here are the logs
•Malwarebytes Anti-Malware log
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5831
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
21/02/2011 18:34:59
mbam-log-2011-02-21 (18-34-59).txt
Scan type: Quick scan
Objects scanned: 139111
Time elapsed: 9 minute(s), 39 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
•GMER log
GMER 1.0.15.15530 -
http://www.gmer.net
Rootkit quick scan 2011-02-21 18:45:29
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 TOSHIBA_ rev.GJ00
Running: oniw8wk7.exe; Driver: C:\Users\ZOE-CA~1\AppData\Local\Temp\ugldypow.sys
---- Devices - GMER 1.0.15 ----
Device ShlDrv51.sys (PandaShield driver/Panda Security, S.L.)
Device Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Ip mdvrmng.sys
AttachedDevice \Driver\tdx \Device\Tcp mdvrmng.sys
AttachedDevice \Driver\tdx \Device\Udp mdvrmng.sys
---- EOF - GMER 1.0.15 ----
Attach Log
==== Hosts File Hijack ======================
Hosts: 74.125.45.100 safebrowsing-cache.google.com
Hosts: 74.125.45.100 urs.microsoft.com
Hosts: 74.125.45.100
www.securesoftwarebill.com
Hosts: 74.125.45.100 secure-plus-payments.com
Hosts: 74.125.45.100
www.secure-plus-payments.com
Hosts: 74.125.45.100 secure.paysecuresystem.com
Hosts: 74.125.45.100 paysoftbillsolution.com
Hosts: 74.125.45.100 protected.maxisoftwaremart.com
Hosts: 98.142.243.60
www.google.com
Hosts: 98.142.243.60 google.com
Hosts: 98.142.243.60 google.com.au
Hosts: 98.142.243.60
www.google.com.au
Hosts: 98.142.243.60 google.be
Hosts: 98.142.243.60
www.google.be
Hosts: 98.142.243.60 google.com.br
Hosts: 98.142.243.60
www.google.com.br
Hosts: 98.142.243.60 google.ca
Hosts: 98.142.243.60
www.google.ca
Hosts: 98.142.243.60 google.ch
Hosts: 98.142.243.60
www.google.ch
Hosts: 98.142.243.60 google.de
Hosts: 98.142.243.60
www.google.de
Hosts: 98.142.243.60 google.dk
Hosts: 98.142.243.60
www.google.dk
Hosts: 98.142.243.60 google.fr
Hosts: 98.142.243.60
www.google.fr
Hosts: 98.142.243.60 google.ie
Hosts: 98.142.243.60
www.google.ie
Hosts: 98.142.243.60 google.it
Hosts: 98.142.243.60
www.google.it
Hosts: 98.142.243.60 google.co.jp
Hosts: 98.142.243.60
www.google.co.jp
Hosts: 98.142.243.60 google.nl
Hosts: 98.142.243.60
www.google.nl
Hosts: 98.142.243.60 google.no
Hosts: 98.142.243.60
www.google.no
Hosts: 98.142.243.60 google.co.nz
Hosts: 98.142.243.60
www.google.co.nz
Hosts: 98.142.243.60 google.pl
Hosts: 98.142.243.60
www.google.pl
Hosts: 98.142.243.60
www.google.co.uk
Hosts: 98.142.243.60 google.co.za
Hosts: 98.142.243.60
www.google.co.za
Hosts: 98.142.243.60
www.google-analytics.com
Hosts: 98.142.243.60
www.bing.com
Hosts: 98.142.243.60 search.yahoo.com
Hosts: 98.142.243.60
www.search.yahoo.com
Hosts: 98.142.243.60 uk.search.yahoo.com
Hosts: 98.142.243.60 ca.search.yahoo.com
Hosts: 98.142.243.60 de.search.yahoo.com
Hosts: 98.142.243.60 fr.search.yahoo.com
Hosts: 98.142.243.60 au.search.yahoo.com
Hosts: 98.142.243.60
www.youtube.com
==== Installed Programs ======================
3Connect
Acer Crystal Eye webcam Ver:1.1.184.610
Acer ePower Management
Acer eRecovery Management
Acer GameZone Console
Acer Registration
Acer ScreenSaver
Acer Updater
Acer VCM
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 9.1 MUI
Amazonia
AndroidInstaller
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Bonjour
Cake Mania
CCleaner
Chicken Invaders 2
Dairy Dash
Dream Day First Home
eBay Worldwide
ENE USB Card Reader Driver
eSobi v2
ETDWare PS/2-x86 7.0.6.3_WHQL
Farm Frenzy 2
Galapago
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Granny In Paradise
Heroes of Hellas
Identity Card
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
IObit Security 360
Junk Mail filter update
Launch Manager
Malwarebytes' Anti-Malware
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox (3.6.13)
MSVCRT
MyWinLocker
MyWinLocker Suite
Norton Online Backup
Panda Antivirus Pro 2011
Panda Secure Vault 5
QuickTime
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Shredder
Spin & Win
Welcome Center
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
ZTE_1.2059.0.8
==== End Of File ===========================
DDS Log
DDS (Ver_10-12-12.02) - NTFSx86
Run by zoe-carter at 19:24:13.14 on 21/02/2011
Internet Explorer: 8.0.7600.16385
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2011\PskSvc.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2011\TPSrv.exe
C:\PROGRAM FILES\PANDA SECURITY\PANDA ANTIVIRUS PRO 2011\WebProxy.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files\Acer\Registration\GREGsvc.exe
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2011\PsCtrls.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2011\PavFnSvr.exe
C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2011\pavsrvx86.exe
C:\Program Files\Panda Security\Panda Antivirus Pro 2011\AVENGINE.EXE
C:\Program Files\Panda Security\Panda Antivirus Pro 2011\Firewall\PSHOST.EXE
C:\Program Files\Panda Security\Panda Antivirus Pro 2011\PsImSvc.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\EgisTec IPS\PmmUpdate.exe
C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Acer\Android Manager\iSync.exe
C:\Program Files\Acer\Updater\iUpdate.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe
C:\Program Files\IObit\IObit Security 360\is360tray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\WerFault.exe
C:\Users\zoe-carter\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.yahoo.com/
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0809&m=aod260&r=27b50910n155l04c4ww35w5682t979
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110220085328.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [SuiteTray] "c:\program files\egistec mywinlockersuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "c:\program files\egistec ips\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "c:\program files\egistec ips\PmmUpdate.exe"
mRun: [mwlDaemon] c:\program files\egistec mywinlocker\x86\mwlDaemon.exe
mRun: [NortonOnlineBackupReminder] "c:\program files\symantec\norton online backup\activation\NobuActivation.exe" UNATTENDED
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [LManager] c:\program files\launch manager\LManager.exe
mRun: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
mRun: [PLFSetI] c:\windows\PLFSetI.exe
mRun: [iSyncData] c:\program files\acer\android manager\iSync.exe
mRun: [AndroidManager] c:\program files\acer\android manager\AML.exe
mRun: [iPatchData] c:\program files\acer\updater\iUpdate.exe
mRun: [Acer ePower Management] c:\program files\acer\acer epower management\ePowerTray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Norton Online Backup] c:\program files\symantec\norton online backup\NOBuClient.exe
mRun: [APVXDWIN] "c:\program files\panda security\panda antivirus pro 2011\APVXDWIN.EXE" /s
mRun: [SCANINICIO] "c:\program files\panda security\panda antivirus pro 2011\Inicio.exe"
mRun: [IObit Security 360] "c:\program files\iobit\iobit security 360\IS360tray.exe" /autostart
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
uPolicies-explorer: DisallowRun = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 2 (0x2)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\acer\acer vcm\Skype4COM.dll
Notify: avldr - avldr.dll
Notify: igfxcui - igfxdev.dll
IFEO: image file execution options - svchost.exe
Hosts: 74.125.45.100 safebrowsing-cache.google.com
Hosts: 74.125.45.100 urs.microsoft.com
Hosts: 74.125.45.100
www.securesoftwarebill.com
Hosts: 74.125.45.100 secure-plus-payments.com
Hosts: 74.125.45.100
www.secure-plus-payments.com
Note: multiple HOSTS entries found. Please refer to Attach.txt
================= FIREFOX ===================
FF - ProfilePath - c:\users\zoe-ca~1\appdata\roaming\mozilla\firefox\profiles\b02ta4yw.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=panda&type=PCAFSI1143&p=
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
============= SERVICES / DRIVERS ===============
R? Avgfwfd;AVG network filter service
R? avgwd;AVG WatchDog
R? b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0
R? cfwids;McAfee Inc. cfwids
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? EUCR;EUCR
R? gupdate;Google Update Service (gupdate)
R? massfilter;ZTE Mass Storage Filter Driver
R? McShield;McShield
R? mfebopk;McAfee Inc. mfebopk
R? mferkdet;McAfee Inc. mferkdet
R? MWLService;MyWinLocker Service
R? osppsvc;Office Software Protection Platform
S? AmFSM;AmFSM
S? APPFLT;App Filter Plugin
S? AvFlt;Antivirus Filter Driver
S? BecHelperService;BecHelperService
S? cvhsvc;Client Virtualization Handler
S? DSAFLT;DSA Filter Plugin
S? DsiWMIService;Dritek WMI Service
S? ePowerSvc;Acer ePower Service
S? ETD;ELAN PS/2 Port Input Device
S? FNETMON;NetMon Filter Plugin
S? GREGService;GREGService
S? IDSFLT;Ids Filter Plugin
S? IS360service;IS360service
S? L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller
S? mfeavfk;McAfee Inc. mfeavfk
S? mfefire;McAfee Firewall Core Service
S? mfefirek;McAfee Inc. mfefirek
S? mfehidk;McAfee Inc. mfehidk
S? mfenlfk;McAfee NDIS Light Filter
S? mfevtp;McAfee Validation Trust Protection Service
S? mfewfpk;McAfee Inc. mfewfpk
S? mwlPSDFilter;mwlPSDFilter
S? mwlPSDNServ;mwlPSDNServ
S? mwlPSDVDisk;mwlPSDVDisk
S? NETFLTDI;Panda Net Driver [TDI Layer]
S? NETIMFLT01060042;PANDA NDIS IM Filter Miniport v1.6.0.42
S? NOBU;Norton Online Backup
S? Panda Software Controller;Panda Software Controller
S? pavboot;Panda boot driver
S? PAVFNSVR;Panda Function Service
S? PavProc;Panda Process Protection Driver
S? PavPrSrv;Panda Process Protection Service
S? PavSRK.sys;PavSRK.sys
S? PAVSRV;Panda On-Access Anti-Malware Service
S? PavTPK.sys;PavTPK.sys
S? PskSvcRetail;Panda PSK service
S? RS_Service;Raw Socket Service
S? Sftfs;Sftfs
S? sftlist;Application Virtualization Client
S? Sftplay;Sftplay
S? Sftredir;Sftredir
S? Sftvol;Sftvol
S? sftvsa;Application Virtualization Service Agent
S? ShldDrv;Panda File Shield Driver
S? Updater Service;Updater Service
S? vwififlt;Virtual WiFi Filter Driver
S? WNMFLT;Wifi Monitor Filter Plugin
=============== Created Last 30 ================
2011-02-21 18:23:13 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-21 18:22:55 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-21 18:22:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-21 17:26:11 -------- d-----w- c:\progra~2\Panda Software
2011-02-20 20:11:17 -------- d-----w- c:\users\zoe-ca~1\appdata\roaming\IObit
2011-02-20 20:11:08 -------- d-----w- c:\progra~2\IObit
2011-02-20 20:10:54 -------- d-----w- c:\program files\IObit
2011-02-20 16:45:56 16968 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-02-20 16:44:57 -------- d-----w- c:\progra~2\Hitman Pro
2011-02-20 13:14:28 197408 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT
2011-02-20 13:14:18 46856 ----a-w- c:\windows\system32\drivers\wnmflt.sys
2011-02-20 13:14:17 53256 ----a-w- c:\windows\system32\drivers\dsaflt.sys
2011-02-20 13:14:17 193800 ----a-w- c:\windows\system32\drivers\idsflt.sys
2011-02-20 13:13:49 22024 ----a-w- c:\windows\system32\drivers\fnetmon.sys
2011-02-20 13:13:48 76296 ----a-w- c:\windows\system32\drivers\APPFLT.SYS
2011-02-20 13:13:48 159112 ----a-w- c:\windows\system32\drivers\NETFLTDI.SYS
2011-02-20 12:50:23 -------- d-----w- c:\users\zoe-ca~1\appdata\local\Panda Security
2011-02-20 12:49:16 26696 ----a-w- c:\windows\system32\drivers\pavboot.sys
2011-02-20 12:47:27 37896 ----a-w- c:\windows\system32\drivers\ShlDrv51.sys
2011-02-20 12:47:27 163336 ----a-w- c:\windows\system32\drivers\PavProc.sys
2011-02-20 12:47:27 -------- d-----w- c:\program files\common files\Panda Security
2011-02-20 12:21:06 -------- d-----w- c:\program files\CCleaner
2011-02-20 12:01:10 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{74eaeb16-fb6e-4eeb-aaf2-15f3d9a61bee}\mpengine.dll
2011-02-20 12:01:09 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-02-20 11:36:47 -------- d-----w- c:\progra~2\Kaspersky Lab Setup Files
2011-02-20 08:53:28 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
2011-02-20 06:53:41 -------- d-----w- c:\users\zoe-ca~1\appdata\roaming\Panda Security
2011-02-20 06:50:55 -------- d-----w- c:\program files\Panda Security
2011-02-20 06:50:55 -------- d-----w- c:\progra~2\Panda Security
2011-02-19 21:37:49 -------- d-----w- c:\users\zoe-ca~1\appdata\roaming\Pointstone
2011-02-19 21:34:40 -------- d-----w- c:\program files\Pointstone
2011-02-19 21:34:40 -------- d-----w- c:\program files\common files\Pointstone
2011-02-19 21:03:37 -------- d-----w- c:\users\zoe-ca~1\appdata\roaming\Malwarebytes
2011-02-19 21:03:10 -------- d-----w- c:\progra~2\Malwarebytes
2011-02-19 20:53:05 2329088 ----a-w- c:\windows\system32\win32k.sys
2011-02-19 20:51:59 73728 ----a-w- c:\windows\system32\wscsvc.dll
2011-02-19 18:53:41 -------- d-----w- c:\program files\common files\Symantec Shared
2011-02-19 18:52:28 -------- d-----w- c:\program files\Norton Internet Security
2011-02-19 18:52:26 -------- d-----w- c:\progra~2\Norton
2011-02-19 18:49:02 -------- d-----w- c:\program files\NortonInstaller
2011-02-19 18:49:02 -------- d-----w- c:\progra~2\NortonInstaller
2011-02-11 02:47:02 541184 ----a-w- c:\windows\system32\kerberos.dll
2011-02-11 02:46:24 1236992 ----a-w- c:\windows\system32\msxml3.dll
2011-01-27 00:09:44 83249512 ----a-w- c:\program files\common files\windows live\.cache\wlc6BBF.tmp
==================== Find3M ====================
2011-01-07 07:27:11 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-07 05:33:11 294400 ----a-w- c:\windows\system32\atmfd.dll
2011-01-05 05:37:33 428032 ----a-w- c:\windows\system32\vbscript.dll
2010-12-21 05:38:24 51200 ----a-w- c:\windows\system32\wscapi.dll
2010-12-21 05:38:22 981504 ----a-w- c:\windows\system32\wininet.dll
2010-12-21 05:38:22 350720 ----a-w- c:\windows\system32\winhttp.dll
2010-12-21 05:38:21 204800 ----a-w- c:\windows\system32\WebClnt.dll
2010-12-21 05:38:19 204288 ----a-w- c:\windows\system32\upnp.dll
2010-12-21 05:38:16 14336 ----a-w- c:\windows\system32\slwga.dll
2010-12-21 05:36:17 1389568 ----a-w- c:\windows\system32\msxml6.dll
2010-12-21 05:34:12 80384 ----a-w- c:\windows\system32\davclnt.dll
2010-12-18 05:29:40 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-12-18 04:20:55 386048 ----a-w- c:\windows\system32\html.iec
2010-12-18 03:47:59 1638912 ----a-w- c:\windows\system32\mshtml.tlb
============= FINISH: 19:25:28.76 ==============