DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by SuperUser at 16:14:39 on 2013-08-02 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2039.289 [GMT -7:00] . AV: AVG Internet Security 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} FW: AVG Internet Security 2013 *Enabled* . ============== Running Processes ================ . C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\MyPC Backup\BackupStack.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\IB Updater\ExtensionUpdaterService.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\ALCMTR.EXE C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\PROGRA~1\MYFUNC~2\bar\1.bin\5mbrmon.exe C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe C:\Program Files\AVG SafeGuard toolbar\vprot.exe C:\Program Files\Free Download Manager\fdm.exe C:\Program Files\Driver Tool\Driver Tool\DriverTool.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe C:\Documents and Settings\SuperUser\My Documents\Downloads\adwcleaner.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uWindow Title = Internet Explorer, optimized for Bing and MSN uURLSearchHooks: : {f4c28532-b9d0-4950-a2df-e83f9929242b} - c:\program files\myfuncards_5m\bar\1.bin\5mSrcAs.dll uURLSearchHooks: InternetHelper1.5 Toolbar: {1930e38a-deef-4cf4-9bfb-9c4ea3689a9d} - c:\program files\internethelper1.5\prxtbInt0.dll BHO: Safe Saver: {11111111-1111-1111-1111-110311321154} - BHO: InternetHelper1.5 Toolbar: {1930e38a-deef-4cf4-9bfb-9c4ea3689a9d} - c:\program files\internethelper1.5\prxtbInt0.dll BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll BHO: IB Updater: {336D0C35-8A85-403a-B9D2-65C292C39087} - c:\program files\ib updater\Extension32.dll BHO: Incredibar.com Helper Object: {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - c:\program files\incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - BHO: Search Assistant BHO: {c4b22c87-45ef-4f43-89f2-40db2078864e} - c:\program files\myfuncards_5m\bar\1.bin\5mSrcAs.dll BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - c:\program files\free download manager\iefdm2.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - BHO: Toolbar BHO: {da71fd14-5f7b-46ae-b8b1-44074a38f331} - c:\program files\myfuncards_5m\bar\1.bin\5mbar.dll BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - TB: InternetHelper1.5 Toolbar: {1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D} - c:\program files\internethelper1.5\prxtbInt0.dll TB: MyFunCards: {210F1B36-3B7F-41A4-B5DA-3EB87F5A56C2} - c:\program files\myfuncards_5m\bar\1.bin\5mbar.dll TB: MyFunCards: {210f1b36-3b7f-41a4-b5da-3eb87f5a56c2} - c:\program files\myfuncards_5m\bar\1.bin\5mbar.dll TB: InternetHelper1.5 Toolbar: {1930e38a-deef-4cf4-9bfb-9c4ea3689a9d} - c:\program files\internethelper1.5\prxtbInt0.dll TB: Incredibar Toolbar: {F9639E4A-801B-4843-AEE3-03D9DA199E77} - c:\program files\incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - uRun: [Facebook Update] "c:\documents and settings\superuser\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver uRun: [Free Download Manager] "c:\program files\free download manager\fdm.exe" -autorun uRun: [Driver Tool] c:\program files\driver tool\driver tool\DriverTool.exe /applicationMode:systemTray /showWelcome:false uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [SoundMan] SOUNDMAN.EXE mRun: [AlcWzrd] ALCWZRD.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [MyFunCards Search Scope Monitor] "c:\progra~1\myfunc~2\bar\1.bin\5msrchmn.exe" /m=2 /w /h mRun: [MyFunCards_5m Browser Plugin Loader] c:\progra~1\myfunc~2\bar\1.bin\5mbrmon.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [Anti-phishing Domain Advisor] "c:\documents and settings\all users\application data\anti-phishing domain advisor\visicom_antiphishing.exe" mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe" mRun: [Coupon Alert Search Scope Monitor] "c:\progra~1\coupon~2\bar\1.bin\2psrchmn.exe" /m=2 /w /h dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t StartupFolder: c:\docume~1\superu~1\startm~1\programs\startup\mypcba~1.lnk - c:\program files\mypc backup\MyPC Backup.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: &Search - http://tbedits.myfuncards.com/one-toolbaredits/menusearch.jhtml?s=207560036&p=ZUxdm458YYus&si=CP3FwLfF_q8CFQ5rhwodgBPSSg&a=98DA856D-7C4F-4974-8F0A-5F2FECC621ED&n=2013072206&cv=1 IE: Download all with Free Download Manager - c:\program files\free download manager\dlall.htm IE: Download selected with Free Download Manager - c:\program files\free download manager\dlselected.htm IE: Download video with Free Download Manager - c:\program files\free download manager\dlfvideo.htm IE: Download with Free Download Manager - c:\program files\free download manager\dllink.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1330296050937 DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: NameServer = 68.105.28.12 68.105.29.12 68.105.28.11 TCP: Interfaces\{B6A8200B-3E04-4D35-9BD1-659082C3C3C3} : DHCPNameServer = 68.105.28.12 68.105.29.12 68.105.28.11 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.4.0\ViProtocol.dll Notify: igfxcui - igfxdev.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\superuser\application data\mozilla\firefox\profiles\qoxpyhtf.default-1375402388921\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://mysearch.avg.com/?cid={9AFEEC1B-9AB8-4F9C-8C9F-8201E8CCC8FD}&mid=741f111a24c747d3acd3d1589e300f4a-e9c96cc6f7aa219ee07b87199a7d6de3bd0067fc&lang=en&ds=AVG&pr=pr&d=2013-08-02 07:38:49&v=15.4.0.5&pid=safeguard&sg=0&sap=hp FF - prefs.js: keyword.enabled - false FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll FF - plugin: c:\documents and settings\superuser\local settings\application data\facebook\video\skype\npFacebookVideoCalling.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\15.4.0\npsitesafety.dll FF - plugin: c:\program files\couponalert_2p\bar\1.bin\NP2pStub.dll FF - plugin: c:\program files\myfuncards_5m\bar\1.bin\NP5mStub.dll FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll FF - ExtSQL: 2013-08-02 07:00; 2pffxtbr@CouponAlert_2p.com; c:\documents and settings\superuser\application data\mozilla\firefox\profiles\qoxpyhtf.default-1375402388921\extensions\2pffxtbr@CouponAlert_2p.com FF - ExtSQL: 2013-08-02 07:38; avg@toolbar; c:\documents and settings\all users\application data\avg safeguard toolbar\firefoxext\15.4.0.5 FF - ExtSQL: !HIDDEN! 2013-08-02 07:09; 2pffxtbr@CouponAlert_2p.com; c:\program files\couponalert_2p\bar\1.bin . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-11-15 94048] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552] R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 211560] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-7-22 37664] R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2013-8-1 101112] R2 avgfws;AVG Firewall;c:\program files\avg\avg2013\avgfws.exe [2012-12-10 1342024] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-15 5814904] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664] R2 BackupStack;Computer Backup (MyPC Backup);c:\program files\mypc backup\BackupStack.exe [2013-7-1 32808] R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-7-20 249648] R2 IB Updater;IB Updater;c:\program files\ib updater\ExtensionUpdaterService.exe [2012-11-4 188760] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-22 418376] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-2-26 701512] R2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\norton pc checkup 3.0\SymcPCCULaunchSvc.exe [2013-8-2 132056] R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-4-16 39056] R2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.4.0\ToolbarUpdater.exe [2013-7-29 1616048] R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [2012-3-23 1714176] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-2-26 22856] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 CouponAlert_2pService;Coupon AlertService;c:\progra~1\coupon~2\bar\1.bin\2pbarsvc.exe [2013-8-2 42504] S2 MyFunCards_5mService;MyFunCardsService;c:\progra~1\myfunc~2\bar\1.bin\5mbarsvc.exe [2012-5-13 42528] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2012-1-12 30944] S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-8-1 195320] S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2013-08-02 15:07:51 7143960 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{756afdfd-fef2-424e-9552-d90b65f4edc0}\mpengine.dll 2013-08-02 14:38:44 -------- d-----w- c:\program files\AVG SafeGuard toolbar 2013-08-02 14:34:07 -------- d-----w- c:\documents and settings\superuser\application data\CouponAlert_2p 2013-08-02 14:03:45 -------- d-----w- c:\program files\CouponAlert_2p 2013-08-02 13:15:57 -------- d-----w- c:\program files\Norton PC Checkup 3.0 2013-08-02 01:04:02 42864 ----a-w- c:\windows\system32\sbbd.exe 2013-08-02 01:04:02 101112 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2013-08-02 01:02:10 -------- d-----w- C:\VIPRERESCUE 2013-08-01 23:27:52 -------- d-----w- c:\windows\system32\NtmsData 2013-08-01 13:19:07 -------- d-----w- c:\program files\common files\Windows Live 2013-08-01 13:03:45 7143960 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-08-01 12:52:53 -------- d-----w- c:\windows\system32\MRT 2013-08-01 11:33:52 -------- d-----w- c:\documents and settings\superuser\application data\Systweak 2013-08-01 11:33:42 18776 ----a-w- c:\windows\system32\roboot.exe 2013-07-31 20:03:06 -------- d-----w- c:\documents and settings\all users\application data\Norton 2013-07-31 18:16:52 -------- d-----w- c:\program files\Safe Saver 2013-07-31 16:06:31 -------- d-----w- c:\documents and settings\all users\application data\UAB 2013-07-31 16:06:05 -------- d-----w- c:\documents and settings\superuser\local settings\application data\PC_Drivers_Headquarters 2013-07-31 16:04:41 -------- d-----w- c:\documents and settings\all users\application data\Driver Tool 2013-07-31 16:03:58 -------- d-----w- c:\documents and settings\superuser\application data\PCCUStubInstaller 2013-07-31 15:52:19 -------- d-----w- c:\program files\Driver Tool 2013-07-30 18:40:44 -------- d-----w- c:\windows\pss 2013-07-30 03:17:34 -------- d-----w- c:\program files\JustCloud 2013-07-30 02:04:25 -------- d-----w- c:\documents and settings\superuser\application data\RealNetworks 2013-07-30 01:56:22 -------- d-----w- c:\program files\RealNetworks 2013-07-30 01:55:58 -------- d-----w- c:\documents and settings\all users\application data\RealNetworks 2013-07-30 01:53:27 -------- d-----w- c:\program files\common files\xing shared 2013-07-30 00:59:29 -------- d-----w- c:\documents and settings\superuser\local settings\application data\Google 2013-07-30 00:46:54 -------- d-----w- c:\documents and settings\superuser\application data\Immunet 2013-07-29 23:20:51 -------- d-----w- c:\documents and settings\superuser\SyncFolder 2013-07-29 23:14:50 -------- d-----w- c:\program files\MyPC Backup 2013-07-29 15:47:52 -------- d-----w- c:\windows\system32\cache 2013-07-28 00:04:47 -------- d-----w- c:\program files\HP Photo Creations 2013-07-28 00:04:46 -------- d-----w- c:\documents and settings\all users\application data\Visan 2013-07-28 00:04:46 -------- d-----w- c:\documents and settings\all users\application data\HP Photo Creations 2013-07-26 12:09:38 -------- d-----w- c:\program files\Enigma Software Group 2013-07-26 12:07:49 -------- d-----w- c:\windows\027B5748C40941FE949B7B81A8304EF4.TMP 2013-07-26 12:07:41 -------- d-----w- c:\program files\common files\Wise Installation Wizard 2013-07-25 12:21:41 -------- d-----w- c:\documents and settings\superuser\application data\SpeedyPC Software 2013-07-25 12:20:32 -------- d-----w- c:\documents and settings\all users\application data\SpeedyPC Software 2013-07-25 11:11:22 -------- d-----w- c:\program files\ParetoLogic 2013-07-23 14:09:27 -------- d-----w- c:\program files\MSXML 4.0 2013-07-23 01:19:40 -------- d-----w- c:\documents and settings\superuser\application data\AVG 2013-07-22 12:19:11 -------- d-----w- c:\documents and settings\superuser\application data\DriverCure 2013-07-22 12:19:09 -------- d-----w- c:\documents and settings\superuser\application data\ParetoLogic 2013-07-22 12:18:38 -------- d-----w- c:\documents and settings\all users\application data\ParetoLogic 2013-07-22 11:06:20 -------- d-----w- c:\documents and settings\superuser\application data\AVG2013 2013-07-22 11:03:50 -------- d-----w- c:\documents and settings\superuser\local settings\application data\AVG SafeGuard toolbar 2013-07-22 11:03:37 -------- d-----w- c:\documents and settings\superuser\application data\TuneUp Software 2013-07-22 11:03:22 -------- d-----w- c:\documents and settings\superuser\application data\AVG SafeGuard toolbar 2013-07-22 11:03:15 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2013-07-22 11:03:08 -------- d-----w- c:\documents and settings\all users\application data\AVG SafeGuard toolbar 2013-07-22 11:03:07 -------- d-----w- c:\program files\common files\AVG Secure Search 2013-07-22 11:00:31 -------- d--h--w- C:\$AVG 2013-07-22 11:00:31 -------- d-----w- c:\documents and settings\all users\application data\AVG2013 2013-07-22 10:58:49 -------- d-----w- c:\program files\AVG 2013-07-22 10:54:47 -------- d--h--w- c:\documents and settings\all users\application data\Common Files 2013-07-22 10:54:46 -------- d-----w- c:\documents and settings\superuser\local settings\application data\MFAData 2013-07-22 10:54:46 -------- d-----w- c:\documents and settings\superuser\local settings\application data\Avg2013 2013-07-22 10:54:46 -------- d-----w- c:\documents and settings\all users\application data\MFAData 2013-07-22 10:33:47 -------- d-----w- c:\documents and settings\superuser\application data\PriceGong 2013-07-22 10:33:31 -------- d-----w- c:\documents and settings\superuser\application data\Incredibar.com 2013-07-22 10:17:50 -------- d-----w- c:\documents and settings\all users\application data\Free Download Manager 2013-07-22 06:05:58 -------- d-----w- c:\program files\Ascentive 2013-07-22 02:25:32 -------- d-----w- c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-07-22 02:24:30 -------- d-----w- c:\program files\Bonjour . ==================== Find3M ==================== . 2013-08-02 12:06:05 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-08-02 12:06:05 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-07-24 23:25:48 73728 ----a-w- c:\windows\ALCFDRTM.VER 2013-06-19 04:50:08 211560 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2013-06-08 06:55:44 385024 ------w- c:\windows\system32\html.iec 2013-06-07 21:56:06 920064 ----a-w- c:\windows\system32\wininet.dll 2013-06-07 21:56:06 43520 ------w- c:\windows\system32\licmgr10.dll 2013-06-07 21:56:05 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-06-04 07:23:02 562688 ----a-w- c:\windows\system32\qedit.dll 2013-06-04 01:40:45 1876736 ----a-w- c:\windows\system32\win32k.sys 2013-05-29 08:25:42 82432 ----a-w- c:\windows\system32\msxml4r.dll 2013-05-29 08:25:42 44544 ----a-w- c:\windows\system32\msxml4a.dll . ============= FINISH: 16:17:43.09 ===============