Untitled


DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by Ammar at 18:01:37.11 on Wed 02/23/2011
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.1.1033.18.3895.1856 [GMT 4:00]

AV: F-Secure Internet Security 2011 10.51 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: F-Secure Internet Security 2011 10.51 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: F-Secure Internet Security 2011 10.51 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe
C:\Windows\UnsignedThemesSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\F-Secure\Common\FSHDLL32.EXE
C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
C:\Windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
C:\Program Files (x86)\F-Secure\Common\FSHDLL64.EXE
C:\Windows\SysWOW64\vmnat.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files (x86)\F-Secure\Anti-Virus\fssm32.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\F-Secure\Anti-Virus\fsav32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Users\Ammar\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\F-Secure\Common\FSM32.EXE
C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Windows\SysWOW64\DannyHost.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files (x86)\LiveZilla\LiveZilla.exe
C:\Users\Ammar\AppData\Roaming\Sys32Disp.exe.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\Ammar\AppData\Roaming\local.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\F-Secure\Spam Control\fsscoepl_x64.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Windows\SysWOW64\mdm.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Ammar\Desktop\dds.scr
C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = my.daemon-search.com
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [PSwitch] C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe
uRun: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
uRun: [local] C:\Users\Ammar\AppData\Roaming\local\local.exe
uRun: [svchost] C:\Users\Ammar\AppData\Roaming\local.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\Common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [DannyHost] "C:\Windows\SysWOW64\DannyHost.exe"
mRun: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
mRun: [LiveZilla] "C:\Program Files (x86)\LiveZilla\LiveZilla.exe" -minimize
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\Ammar\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\Ammar\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Ammar\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Ammar\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL
LSP: C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
BHO-X64:     URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
mRun-x64: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
mRun-x64: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
mRun-x64: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

================= FIREFOX ===================

FF - ProfilePath - C:\Users\Ammar\AppData\Roaming\Mozilla\Firefox\Profiles\v0h36a0u.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ncr
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Users\Ammar\AppData\Roaming\Mozilla\Firefox\Profiles\v0h36a0u.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-8-17 55280]
R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys [2011-1-17 61960]
R1 FSES;F-Secure Email Scanning Driver;C:\Windows\System32\drivers\fses.sys [2011-1-17 46664]
R1 FSFW;F-Secure Firewall Driver;C:\Windows\System32\drivers\fsdfw.sys [2011-1-17 95784]
R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [2011-1-17 15016]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe [2010-8-18 89600]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS;C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe [2011-1-17 221864]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-17 13336]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-1-12 341312]
R2 nlsX86cc;NLS Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2011-1-12 68928]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-8-17 673088]
R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-1-17 2228008]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2009-11-2 13784]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-8-17 2320920]
R2 UnsignedThemes;Unsigned Themes;C:\Windows\UnsignedThemesSvc.exe [2009-7-13 24168]
R2 uxpatch;uxpatch;C:\Windows\System32\drivers\uxpatch.sys [2009-7-13 30568]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2009-10-22 563760]
R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\System32\drivers\bcmvwl64.sys [2010-8-18 20984]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2010-8-17 35104]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-8-17 172704]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [2011-1-17 194728]
R3 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe [2011-1-17 63992]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-8-18 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-8-18 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-8-18 271872]
R3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2009-12-1 38992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 51456888]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-8-18 325152]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-20 1255736]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\System32\drivers\WSDPrint.sys [2009-7-14 23040]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-11 389120]
S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files (x86)\F-Secure\Anti-Virus\win2k\fsfilter.sys [2011-1-17 41896]
S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files (x86)\F-Secure\Anti-Virus\win2k\fsrec.sys [2011-1-17 27304]

=============== Created Last 30 ================

2011-02-23 13:53:13 --------    d-----w-    C:\Users\Ammar\AppData\Roaming\Malwarebytes
2011-02-23 13:53:09 38224   ----a-w-    C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-23 13:53:09 --------    d-----w-    C:\PROGRA~3\Malwarebytes
2011-02-23 13:53:06 24152   ----a-w-    C:\Windows\System32\drivers\mbam.sys
2011-02-23 13:53:06 --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-02-23 12:15:44 6144    ----a-w-    C:\Users\Ammar\AppData\Roaming\local.exe
2011-02-22 14:06:15 7844688 ----a-w-    C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{ED647170-7F08-4730-8E9B-947376E037DF}\mpengine.dll
2011-02-21 13:20:53 --------    d-----w-    C:\Users\Ammar\AppData\Local\Temporary Projects
2011-02-19 15:46:36 842 ----a-w-    C:\Users\Ammar\AppData\Roaming\net.bat
2011-02-19 15:46:36 513 ----a-w-    C:\Users\Ammar\AppData\Roaming\net.vbs
2011-02-19 15:30:01 --------    d-----w-    C:\Users\Ammar\AppData\Roaming\Screaming Bee
2011-02-19 15:27:46 --------    d-----w-    C:\Program Files (x86)\Screaming Bee
2011-02-19 15:17:48 --------    d-----w-    C:\Users\Ammar\AppData\Roaming\GetRightToGo
2011-02-19 10:00:19 91855   ----a-w-    C:\Users\Ammar\AppData\Roaming\Sys32Disp.exe.exe
2011-02-17 12:46:23 --------    d-sh--w-    C:\Users\Ammar\AppData\Roaming\local
2011-02-16 13:31:24 --------    d-----w-    C:\Program Files (x86)\YouTube Downloader
2011-02-15 22:43:32 --------    d-----w-    C:\Users\Ammar\AppData\Roaming\HF Assitant
2011-02-12 18:15:23 469256  ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\d00e93501cbcae02d\InstallManager_WLE_WLE.exe
2011-02-12 18:15:10 15712   ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\c8bb02a91cbcae022\MeshBetaRemover.exe
2011-02-12 18:14:57 94040   ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\c157ba581cbcae01a\DSETUP.dll
2011-02-12 18:14:57 94040   ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\c0b891d31cbcae019\DSETUP.dll
2011-02-12 18:14:57 525656  ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\c157ba581cbcae01a\DXSETUP.exe
2011-02-12 18:14:57 525656  ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\c0b891d31cbcae019\DXSETUP.exe
2011-02-12 18:14:57 1691480 ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\c157ba581cbcae01a\dsetup32.dll
2011-02-12 18:14:57 1691480 ----a-w-    C:\Program Files (x86)\Common Files\Windows Live\.cache\c0b891d31cbcae019\dsetup32.dll
2011-02-12 18:14:22 --------    d-----w-    C:\Users\Ammar\AppData\Local\Windows Live
2011-02-12 16:23:52 --------    d-----w-    C:\PROGRA~3\{58062EC9-E900-4E93-ABCA-6751BAB23C03}
2011-02-12 16:23:51 --------    d-----w-    C:\Program Files (x86)\LiveZilla
2011-02-11 08:27:46 --------    d-----w-    C:\Users\Ammar\New Folder
2011-02-11 06:26:29 --------    d-----w-    C:\Users\Ammar\AppData\Roaming\Trillian
2011-02-09 05:46:59 265088  ----a-w-    C:\Windows\System32\drivers\dxgmms1.sys
2011-02-07 18:10:34 --------    d-----w-    C:\Users\Ammar\.jagex_cache_32
2011-02-06 15:25:57 --------    d-----r-    C:\Users\Ammar\Dropbox
2011-02-06 15:21:19 --------    d-----w-    C:\Users\Ammar\AppData\Roaming\Dropbox
2011-02-06 15:01:54 --------    d-----w-    C:\PROGRA~3\Messenger Plus!
2011-02-06 15:01:46 --------    d-----w-    C:\Program Files (x86)\Messenger Plus! Live
2011-02-05 11:48:53 --------    d-----w-    C:\Users\Ammar\AppData\Roaming\InfraRecorder
2011-02-05 11:48:37 --------    d-----w-    C:\Program Files (x86)\InfraRecorder
2011-02-03 11:28:49 28992   ----a-w-    C:\Windows\System32\nitrolocalmon.dll
2011-02-03 11:28:49 17216   ----a-w-    C:\Windows\System32\nitrolocalui.dll
2011-02-03 11:28:46 --------    d-----w-    C:\Program Files\Common Files\Nitro PDF
2011-02-03 11:28:46 --------    d-----w-    C:\Program Files (x86)\Nitro PDF
2011-02-03 11:28:46 --------    d-----w-    C:\Program Files (x86)\Common Files\Nitro PDF
2011-02-03 11:27:47 --------    d-----w-    C:\Users\Ammar\AppData\Roaming\Downloaded Installations
2011-02-01 13:36:22 112832  ----a-w-    C:\PROGRA~3\Microsoft\VCExpress\10.0\1033\ResourceCache.dll
2011-02-01 13:35:12 --------    d-----w-    C:\Program Files (x86)\Common Files\Merge Modules
2011-01-31 17:20:51 --------    d-sh--w-    C:\Users\Ammar\wc
2011-01-31 17:20:46 --------    d-sh--w-    C:\Users\Ammar\AppData\Roaming\wyUpdate AU
2011-01-31 17:20:46 --------    d-----w-    C:\Users\Ammar\AppData\Roaming\Cyberduck
2011-01-31 17:19:51 --------    d-----w-    C:\Program Files (x86)\Cyberduck
2011-01-28 18:47:54 --------    d-----w-    C:\Users\Ammar\AppData\Local\Research In Motion
2011-01-28 18:47:52 --------    d-----w-    C:\Users\Ammar\AppData\Roaming\Research In Motion
2011-01-28 18:47:36 31744   ----a-w-    C:\Windows\System32\drivers\RimSerial_AMD64.sys
2011-01-28 18:47:08 --------    d-----w-    C:\PROGRA~3\Research In Motion
2011-01-28 18:47:02 --------    d-----w-    C:\Program Files (x86)\Research In Motion
2011-01-28 18:47:02 --------    d-----w-    C:\Program Files (x86)\Common Files\Research In Motion
2011-01-28 14:27:42 --------    d-----w-    C:\Program Files (x86)\Common Files\Blizzard Entertainment
2011-01-28 14:27:24 --------    d-----w-    C:\PROGRA~3\Blizzard Entertainment
2011-01-27 14:02:31 --------    d-----w-    C:\RSPS-Heaven
2011-01-26 14:17:28 80944   ----a-w-    C:\Windows\System32\drivers\vmci.sys
2011-01-26 14:17:22 68144   ----a-w-    C:\Windows\System32\drivers\vmx86.sys
2011-01-26 14:17:03 55344   ----a-w-    C:\Windows\System32\vnetinst.dll
2011-01-26 14:17:03 20016   ----a-w-    C:\Windows\System32\drivers\vmnetadapter.sys
2011-01-26 14:16:59 334384  ----a-w-    C:\Windows\SysWow64\vmnetdhcp.exe
2011-01-26 14:16:55 395824  ----a-w-    C:\Windows\SysWow64\vmnat.exe
2011-01-26 14:16:55 30256   ----a-w-    C:\Windows\System32\drivers\vmnetuserif.sys
2011-01-26 14:16:54 56880   ----a-r-    C:\Windows\System32\vmnetbridge.dll
2011-01-26 14:16:54 45104   ----a-r-    C:\Windows\System32\drivers\vmnetbridge.sys
2011-01-26 14:16:54 24112   ----a-r-    C:\Windows\System32\drivers\vmnet.sys
2011-01-26 14:16:52 958000  ----a-w-    C:\Windows\System32\vnetlib64.dll
2011-01-26 14:16:06 29744   ----a-w-    C:\Windows\System32\drivers\VMkbd.sys
2011-01-26 14:16:05 38960   ----a-w-    C:\Windows\System32\drivers\hcmon.sys
2011-01-26 14:15:19 --------    d-----w-    C:\Program Files (x86)\Common Files\VMware
2011-01-26 14:14:18 --------    d-----w-    C:\Program Files (x86)\VMware

==================== Find3M  ====================

2011-01-26 06:53:10 982912  ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2011-01-26 06:31:20 144384  ----a-w-    C:\Windows\System32\cdd.dll
2011-01-19 17:13:37 521448  ----a-w-    C:\Windows\System32\deployJava1.dll
2011-01-17 14:37:21 46664   ----a-w-    C:\Windows\System32\drivers\fses.sys
2011-01-17 14:37:15 95784   ----a-w-    C:\Windows\System32\drivers\fsdfw.sys
2011-01-17 14:36:47 574632  ----a-w-    C:\Windows\SysWow64\msvcp50.dll
2011-01-12 10:40:30 68928   ----a-w-    C:\Windows\SysWow64\NLSSRV32.EXE
2011-01-07 08:06:50 46080   ----a-w-    C:\Windows\System32\atmlib.dll
2011-01-07 07:27:11 34304   ----a-w-    C:\Windows\SysWow64\atmlib.dll
2011-01-07 05:49:20 366080  ----a-w-    C:\Windows\System32\atmfd.dll
2011-01-07 05:33:11 294400  ----a-w-    C:\Windows\SysWow64\atmfd.dll
2011-01-05 06:20:30 612352  ----a-w-    C:\Windows\System32\vbscript.dll
2011-01-05 05:37:33 428032  ----a-w-    C:\Windows\SysWow64\vbscript.dll
2011-01-05 04:00:16 3127808 ----a-w-    C:\Windows\System32\win32k.sys
2010-12-21 06:16:27 97280   ----a-w-    C:\Windows\System32\wscsvc.dll
2010-12-21 06:16:27 62976   ----a-w-    C:\Windows\System32\wscapi.dll
2010-12-21 06:16:16 214016  ----a-w-    C:\Windows\System32\winsrv.dll
2010-12-21 06:16:14 442880  ----a-w-    C:\Windows\System32\winhttp.dll
2010-12-21 06:16:14 1197056 ----a-w-    C:\Windows\System32\wininet.dll
2010-12-21 06:16:09 258048  ----a-w-    C:\Windows\System32\WebClnt.dll
2010-12-21 06:15:55 264192  ----a-w-    C:\Windows\System32\upnp.dll
2010-12-21 06:15:31 15360   ----a-w-    C:\Windows\System32\slwga.dll
2010-12-21 06:13:03 2003968 ----a-w-    C:\Windows\System32\msxml6.dll
2010-12-21 06:13:03 1880576 ----a-w-    C:\Windows\System32\msxml3.dll
2010-12-21 06:10:22 100864  ----a-w-    C:\Windows\System32\davclnt.dll
2010-12-21 05:38:24 51200   ----a-w-    C:\Windows\SysWow64\wscapi.dll
2010-12-21 05:38:22 981504  ----a-w-    C:\Windows\SysWow64\wininet.dll
2010-12-21 05:38:22 350720  ----a-w-    C:\Windows\SysWow64\winhttp.dll
2010-12-21 05:38:21 204800  ----a-w-    C:\Windows\SysWow64\WebClnt.dll
2010-12-21 05:38:19 204288  ----a-w-    C:\Windows\SysWow64\upnp.dll
2010-12-21 05:38:16 14336   ----a-w-    C:\Windows\SysWow64\slwga.dll
2010-12-21 05:36:17 1389568 ----a-w-    C:\Windows\SysWow64\msxml6.dll
2010-12-21 05:36:16 1236992 ----a-w-    C:\Windows\SysWow64\msxml3.dll
2010-12-21 05:34:12 80384   ----a-w-    C:\Windows\SysWow64\davclnt.dll
2010-12-18 06:11:41 57856   ----a-w-    C:\Windows\System32\licmgr10.dll
2010-12-18 06:11:34 714752  ----a-w-    C:\Windows\System32\kerberos.dll
2010-12-18 05:29:40 44544   ----a-w-    C:\Windows\SysWow64\licmgr10.dll
2010-12-18 05:29:31 541184  ----a-w-    C:\Windows\SysWow64\kerberos.dll
2010-12-18 04:55:03 482816  ----a-w-    C:\Windows\System32\html.iec
2010-12-18 04:20:55 386048  ----a-w-    C:\Windows\SysWow64\html.iec
2010-12-18 04:13:40 1638912 ----a-w-    C:\Windows\System32\mshtml.tlb
2010-12-18 03:47:59 1638912 ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2010-12-01 04:42:14 30720   ----a-w-    C:\Windows\System32\drivers\tap0901.sys

============= FINISH: 18:02:08.24 ===============