My computer was severely infected by System Security and everything I did to fix it eventually led to a computer that would not work so I just reloaded Windows XP Professional. I have sense ran Malwarebytes, Superantispyware (both in safe mode and regular), AVG8.5 (both in safe mode and regular), Windows Defender. The first time I ran Malwarebytes after reloading Windows XP I got the following infection warnings (continued comments after log):
Malwarebytes' Anti-Malware 1.39
Database version: 2431
Windows 5.1.2600 Service Pack 2
7/14/2009 5:39:40 PM
mbam-log-2009-07-14 (17-39-40).txt
Scan type: Quick Scan
Objects scanned: 85872
Time elapsed: 2 minute(s), 38 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\TypeLib\{4d25f920-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4d25f923-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4d25f921-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4d25f921-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4d25f921-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4d25f924-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\MyWaySA (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWaySA\SrchAsDe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\MyWaySA\SrchAsDe\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
So this made me a bit paranoid that I didn't get rid of the virus when I reloaded Windows XP, even though the other scans showed nothing wrong. Now when anything is acting strange I get worried that I missed some sort of backdoor Trojan and someone is stealing data off my computer. So this is why I am asking for your help. Can you tell me if everything is ok now with my computer? Your help is greatly appreciated. Thank you. Here's the DDS data:
DDS (Ver_09-06-26.01) - NTFSx86
Run by Robert at 16:39:58.48 on Thu 07/16/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1451 [GMT -4:00]
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Documents and Settings\Robert\My Documents\Downloads\dds.scr
============== Pseudo HJT Report ===============
uStart Page = msn.com
uDefault_Page_URL = hxxp://www.dell4me.com/mywaybiz
uSearch Bar = hxxp://bfc.myway.com/search/de_srchlft.html
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: H - No File
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [<NO NAME>]
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1247611821350
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: IntelWireless - c:\program files\intel\wireless\bin\LgNotify.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~4\MpShHook.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\robert\applic~1\mozilla\firefox\profiles\njyfd6al.default\
FF - prefs.js: browser.startup.homepage - msn.com
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\robert\application data\mozilla\firefox\profiles\njyfd6al.default\extensions\moveplayer@movenetworks.com\platform\winnt_x86-msvc\plugins\npmnqmp071303000006.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
============= SERVICES / DRIVERS ===============
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-7-14 327688]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-7-14 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-7-14 108552]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-6-23 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-6-23 72944]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-7-14 906520]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-7-14 298776]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-6-23 7408]
=============== Created Last 30 ================
2009-07-16 16:10 <DIR> --d----- c:\docume~1\robert\applic~1\ZipGenius
2009-07-16 16:09 <DIR> --d----- c:\program files\ZipGenius 6
2009-07-15 18:00 <DIR> --d----- c:\windows\system32\NtmsData
2009-07-15 16:03 268,648 a------- c:\windows\system32\mucltui.dll
2009-07-15 16:03 27,496 a------- c:\windows\system32\mucltui.dll.mui
2009-07-15 04:04 1,089,593 -------- c:\windows\system32\dllcache\ntprint.cat
2009-07-15 03:30 <DIR> --d----- c:\program files\Foxit Software
2009-07-15 03:30 <DIR> --d----- c:\docume~1\robert\applic~1\Foxit
2009-07-15 00:13 26,368 a------- c:\windows\system32\dllcache\usbstor.sys
2009-07-14 23:54 <DIR> --d----- c:\program files\NinjaTrader 6.5
2009-07-14 23:40 <DIR> --d----- C:\f8bde89d7e9081d084
2009-07-14 23:40 <DIR> --d----- c:\windows\SxsCaPendDel
2009-07-14 23:32 <DIR> --d----- c:\windows\system32\XPSViewer
2009-07-14 23:31 14,048 -------- c:\windows\system32\spmsg2.dll
2009-07-14 22:20 <DIR> --d----- c:\windows\system32\appmgmt
2009-07-14 20:57 6,066,176 -------- c:\windows\system32\dllcache\ieframe.dll
2009-07-14 20:57 991,232 -------- c:\windows\system32\dllcache\ieframe.dll.mui
2009-07-14 20:57 459,264 -------- c:\windows\system32\dllcache\msfeeds.dll
2009-07-14 20:57 268,288 -------- c:\windows\system32\dllcache\iertutil.dll
2009-07-14 20:57 52,224 -------- c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-14 20:57 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-07-14 20:57 2,455,488 -------- c:\windows\system32\dllcache\ieapfltr.dat
2009-07-14 20:57 383,488 -------- c:\windows\system32\dllcache\ieapfltr.dll
2009-07-14 20:57 63,488 -------- c:\windows\system32\dllcache\icardie.dll
2009-07-14 20:29 <DIR> --d----- c:\program files\MSXML 4.0
2009-07-14 20:12 272,128 -------- c:\windows\system32\dllcache\bthport.sys
2009-07-14 20:10 203,136 -------- c:\windows\system32\dllcache\rmcast.sys
2009-07-14 20:10 455,296 -------- c:\windows\system32\dllcache\mrxsmb.sys
2009-07-14 20:10 333,952 -------- c:\windows\system32\dllcache\srv.sys
2009-07-14 20:10 331,776 -------- c:\windows\system32\dllcache\msadce.dll
2009-07-14 20:10 691,712 -------- c:\windows\system32\dllcache\inetcomm.dll
2009-07-14 20:09 247,326 -------- c:\windows\system32\dllcache\strmdll.dll
2009-07-14 20:09 337,408 -------- c:\windows\system32\dllcache\netapi32.dll
2009-07-14 20:09 1,106,944 -------- c:\windows\system32\dllcache\msxml3.dll
2009-07-14 20:08 1,203,922 -------- c:\windows\system32\dllcache\sysmain.sdb
2009-07-14 20:08 2,560 -------- c:\windows\system32\xpsp4res.dll
2009-07-14 20:08 215,552 -------- c:\windows\system32\dllcache\wordpad.exe
2009-07-14 19:44 <DIR> --d----- c:\windows\system32\scripting
2009-07-14 19:44 <DIR> --d----- c:\windows\l2schemas
2009-07-14 19:44 <DIR> --d----- c:\windows\system32\en
2009-07-14 19:43 <DIR> --d----- c:\windows\system32\bits
2009-07-14 19:36 <DIR> --d----- c:\windows\ServicePackFiles
2009-07-14 19:31 <DIR> --d----- c:\windows\network diagnostic
2009-07-14 19:13 1,041,536 -------- c:\windows\system32\drivers\hsfdpsp2.sys
2009-07-14 19:13 685,056 -------- c:\windows\system32\drivers\hsfcxts2.sys
2009-07-14 19:13 220,032 -------- c:\windows\system32\drivers\hsfbs2s2.sys
2009-07-14 19:13 129,045 -------- c:\windows\system32\drivers\cxthsfs2.cty
2009-07-14 18:58 8,192 a------- c:\windows\REGLOCS.OLD
2009-07-14 18:55 26,488 a------- c:\windows\system32\spupdsvc.exe
2009-07-14 18:55 <DIR> --d----- c:\windows\system32\PreInstall
2009-07-14 18:49 <DIR> --dsh--- c:\documents and settings\robert\UserData
2009-07-14 18:48 12,160 a------- c:\windows\system32\drivers\mouhid.sys
2009-07-14 18:48 12,160 a------- c:\windows\system32\dllcache\mouhid.sys
2009-07-14 18:48 10,368 a------- c:\windows\system32\drivers\hidusb.sys
2009-07-14 17:57 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-07-14 17:57 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-07-14 17:57 327,688 a------- c:\windows\system32\drivers\avgldx86.sys
2009-07-14 17:57 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-07-14 17:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar
2009-07-14 17:56 <DIR> --d----- c:\program files\AVG
2009-07-14 17:56 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-07-14 17:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-07-14 17:49 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-07-14 17:49 <DIR> --d----- c:\docume~1\robert\applic~1\SUPERAntiSpyware.com
2009-07-14 17:49 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-07-14 17:47 <DIR> --d----- c:\program files\Trend Micro
2009-07-14 17:34 <DIR> --d----- c:\docume~1\robert\applic~1\Malwarebytes
2009-07-14 17:34 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-14 17:34 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-07-14 17:34 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-07-14 17:34 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-07-14 17:17 410,984 a------- c:\windows\system32\deploytk.dll
2009-07-14 17:17 73,728 a------- c:\windows\system32\javacpl.cpl
2009-07-14 17:07 <DIR> --d----- c:\docume~1\robert\applic~1\McAfee.com Personal Firewall
2009-07-14 17:06 <DIR> --d----- c:\windows\system32\LogFiles
2009-07-14 17:05 <DIR> --d----- c:\docume~1\robert\applic~1\Intel
2009-07-14 17:05 <DIR> --d----- c:\documents and settings\Robert
2009-07-14 17:01 <DIR> --d----- c:\windows\system32\SoftwareDistribution
==================== Find3M ====================
2009-07-14 19:52 88,375 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-06-16 10:36 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 10:36 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-16 10:36 119,808 -------- c:\windows\system32\dllcache\t2embed.dll
2009-06-16 10:36 81,920 -------- c:\windows\system32\dllcache\fontsub.dll
2009-06-15 16:10 98,304 a------- c:\windows\system32\NtDirect.dll
2009-06-03 15:09 1,291,264 a------- c:\windows\system32\quartz.dll
2009-06-03 15:09 1,291,264 -------- c:\windows\system32\dllcache\quartz.dll
2009-05-07 11:32 345,600 a------- c:\windows\system32\localspl.dll
2009-05-07 11:32 345,600 -------- c:\windows\system32\dllcache\localspl.dll
2009-04-29 00:56 827,392 a------- c:\windows\system32\wininet.dll
2009-04-29 00:56 827,392 -------- c:\windows\system32\dllcache\wininet.dll
2009-04-29 00:56 233,472 -------- c:\windows\system32\dllcache\webcheck.dll
2009-04-29 00:56 1,159,680 -------- c:\windows\system32\dllcache\urlmon.dll
2009-04-29 00:56 671,232 -------- c:\windows\system32\dllcache\mstime.dll
2009-04-29 00:56 105,984 -------- c:\windows\system32\dllcache\url.dll
2009-04-29 00:56 102,912 -------- c:\windows\system32\dllcache\occache.dll
2009-04-29 00:56 44,544 -------- c:\windows\system32\dllcache\pngfilt.dll
2009-04-29 00:56 3,596,288 -------- c:\windows\system32\dllcache\mshtml.dll
2009-04-29 00:56 477,696 -------- c:\windows\system32\dllcache\mshtmled.dll
2009-04-29 00:56 193,024 -------- c:\windows\system32\dllcache\msrating.dll
2009-04-29 00:55 27,648 -------- c:\windows\system32\dllcache\jsproxy.dll
2009-04-29 00:55 44,544 -------- c:\windows\system32\dllcache\iernonce.dll
2009-04-29 00:55 78,336 a------- c:\windows\system32\ieencode.dll
2009-04-29 00:55 385,024 -------- c:\windows\system32\dllcache\iedkcs32.dll
2009-04-29 00:55 230,400 -------- c:\windows\system32\dllcache\ieaksie.dll
2009-04-29 00:55 214,528 -------- c:\windows\system32\dllcache\dxtrans.dll
2009-04-29 00:55 153,088 -------- c:\windows\system32\dllcache\ieakeng.dll
2009-04-29 00:55 133,120 -------- c:\windows\system32\dllcache\extmgr.dll
2009-04-29 00:55 78,336 -------- c:\windows\system32\dllcache\ieencode.dll
2009-04-29 00:55 347,136 -------- c:\windows\system32\dllcache\dxtmsft.dll
2009-04-29 00:55 124,928 -------- c:\windows\system32\dllcache\advpack.dll
2009-04-29 00:46 1,499,136 -------- c:\windows\system32\dllcache\shdocvw.dll
2009-04-28 05:05 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-04-25 01:27 636,088 -------- c:\windows\system32\dllcache\iexplore.exe
2009-04-25 01:26 161,792 -------- c:\windows\system32\dllcache\ieakui.dll
============= FINISH: 16:40:09.36 ===============