Hello,
My husband's Dell Dimension E510 PC is having problems opening programs (it can take literally minutes) to opein installed programs, and you must rightclick the program name and select 'open' in the dropdown or it can't find the program at all. Also, he removed the Avira Free Antivirus toolbar and since then we are continually seeing a little popup window stating the
"avguard.exe has encountered a problem and needs to close", then the statement asking us to report the problem to Microsoft. It doesn't matter if we report it to Microsoft or choose not to, the popup window continues almost endlessly. If we walk away from the computer for a few minutes, dozens of the popup windows will build up on the screen. My husband is the main user of the machine but I also use it from time to time.
I was here a few years ago with some problems and you guys are the greatest! I remembered that I was to follow instructions and attach some logs so I have completed those steps and you will see the logs below. When I tried to verify my Java version, it said that there was no Java installed on my computer so I followed the Java website instructions to download and install Java.
Can you please help?
Thank you for reading my post,
nhchap
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 11/12/2011 at 02:34 AM
Application Version : 4.56.1000
Core Rules Database Version : 6164
Trace Rules Database Version: 3976
Scan type : Complete Scan
Total Scan Time : 02:43:07
Memory items scanned : 602
Memory threats detected : 0
Registry items scanned : 6691
Registry threats detected : 0
File items scanned : 97113
File threats detected : 37
Adware.Tracking Cookie
C:\Documents and Settings\Owner\Cookies\5DLTX3JV.txt
Adware.MyWebSearch/FunWebProducts
C:\Program Files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR
C:\Program Files\MyWebSearch\bar\1.bin\chrome
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
C:\Program Files\MyWebSearch\bar\1.bin\INSTALL.RDF
C:\Program Files\MyWebSearch\bar\1.bin
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S
C:\Program Files\MyWebSearch\bar\Avatar
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S
C:\Program Files\MyWebSearch\bar\Game
C:\Program Files\MyWebSearch\bar\IE9Mesg\COMMON.F3S
C:\Program Files\MyWebSearch\bar\IE9Mesg
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S
C:\Program Files\MyWebSearch\bar\Message
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S
C:\Program Files\MyWebSearch\bar\Notifier
C:\Program Files\MyWebSearch\bar\Overlay\COMMON.F3S
C:\Program Files\MyWebSearch\bar\Overlay
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
C:\Program Files\MyWebSearch\bar\Settings
C:\Program Files\MyWebSearch\bar
C:\Program Files\MyWebSearch
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.orgDatabase version: 8148
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
11/12/2011 2:53:12 PM
mbam-log-2011-11-12 (14-53-12).txt
Scan type: Quick scan
Objects scanned: 163776
Time elapsed: 7 minute(s), 13 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 3
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_
XMLLookup (Hijacker.XMLLookup) -> Value: bak_XMLLookup -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_
Application (Hijacker.Application) -> Value: bak_Application -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_intl
(Hijacker.intl) -> Value: bak_intl -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\XMLLookup
(Hijacker.XMLLookup) -> Bad: (
http://www.helpmeopen.com/?n=app&l=%04x&ext=%s) Good: (http://
shell.windows.com/fileassoc/fileassoc.asp?LangID=%04x&Ext=%s) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application
(Hijacker.Application) -> Bad: (
http://www.helpmeopen.com/?n=app&l=%04x&ext=%s) Good: (http://
shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\intl (Hijacker.intl) -> Bad: (http://
www.helpmeopen.com/?n=app&l=%04x&ext=%s) Good: (http://
shell.windows.com/fileassoc/fileassoc.asp?
LangID=%04x&Ext=%s) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Owner at 15:21:43 on 2011-11-12
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.517 [GMT -8:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Online Armor Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Emsisoft\Online Armor\OAcat.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Emsisoft\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Common Files\AOL\1279610749\ee\AOLSoftware.exe
C:\Program Files\Emsisoft\Online Armor\oaui.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\HP Wireless Keyboard\KMaestro.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Emsisoft\Online Armor\OAhlp.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\Verizon\VSP\ServicepointService.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Avira\AntiVir Desktop\update.exe
C:\Program Files\Avira\AntiVir Desktop\updrgui.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Avira\AntiVir Desktop\update.exe
C:\Program Files\Avira\AntiVir Desktop\update.exe
C:\Program Files\Avira\AntiVir Desktop\update.exe
C:\Program Files\Avira\AntiVir Desktop\updrgui.exe
C:\Program Files\Avira\AntiVir Desktop\update.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {22e03916-85c5-44b0-8dc9-1830c11238d9} - No File
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
BHO: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AOL Fast Start] "c:\progra~1\aol9~1.5\AOL.EXE" -b
uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart
uRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [VerizonServicepoint.exe] "c:\program files\verizon\vsp\VerizonServicepoint.exe" /AUTORUN
mRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\FirstStart.exe" /OM
mRun: [HostManager] c:\program files\common files\aol\1279610749\ee\AOLSoftware.exe
mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
mRun: [IDTSysTrayApp] sttray.exe
mRun: [@OnlineArmor GUI] "c:\program files\emsisoft\online armor\oaui.exe"
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe
mRun: [BtcMaestro] "c:\program files\hp wireless keyboard\KMaestro.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
StartupFolder: c:\documents and settings\owner\start menu\programs\startup\OneNote Table Of Contents.onetoc2
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1287802834750
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277922482697
DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - hxxp://picture.vzw.com/activex/VerizonWirelessUploadControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1 68.238.64.12
TCP: Interfaces\{5BF5000C-9C72-409E-974F-303BD1EEE834} : DhcpNameServer = 192.168.1.1 68.238.64.12
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\emsisoft\online~1\oaevent.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 nwprovau
.
============= SERVICES / DRIVERS ===============
.
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2010-11-11 236104]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2010-11-11 22600]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [2010-11-11 28232]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-10-27 86224]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-10-27 74640]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-8-15 54760]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 OAcat;Online Armor Helper Service;c:\program files\emsisoft\online armor\oacat.exe [2010-11-11 1283400]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2010-11-9 838200]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2010-11-9 319032]
R2 ServicepointService;ServicepointService;c:\program files\verizon\vsp\ServicepointService.exe [2010-10-3 689392]
R2 SvcOnlineArmor;Online Armor;c:\program files\emsisoft\online armor\oasrv.exe [2010-11-11 3364680]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S1 avgio;avgio;\??\c:\program files\avira\antivir desktop\avgio.sys --> c:\program files\avira\antivir desktop\avgio.sys [?]
S2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-10-27 110032]
S2 AviraUpgradeService;Avira Upgrade Service;"c:\windows\temp\avsetup_4ebda3fa\avupgsvc.exe" /tempstart:""c:\windows\temp\avsetup_4ebda3fa\setup.exe" /notempcleanup /crossupgrade" --> c:\windows\temp\avsetup_4ebda3fa\avupgsvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-1 136176]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-7-1 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-10 14336]
S3 SysProtDrv.sys;SysProtDrv.sys;\??\c:\documents and settings\owner\desktop\new folder\sysprot\sysprotdrv.sys --> c:\documents and settings\owner\desktop\new folder\sysprot\SysProtDrv.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-10 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-11-12 23:16:15 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-12 22:17:05 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-12 22:17:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-12 06:57:51 -------- d-----w- c:\program files\CCleaner
2011-11-05 13:47:43 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-11-05 13:47:43 -------- d-----w- c:\windows\system32\wbem\Repository
2011-11-02 04:47:38 -------- d-----w- c:\program files\common files\xing shared
2011-11-02 00:52:55 -------- d-----w- c:\program files\QuickTime(2)
2011-10-30 18:10:33 -------- d-sh--w- C:\found.000
2011-10-27 13:21:27 -------- d-----w- c:\documents and settings\owner\application data\Avira
2011-10-27 13:13:58 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-27 13:13:58 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-27 13:13:51 -------- d-----w- c:\program files\Avira
2011-10-27 12:00:59 -------- d-----w- c:\documents and settings\owner\application data\AskToolbar
2011-10-27 04:32:38 -------- d-----w- c:\documents and settings\owner\local settings\application data\AskToolbar
2011-10-27 04:25:52 -------- d-----w- c:\program files\Ask.com
2011-10-27 04:25:52 -------- d-----w- C:\Firefox
2011-10-27 04:25:26 -------- d-----w- c:\documents and settings\all users\application data\Avira
2011-10-24 21:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 21:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
==================== Find3M ====================
.
2011-11-12 23:14:51 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-14 21:21:55 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 18:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2010-07-17 05:57:36 61733800 ----a-w- c:\program files\OM220Setup.exe
.
============= FINISH: 15:26:45.07 ===============
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Owner at 15:21:43 on 2011-11-12
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.517 [GMT -8:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Online Armor Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Emsisoft\Online Armor\OAcat.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Emsisoft\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
C:\Program Files\Common Files\AOL\1279610749\ee\AOLSoftware.exe
C:\Program Files\Emsisoft\Online Armor\oaui.exe
C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\HP Wireless Keyboard\KMaestro.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Emsisoft\Online Armor\OAhlp.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\Verizon\VSP\ServicepointService.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Avira\AntiVir Desktop\update.exe
C:\Program Files\Avira\AntiVir Desktop\updrgui.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Avira\AntiVir Desktop\update.exe
C:\Program Files\Avira\AntiVir Desktop\update.exe
C:\Program Files\Avira\AntiVir Desktop\update.exe
C:\Program Files\Avira\AntiVir Desktop\updrgui.exe
C:\Program Files\Avira\AntiVir Desktop\update.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common
files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {22e03916-85c5-44b0-8dc9-1830c11238d9} - No File
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents
and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
BHO: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft
shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google
toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program
files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - c:\program files\wot\WOT.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program
files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - c:\program files\wot\WOT.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AOL Fast Start] "c:\progra~1\aol9~1.5\AOL.EXE" -b
uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart
uRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [VerizonServicepoint.exe] "c:\program files\verizon\vsp\VerizonServicepoint.exe" /AUTORUN
mRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\FirstStart.exe" /OM
mRun: [HostManager] c:\program files\common files\aol\1279610749\ee\AOLSoftware.exe
mRun: [MsmqIntCert] regsvr32 /s mqrt.dll
mRun: [IDTSysTrayApp] sttray.exe
mRun: [@OnlineArmor GUI] "c:\program files\emsisoft\online armor\oaui.exe"
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [Nikon Transfer Monitor] c:\program files\common files\nikon\monitor\NkMonitor.exe
mRun: [BtcMaestro] "c:\program files\hp wireless keyboard\KMaestro.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
StartupFolder: c:\documents and settings\owner\start menu\programs\startup\OneNote Table Of Contents.onetoc2
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security
scan\2.0.181\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop
search\WindowsSearch.exe
IE: Google Sidewiki... - c:\program files\google\google
toolbar\component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows
live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} -
c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} -
hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1287802834750
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} -
hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1277922482697
DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} - hxxp://picture.vzw.com/activex/VerizonWirelessUploadControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1 68.238.64.12
TCP: Interfaces\{5BF5000C-9C72-409E-974F-303BD1EEE834} : DhcpNameServer = 192.168.1.1 68.238.64.12
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows
desktop search\MSNLNamespaceMgr.dll
SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\progra~1\emsisoft\online~1\oaevent.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 nwprovau
.
============= SERVICES / DRIVERS ===============
.
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2010-11-11 236104]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2010-11-11 22600]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [2010-11-11 28232]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-10-27 86224]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-10-27 74640]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-8-15 54760]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 OAcat;Online Armor Helper Service;c:\program files\emsisoft\online armor\oacat.exe [2010-11-11 1283400]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2010-11-9 838200]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2010-11-9 319032]
R2 ServicepointService;ServicepointService;c:\program files\verizon\vsp\ServicepointService.exe [2010-10-3 689392]
R2 SvcOnlineArmor;Online Armor;c:\program files\emsisoft\online armor\oasrv.exe [2010-11-11 3364680]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S1 avgio;avgio;\??\c:\program files\avira\antivir desktop\avgio.sys --> c:\program files\avira\antivir desktop\avgio.sys [?]
S2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-10-27 110032]
S2 AviraUpgradeService;Avira Upgrade Service;"c:\windows\temp\avsetup_4ebda3fa\avupgsvc.exe"
/tempstart:""c:\windows\temp\avsetup_4ebda3fa\setup.exe" /notempcleanup /crossupgrade" -->
c:\windows\temp\avsetup_4ebda3fa\avupgsvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN
v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-1 136176]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-7-1 136176]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys -->
c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security
scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2004-8-10 14336]
S3 SysProtDrv.sys;SysProtDrv.sys;\??\c:\documents and settings\owner\desktop\new folder\sysprot\sysprotdrv.sys -->
c:\documents and settings\owner\desktop\new folder\sysprot\SysProtDrv.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-10 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache
4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-11-12 23:16:15 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-12 22:17:05 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-12 22:17:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-12 06:57:51 -------- d-----w- c:\program files\CCleaner
2011-11-05 13:47:43 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-11-05 13:47:43 -------- d-----w- c:\windows\system32\wbem\Repository
2011-11-02 04:47:38 -------- d-----w- c:\program files\common files\xing shared
2011-11-02 00:52:55 -------- d-----w- c:\program files\QuickTime(2)
2011-10-30 18:10:33 -------- d-sh--w- C:\found.000
2011-10-27 13:21:27 -------- d-----w- c:\documents and settings\owner\application data\Avira
2011-10-27 13:13:58 74640 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-27 13:13:58 36000 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2011-10-27 13:13:51 -------- d-----w- c:\program files\Avira
2011-10-27 12:00:59 -------- d-----w- c:\documents and settings\owner\application data\AskToolbar
2011-10-27 04:32:38 -------- d-----w- c:\documents and settings\owner\local settings\application data\AskToolbar
2011-10-27 04:25:52 -------- d-----w- c:\program files\Ask.com
2011-10-27 04:25:52 -------- d-----w- C:\Firefox
2011-10-27 04:25:26 -------- d-----w- c:\documents and settings\all users\application data\Avira
2011-10-24 21:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 21:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
.
==================== Find3M ====================
.
2011-11-12 23:14:51 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-14 21:21:55 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 18:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 18:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 18:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 23:48:54 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2010-07-17 05:57:36 61733800 ----a-w- c:\program files\OM220Setup.exe
.
============= FINISH: 15:26:45.07 ===============