ----a-w- C:\Windows\System32\odbccp32.dll
2011-10-04 02:37:37 126976 ----a-w- C:\Program Files\Common Files\System\Ole DB\msdaosp.dll
2011-10-04 02:37:37 122880 ----a-w- C:\Windows\SysWow64\odbccp32.dll
2011-10-04 02:37:37 106496 ----a-w- C:\Windows\System32\odbccu32.dll
2011-10-04 02:37:37 106496 ----a-w- C:\Windows\System32\odbccr32.dll
2011-10-04 02:31:22 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-10-04 02:31:22 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-10-04 02:31:22 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-10-04 02:23:53 3134464 ----a-w- C:\Windows\System32\win32k.sys
2011-10-04 02:22:39 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-10-04 02:22:39 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-10-04 02:22:39 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-10-04 02:22:39 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2011-10-04 02:22:39 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-10-04 02:18:55 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-10-04 02:18:55 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-10-04 02:17:52 759296 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2011-10-04 02:17:52 1110528 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-10-04 02:16:51 461312 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-10-04 02:16:51 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-10-04 02:16:51 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-10-04 02:15:56 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys
2011-10-04 02:15:02 499712 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-10-04 02:15:02 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-10-04 02:13:51 861184 ----a-w- C:\Windows\System32\oleaut32.dll
2011-10-04 02:13:51 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-10-04 02:10:57 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-10-04 02:10:57 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-10-04 02:10:00 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-10-04 02:09:28 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-10-04 02:09:28 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-10-04 02:08:17 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-10-04 02:08:17 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-10-04 02:06:09 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-10-04 02:06:09 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-10-04 02:05:16 2870272 ----a-w- C:\Windows\explorer.exe
2011-10-04 02:05:16 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe
2011-10-04 02:04:21 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-10-04 02:04:21 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-10-04 02:04:21 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-10-04 02:03:27 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-10-04 02:03:27 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-10-04 02:02:24 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-10-04 02:02:24 367104 ----a-w- C:\Windows\System32\atmfd.dll
2011-10-04 02:02:24 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-10-04 02:02:24 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-10-04 02:00:44 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2011-10-04 01:59:53 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-10-04 01:58:56 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-10-04 01:58:56 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-10-04 01:58:56 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-10-04 01:58:56 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-10-04 01:58:03 640896 ----a-w- C:\Windows\System32\winload.efi
2011-10-04 01:58:03 603976 ----a-w- C:\Windows\System32\winload.exe
2011-10-04 01:58:03 556928 ----a-w- C:\Windows\System32\winresume.efi
2011-10-04 01:58:03 518160 ----a-w- C:\Windows\System32\winresume.exe
2011-10-04 01:58:03 20352 ----a-w- C:\Windows\System32\kdusb.dll
2011-10-04 01:58:03 19328 ----a-w- C:\Windows\System32\kd1394.dll
2011-10-04 01:58:03 17792 ----a-w- C:\Windows\System32\kdcom.dll
2011-10-04 01:57:02 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2011-10-04 01:57:02 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2011-10-04 01:56:12 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-10-04 01:56:12 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-10-04 01:56:12 1540608 ----a-w- C:\Windows\System32\DWrite.dll
2011-10-04 01:56:12 1135104 ----a-w- C:\Windows\System32\FntCache.dll
2011-10-04 01:56:12 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-10-04 01:55:20 3138048 ----a-w- C:\Windows\System32\mstscax.dll
2011-10-04 01:55:20 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll
2011-10-04 01:55:20 1097216 ----a-w- C:\Windows\System32\mstsc.exe
2011-10-04 01:55:20 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe
2011-10-04 01:54:28 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2011-10-04 01:54:28 850432 ----a-w- C:\Windows\SysWow64\sbe.dll
2011-10-04 01:54:28 723968 ----a-w- C:\Windows\System32\EncDec.dll
2011-10-04 01:54:28 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2011-10-04 01:54:28 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-10-04 01:54:28 259072 ----a-w- C:\Windows\System32\mpg2splt.ax
2011-10-04 01:54:28 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2011-10-04 01:54:28 1118720 ----a-w- C:\Windows\System32\sbe.dll
2011-10-04 01:53:25 5510528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-10-04 01:53:25 3957120 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-10-04 01:53:25 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-10-04 01:53:25 1739176 ----a-w- C:\Windows\System32\ntdll.dll
2011-10-04 01:53:25 1293120 ----a-w- C:\Windows\SysWow64\ntdll.dll
2011-10-04 01:50:53 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-10-04 01:50:53 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll
2011-10-04 01:50:53 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2011-10-04 01:50:53 229888 ----a-w- C:\Windows\System32\XpsRasterService.dll
2011-10-04 01:50:53 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2011-10-04 01:50:53 1863680 ----a-w- C:\Windows\System32\ExplorerFrame.dll
2011-10-04 01:50:53 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll
2011-10-04 01:50:53 1495040 ----a-w- C:\Windows\SysWow64\ExplorerFrame.dll
2011-10-04 01:50:53 144384 ----a-w- C:\Windows\System32\cdd.dll
2011-10-04 01:50:53 135168 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll
2011-10-04 01:50:53 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2011-10-04 01:49:49 367104 ----a-w- C:\Windows\System32\wcncsvc.dll
2011-10-04 01:49:49 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll
2011-10-04 01:47:54 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll
2011-10-04 01:46:54 395776 ----a-w- C:\Windows\System32\webio.dll
2011-10-04 01:45:23 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll
2011-10-04 01:45:23 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll
2011-10-04 01:45:23 48960 ----a-w- C:\Windows\System32\netfxperf.dll
2011-10-04 01:45:23 444752 ----a-w- C:\Windows\System32\mscoree.dll
2011-10-04 01:45:23 320352 ----a-w- C:\Windows\System32\PresentationHost.exe
2011-10-04 01:45:23 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll
2011-10-04 01:45:23 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe
2011-10-04 01:45:23 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-10-04 01:45:23 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-10-04 01:45:23 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll
2011-10-04 01:44:57 2080256 ----a-w- C:\Program Files\Windows Mail\msoe.dll
2011-10-04 01:44:57 1619968 ----a-w- C:\Program Files (x86)\Windows Mail\msoe.dll
2011-10-04 01:44:39 223448 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2011-10-04 01:28:52 -------- d-----w- C:\ProgramData\IObit
2011-10-04 01:28:03 27992 ----a-w- C:\Windows\System32\SmartDefragBootTime.exe
2011-10-04 01:28:03 17720 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys
2011-10-04 01:28:03 -------- d-----w- C:\Users\foothill\AppData\Roaming\IObit
2011-10-04 01:27:54 -------- d-----w- C:\Program Files (x86)\IObit
2011-10-04 01:20:43 -------- d-----w- C:\Program Files\CCleaner
2011-10-04 01:11:14 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-25 21:31:27 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-09-25 21:31:12 9049936 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E2C6F8A5-2654-4D15-8150-F5BF64CA4E4D}\mpengine.dll
2011-09-18 02:08:50 -------- d-----r- C:\Users\foothill\Dropbox
2011-09-18 02:06:28 -------- d-----w- C:\Users\foothill\AppData\Roaming\Dropbox
.
==================== Find3M ====================
.
2011-10-04 02:29:10 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-04 02:29:10 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-04 02:29:09 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-10-04 02:29:09 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-10-04 02:29:09 482816 ----a-w- C:\Windows\System32\html.iec
2011-10-04 02:29:09 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-10-04 02:29:09 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-10-04 02:29:09 1197056 ----a-w- C:\Windows\System32\wininet.dll
2011-10-04 02:07:19 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2011-10-04 02:07:19 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2011-10-04 01:47:53 720896 ----a-w- C:\Windows\System32\odbc32.dll
2011-10-04 01:47:53 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll
2011-10-04 01:47:24 112000 ----a-w- C:\Windows\System32\consent.exe
2011-10-04 01:46:54 314368 ----a-w- C:\Windows\SysWow64\webio.dll
2011-10-04 01:46:38 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll
2011-10-04 01:46:38 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll
2011-10-04 01:46:38 473600 ----a-w- C:\Windows\System32\taskcomp.dll
2011-10-04 01:46:38 464384 ----a-w- C:\Windows\System32\taskeng.exe
2011-10-04 01:46:38 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll
2011-10-04 01:46:38 285696 ----a-w- C:\Windows\System32\schtasks.exe
2011-10-04 01:46:38 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe
2011-10-04 01:46:38 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe
2011-10-04 01:46:38 1169408 ----a-w- C:\Windows\System32\taskschd.dll
2011-10-04 01:46:38 1114624 ----a-w- C:\Windows\System32\schedsvc.dll
2011-08-31 21:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
.
============= FINISH: 0:01:27.72 ===============