DDS (Ver_2012-10-19.01) - NTFS_x86 
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 10.9.2
Run by S at 16:38:30 on 2012-11-06
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.1023.189 [GMT 1:00]
.
AV: Trend Micro Titanium Maximum Security 2012 *Enabled/Updated* {7193B549-236F-55EE-9AEC-F65279E59A92}
SP: Trend Micro Titanium Maximum Security 2012 *Enabled/Updated* {CAF254AD-0555-5A60-A05C-CD200262D02F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Comodo\Dragon\dragon_updater.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files\Hotspot Shield\bin\hsswd.exe
C:\Program Files\Comodo\IceDragon\icedragon_updater.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Razer\Krait\razerhid.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\DataGuard\DataGuard.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\S\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Razer\Krait\razerofa.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Program Files\Comodo\Dragon\dragon.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = hxxp://www.google.com/ie
mStart Page = about:blank
uProxyServer = <local>
uProxyOverride = <local>;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = c:\windows\system32\userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: KeyScramblerBHO Class: {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - c:\program files\keyscrambler\KeyScramblerIE.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Virtual Storage Mount Notification: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - c:\windows\system32\CbFsMntNtf3.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files\hotspot shield\hssie\HssIE.dll
TB: GuardedID: {CB7DC2DA-D8C9-4004-8548-1E24AA7D46DE} - c:\program files\sft\guardedid\GIDTB.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [googletalk] c:\users\s\appdata\roaming\google\google talk\googletalk.exe /autostart
mRun: [Krait] c:\program files\razer\krait\razerhid.exe
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Bdagent] c:\program files\bitdefender\bitdefender 2013\bdagent.exe
mRun: [DataGuard] c:\program files\dataguard\Dataguard.exe r
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\rocket~1.lnk - c:\windows\ubuntu skin pack\rocketdock\RocketDock.exe
uPolicies-Explorer: HideSCAHealth = dword:1
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - c:\program files\keyscrambler\KeyScramblerIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{38D28978-FBB9-4ECE-AEF5-9977408A164F} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{38D28978-FBB9-4ECE-AEF5-9977408A164F} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4C6F7234-FFE0-4EC4-AFDD-D00E193F2752} : NameServer = 10.63.80.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - c:\windows\system32\CbFsMntNtf3.dll
STS: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - c:\windows\system32\CbFsMntNtf3.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\s\appdata\roaming\mozilla\firefox\profiles\9uomiktr.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppdf32.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nppl3260.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin4.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin5.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin6.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin7.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprjplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\program files\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\program files\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\s\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2012-10-18 04:23; afurladvisor@anchorfree.com; c:\program files\mozilla firefox\extensions\afurladvisor@anchorfree.com
FF - ExtSQL: 2012-10-18 04:23; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2012-10-18 04:23; {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF - ExtSQL: 2012-10-18 04:23; {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF - ExtSQL: 2012-10-18 04:23; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF - ExtSQL: 2012-11-05 20:14; keyscrambler@qfx.software.corporation; c:\users\s\appdata\roaming\mozilla\firefox\profiles\9uomiktr.default\extensions\keyscrambler@qfx.software.corporation
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(extensions.BabylonToolbar_i.babTrack, affID=113480&tt=010712_2
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 2882ed1100000000000000ff4c6f7234
FF - user.js: extensions.BabylonToolbar_i.hardId - 2882ed1100000000000000ff4c6f7234
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15524
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:33:37
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extensions.funmoods.hmpg - false
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtD0F0FyE0CyC0FyBtBtAyE0E0DtCtCtN0D0Tzu0CtAtDtBtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1426043874
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Search
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - false
FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtD0F0FyE0CyC0FyBtBtAyE0E0DtCtCtN0D0Tzu0CtAtDtBtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1426043874
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtD0F0FyE0CyC0FyBtBtAyE0E0DtCtCtN0D0Tzu0CtAtDtBtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1426043874&q=
FF - user.js: extensions.funmoods.id - 00FF4C6F7234ED11
FF - user.js: extensions.funmoods.instlDay - 15641
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2223:54:40
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - download
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - download
FF - user.js: extensions.funmoods.dfltLng - 
FF - user.js: extensions.funmoods.excTlbr - true
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2012-10-29 622616]
R0 DKDFM;Device Filter Manager Driver;c:\windows\system32\drivers\DKDFM.sys [2012-10-31 35120]
R0 DKTLFSMF;Telemetry File System Mini Filter Driver;c:\windows\system32\drivers\DKTLFSMF.sys [2012-10-31 85328]
R0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2012-10-29 161312]
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2012-10-29 77192]
R1 bdfwfpf;bdfwfpf;c:\program files\common files\bitdefender\bitdefender firewall\bdfwfpf.sys [2012-10-29 90704]
R1 BDVEDISK;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2012-10-29 72704]
R1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys [2012-4-28 299024]
R1 DataGuard AntiKeylogger Kernel Service;DataGuard AntiKeylogger Kernel Service;c:\windows\system32\drivers\dataguard.sys [2012-11-5 50176]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-6-5 242240]
R1 GIDv2;GIDv2;c:\windows\system32\drivers\gidv2.sys [2012-10-29 24952]
R1 SafDskNT;SafeHouse;c:\windows\system32\drivers\SafDskNT.sys [2009-12-7 78336]
R3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2011-11-25 240184]
R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2012-10-29 481464]
R3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [2012-11-5 173880]
R3 krait03;Razer krait USB Filter Driver;c:\windows\system32\drivers\krait.sys [2011-12-7 13324]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2012-10-29 66392]
S3 DKRtWrt;DKRtWrt;c:\windows\system32\drivers\DKRtWrt.sys [2012-10-31 44496]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 SaiHFF0C;SaiHFF0C;c:\windows\system32\drivers\SaiHFF0C.sys [2007-5-1 132232]
.
=============== Created Last 30 ================
.
2012-11-06 13:16:33	--------	d-----w-	c:\program files\SecretLayer
2012-11-05 21:36:28	50176	----a-w-	c:\windows\system32\drivers\dataguard.sys
2012-11-05 20:00:25	--------	d-----w-	c:\users\s\appdata\roaming\Comodo
2012-11-05 19:57:45	--------	d-----w-	c:\programdata\ESTsoft
2012-11-05 19:57:33	--------	d-----w-	c:\users\s\appdata\roaming\ESTsoft
2012-11-05 19:57:33	--------	d-----w-	c:\program files\ESTsoft
2012-11-05 19:14:06	--------	d-----w-	c:\users\s\appdata\roaming\QFX Software
2012-11-05 19:14:06	--------	d-----w-	c:\programdata\QFX Software
2012-11-05 19:12:53	173880	----a-w-	c:\windows\system32\drivers\keyscrambler.sys
2012-11-05 19:12:49	--------	d-----w-	c:\program files\KeyScrambler
2012-11-03 23:36:26	--------	d-----w-	c:\program files\Aidfile recovery Professional
2012-11-03 21:37:08	--------	d-----w-	c:\program files\AKProg
2012-11-02 18:26:07	--------	d-----w-	c:\program files\RocketDock
2012-11-02 16:07:01	--------	d-----w-	c:\program files\CPU Monitor
2012-11-01 23:49:55	--------	d-----w-	c:\users\s\appdata\roaming\URSoft
2012-11-01 23:49:25	--------	d-----w-	c:\program files\Your Uninstaller! 7
2012-11-01 19:25:58	468992	----a-w-	c:\windows\system32\osk.exe
2012-11-01 19:24:59	419328	----a-w-	c:\windows\system32\powercpl.dll
2012-11-01 19:23:59	978944	----a-w-	c:\windows\system32\pnidui.dll
2012-11-01 19:23:58	94720	----a-w-	c:\windows\system32\mydocs.dll
2012-11-01 19:23:56	740864	----a-w-	c:\windows\system32\batmeter.dll
2012-11-01 19:23:53	1791488	----a-w-	c:\windows\system32\authui.dll
2012-11-01 19:23:52	358912	----a-w-	c:\windows\system32\pnpui.dll
2012-11-01 19:23:50	2328064	----a-w-	c:\windows\system32\netshell.dll
2012-11-01 19:23:47	9029120	----a-w-	c:\windows\system32\mmres.dll
2012-11-01 19:23:46	757248	----a-w-	c:\windows\system32\imagesp1.dll
2012-11-01 19:23:45	56320	----a-w-	c:\windows\system32\hotplug.dll
2012-11-01 19:23:43	690688	----a-w-	c:\windows\system32\ActionCenter.dll
2012-11-01 19:23:18	--------	d--h--w-	c:\windows\Ubuntu Skin Pack
2012-11-01 18:22:13	28160	----a-w-	c:\windows\system32\DfSdkBt.exe
2012-10-31 18:34:22	--------	d-sh--w-	c:\users\s\appdata\local\History
2012-10-31 18:34:21	--------	d-sh--w-	c:\users\s\appdata\local\Temporary Internet Files
2012-10-31 17:58:57	--------	d-----w-	c:\users\s\appdata\roaming\Advanced System Protector
2012-10-31 17:55:27	2341376	----a-w-	c:\windows\system32\msi (2).dll
2012-10-31 17:32:13	2341376	----a-w-	c:\windows\system32\msi.dll
2012-10-31 16:46:27	--------	d-----w-	c:\program files\CPUID
2012-10-31 02:48:51	--------	d-----w-	c:\users\s\appdata\roaming\Condusiv_Technologies
2012-10-31 02:48:51	--------	d-----w-	c:\users\s\appdata\local\Condusiv_Technologies
2012-10-31 00:36:38	85328	----a-w-	c:\windows\system32\drivers\DKTLFSMF.sys
2012-10-31 00:36:33	35120	----a-w-	c:\windows\system32\drivers\DKDFM.sys
2012-10-31 00:36:19	44496	----a-w-	c:\windows\system32\drivers\DKRtWrt.sys
2012-10-31 00:36:07	--------	d-----w-	c:\programdata\Condusiv Technologies
2012-10-31 00:36:07	--------	d-----w-	c:\program files\common files\Diskeeper Corporation
2012-10-31 00:36:04	--------	d-----w-	c:\program files\Condusiv Technologies
2012-10-30 12:26:36	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-10-30 00:32:32	1292144	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-10-30 00:32:29	240496	----a-w-	c:\windows\system32\drivers\netio.sys
2012-10-30 00:32:23	187760	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2012-10-30 00:32:04	2048	----a-w-	c:\windows\system32\tzres.dll
2012-10-30 00:29:43	492032	----a-w-	c:\windows\system32\win32spl.dll
2012-10-30 00:29:42	317440	----a-w-	c:\windows\system32\spoolsv.exe
2012-10-30 00:29:30	712048	----a-w-	c:\windows\system32\drivers\ndis.sys
2012-10-30 00:29:29	33280	----a-w-	c:\windows\system32\drivers\RNDISMP.sys
2012-10-30 00:28:23	172544	----a-w-	c:\windows\system32\wintrust.dll
2012-10-30 00:28:09	1159680	----a-w-	c:\windows\system32\crypt32.dll
2012-10-30 00:28:08	140288	----a-w-	c:\windows\system32\cryptsvc.dll
2012-10-30 00:28:08	103936	----a-w-	c:\windows\system32\cryptnet.dll
2012-10-30 00:26:48	245760	----a-w-	c:\windows\system32\OxpsConverter.exe
2012-10-30 00:26:41	369336	----a-w-	c:\windows\system32\drivers\cng.sys
2012-10-30 00:26:41	134000	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2012-10-30 00:26:40	67440	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2012-10-30 00:26:40	225280	----a-w-	c:\windows\system32\schannel.dll
2012-10-30 00:26:40	219136	----a-w-	c:\windows\system32\ncrypt.dll
2012-10-30 00:26:26	919040	----a-w-	c:\windows\system32\rdpcorets.dll
2012-10-30 00:26:26	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-10-30 00:19:16	2048	----a-w-	c:\windows\system32\msxml3r.dll
2012-10-30 00:19:16	1390080	----a-w-	c:\windows\system32\msxml6.dll
2012-10-30 00:19:16	1236992	----a-w-	c:\windows\system32\msxml3.dll
2012-10-30 00:19:05	1211760	----a-w-	c:\windows\system32\drivers\ntfs.sys
2012-10-30 00:17:52	2342400	----a-w-	c:\windows\system32\msi.old
2012-10-30 00:17:42	490496	----a-w-	c:\windows\system32\d3d10level9.dll
2012-10-30 00:17:33	58880	----a-w-	c:\windows\system32\rdpwsx.dll
2012-10-30 00:17:33	129536	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-10-30 00:17:32	8192	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-10-30 00:17:24	164352	----a-w-	c:\windows\system32\profsvc.dll
2012-10-30 00:13:08	769024	----a-w-	c:\windows\system32\localspl.dll
2012-10-30 00:10:43	2345984	----a-w-	c:\windows\system32\win32k.sys
2012-10-29 23:45:05	88576	----a-w-	c:\windows\system32\wudriver.dll
2012-10-29 23:44:44	33792	----a-w-	c:\windows\system32\wuapp.exe
2012-10-29 23:44:44	171904	----a-w-	c:\windows\system32\wuwebv.dll
2012-10-29 23:23:56	--------	d-----w-	c:\users\s\appdata\local\CrashDumps
2012-10-29 23:10:12	--------	d-----w-	c:\users\s\appdata\local\IsolatedStorage
2012-10-29 23:09:58	--------	d-----w-	c:\users\s\appdata\local\Blue_Onion_Software
2012-10-29 23:03:06	--------	d-----w-	c:\program files\SkinPack
2012-10-29 23:00:24	--------	d-----w-	c:\program files\Skin Pack
2012-10-29 22:59:01	37376	----a-w-	c:\windows\system32\themeservice.dll.backup
2012-10-29 22:58:58	2755072	----a-w-	c:\windows\system32\themeui.dll.backup
2012-10-29 22:58:49	249856	----a-w-	c:\windows\system32\uxtheme.dll.backup
2012-10-29 19:30:29	--------	d-----w-	c:\users\s\appdata\roaming\.dvdcss
2012-10-29 15:55:03	--------	d-----w-	c:\users\s\appdata\local\{E6E149E3-EDB8-4FCE-A9AA-434F3B4BD2B4}
2012-10-29 11:19:56	--------	d-----w-	c:\users\s\appdata\local\hebonick
2012-10-29 00:17:22	72704	----a-w-	c:\windows\system32\drivers\bdvedisk.sys
2012-10-29 00:17:19	77192	----a-w-	c:\windows\system32\drivers\BdfNdisf6.sys
2012-10-29 00:17:19	66392	----a-w-	c:\windows\system32\drivers\bdsandbox.sys
2012-10-29 00:17:19	511328	----a-w-	c:\windows\capicom.dll
2012-10-29 00:16:59	481464	----a-w-	c:\windows\system32\drivers\avckf.sys
2012-10-29 00:16:58	622616	----a-w-	c:\windows\system32\drivers\avc3.sys
2012-10-29 00:16:08	--------	d-----w-	c:\users\s\appdata\roaming\Bitdefender
2012-10-29 00:15:46	--------	d-----w-	c:\programdata\Bitdefender
2012-10-29 00:15:39	1700	----a-w-	c:\programdata\1351468907.7496.bin
2012-10-29 00:05:40	9938	----a-w-	c:\programdata\1351468907.4584.bin
2012-10-29 00:05:40	160074	----a-w-	c:\programdata\1351468907.1936.bin
2012-10-29 00:05:38	161312	----a-w-	c:\windows\system32\drivers\gzflt.sys
2012-10-29 00:05:37	7456	----a-w-	c:\programdata\1351468907.6116.bin
2012-10-29 00:05:37	13732	----a-w-	c:\programdata\1351468907.6112.bin
2012-10-29 00:05:37	1090	----a-w-	c:\programdata\1351468907.6124.bin
2012-10-29 00:05:37	1090	----a-w-	c:\programdata\1351468907.6120.bin
2012-10-29 00:05:28	3042	----a-w-	c:\programdata\1351468907.6080.bin
2012-10-29 00:01:57	170247	----a-w-	c:\programdata\1351468907.5004.bin
2012-10-29 00:01:56	36536	----a-w-	c:\programdata\1351468907.4968.bin
2012-10-29 00:01:47	356186	----a-w-	c:\programdata\1351468907.4780.bin
2012-10-28 23:57:30	459	----a-w-	c:\programdata\1351468609.5968.bin
2012-10-28 23:57:30	459	----a-w-	c:\programdata\1351468609.5964.bin
2012-10-28 23:57:26	343456	----a-w-	c:\windows\system32\drivers\trufos.sys
2012-10-28 23:57:25	739	----a-w-	c:\programdata\1351468609.5848.bin
2012-10-28 23:57:25	739	----a-w-	c:\programdata\1351468609.5844.bin
2012-10-28 23:57:25	2933	----a-w-	c:\programdata\1351468609.5836.bin
2012-10-28 23:57:25	2524	----a-w-	c:\programdata\1351468609.5840.bin
2012-10-28 23:57:13	3042	----a-w-	c:\programdata\1351468609.5668.bin
2012-10-28 23:56:53	462	----a-w-	c:\programdata\1351468609.5580.bin
2012-10-28 23:56:53	2441	----a-w-	c:\programdata\1351468609.5584.bin
2012-10-28 23:56:49	99775	----a-w-	c:\programdata\1351468609.5324.bin
2012-10-28 23:48:00	24952	------w-	c:\windows\system32\drivers\gidv2.sys
2012-10-28 23:46:12	--------	d-----w-	c:\programdata\GID
2012-10-28 23:43:52	--------	d-----w-	c:\program files\SFT
2012-10-28 23:14:09	--------	d-----w-	c:\users\s\appdata\local\Zemana
2012-10-28 23:13:45	--------	dc-h--w-	c:\programdata\{3744C835-04E2-43E9-8DAC-98096D37EFD2}
2012-10-28 23:13:41	--------	d-----w-	c:\program files\AntiLogger
2012-10-28 23:10:32	--------	d-----w-	c:\program files\DataGuard
2012-10-28 22:46:58	--------	d-----w-	c:\programdata\Licenses
2012-10-28 22:45:22	--------	d-----w-	c:\program files\SpyShelter Personal Free
2012-10-28 16:45:17	--------	d-----w-	c:\users\s\appdata\roaming\Pavtube
2012-10-28 16:43:17	--------	d-----w-	c:\users\s\appdata\local\{A56BEA01-CBC5-4292-8B9E-7DFF96A65B65}
2012-10-21 23:00:50	--------	d-----w-	C:\MAGICDVDCOPY_TEMP
2012-10-21 23:00:47	--------	d-----w-	c:\programdata\MagicSoftware
2012-10-21 22:58:18	--------	d-----w-	c:\users\s\appdata\local\MagicSoftware
2012-10-21 22:58:13	--------	d-----w-	c:\program files\MagicDVDCopier
2012-10-21 00:20:49	--------	d-----w-	c:\users\s\appdata\local\{4CD1C4FE-97FA-49DA-AB55-E4FFD70FC666}
2012-10-19 21:17:09	--------	d-----w-	c:\users\s\appdata\local\ChessBase
2012-10-19 21:17:09	--------	d-----w-	c:\program files\ChessBase
2012-10-18 11:22:10	--------	d-----w-	c:\users\s\appdata\local\{EB4B410F-8EC8-431F-ADA2-5629FBBF51F3}
2012-10-17 20:37:51	--------	d-----w-	c:\program files\ATI Technologies
2012-10-17 20:37:48	--------	d-----w-	c:\program files\ATI
2012-10-13 19:44:06	--------	d-----w-	c:\program files\common files\xing shared
2012-10-13 17:54:05	--------	d-----w-	c:\program files\Attractel
2012-10-13 15:47:46	--------	d-----w-	c:\users\s\appdata\roaming\WinAVI
2012-10-13 15:47:46	--------	d-----w-	c:\users\s\appdata\local\WinAVI
2012-10-13 15:46:18	--------	d-----w-	c:\program files\WinAVI
2012-10-13 15:06:00	--------	d-----w-	c:\users\s\appdata\local\{2A0A168D-75F0-4E15-9E44-29119BAD6953}
2012-10-10 18:22:51	--------	d-----w-	c:\users\s\SafeLan
2012-10-09 23:14:48	--------	d-----w-	c:\users\s\appdata\roaming\CE-Infosys
2012-10-09 22:44:30	--------	d-----w-	C:\log data
2012-10-09 22:29:43	--------	d-----w-	C:\SafeHouse
2012-10-09 22:29:43	--------	d-----w-	c:\program files\SafeHouse Explorer
2012-10-09 11:36:29	--------	d-----w-	c:\users\s\appdata\local\SlimWare Utilities Inc
2012-10-09 11:22:34	--------	d-----w-	c:\program files\SlimComputer
2012-10-09 11:17:21	--------	d-----w-	c:\programdata\Innovative Solutions
2012-10-09 11:16:56	--------	d-----w-	c:\users\s\appdata\local\Innovative Solutions
2012-10-09 11:16:50	--------	d-----w-	c:\program files\common files\Innovative Solutions
2012-10-09 11:16:42	42496	----a-w-	c:\windows\system32\AdvUninstCPL.cpl
2012-10-09 11:16:37	--------	d-----w-	c:\program files\Innovative Solutions
2012-10-09 10:48:36	--------	d-----w-	c:\users\s\appdata\roaming\IObit
.
==================== Find3M  ====================
.
2012-10-30 12:26:08	821736	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-10-30 12:26:08	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-10-29 22:59:01	37376	----a-w-	c:\windows\system32\themeservice.dll
2012-10-29 22:58:58	2755072	----a-w-	c:\windows\system32\themeui.dll
2012-10-29 22:58:49	249856	----a-w-	c:\windows\system32\uxtheme.dll
2012-10-11 18:25:04	73656	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-11 18:25:04	696760	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-08-30 17:12:02	3968880	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:12:02	3914096	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-08-24 06:59:17	1800704	----a-w-	c:\windows\system32\jscript9.dll
2012-08-24 06:51:27	1129472	----a-w-	c:\windows\system32\wininet.dll
2012-08-24 06:51:02	2726912	----a-w-	c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26	142848	----a-w-	c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12	420864	----a-w-	c:\windows\system32\vbscript.dll
2012-08-24 06:43:58	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-08-20 17:40:31	169984	----a-w-	c:\windows\system32\winsrv.dll
2012-08-20 17:40:01	293376	----a-w-	c:\windows\system32\KernelBase.dll
2012-08-20 17:37:58	271360	----a-w-	c:\windows\system32\conhost.exe
2012-08-20 15:33:28	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28	3584	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-10 23:56:14	542208	----a-w-	c:\windows\system32\kerberos.dll
.
============= FINISH: 16:41:00.99 ===============