Hi There are three computer in the house only this one has the problem. I remember sometime ago there was an infection with windows 7 antivirus rogue. MSE caught and said it removed it. Have not noticed problem until yesterday. Another computer was reporting security updates so I made sure this computer was updated as whell and to suprise I find the update service not working along with firewall and security center. I went to look for them in services thinking they were just disabled. They not there either they are missing. So I am now here request any help. I tried to run DDS as requested black screen flashes and then closes do not know what is closeing it. Instructions to post anyway and letting you know that. MSE is still currently installed I have ran full scan using that it finds nothing says everything is ok but it is not. Thank you for any assistance that you may provide.
First Let Me thank Tashi.
When i first posted I was unable to run dds I am now able to so I am posting that log and attaching file
Thank you again
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Janay at 18:08:03 on 2012-03-26
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3836.2595 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\Dwm.exe
C:\windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil11g_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wuauclt.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\eGames\Blast Thru\Game\bt.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [<NO NAME>]
dRun: [dplaysvr] C:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{76318720-F662-4DBD-AFE3-7BD6443EE48E} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{76318720-F662-4DBD-AFE3-7BD6443EE48E}\2375942554030333 : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{76318720-F662-4DBD-AFE3-7BD6443EE48E}\2494747425544444 : DhcpNameServer = 192.168.2.1 192.168.1.1
TCP: Interfaces\{76318720-F662-4DBD-AFE3-7BD6443EE48E}\46C696E6B6 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{76318720-F662-4DBD-AFE3-7BD6443EE48E}\C6962627162797 : DhcpNameServer = 207.235.53.226
TCP: Interfaces\{BE0A0165-B507-4CE2-9650-5595A475578F} : DhcpNameServer = 192.168.1.254
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-X64: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
BHO-X64: StartNow Toolbar Helper - No File
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll
BHO-X64: Yontoo Layers - No File
TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
mRun-x64: [(Default)]
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\system32\DRIVERS\dtsoftbus01.sys --> C:\windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2010-6-25 126392]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys --> C:\windows\system32\DRIVERS\TVALZFL.sys [?]
R3 amdkmdag;amdkmdag;C:\windows\system32\DRIVERS\atipmdag.sys --> C:\windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\windows\system32\DRIVERS\atikmpag.sys --> C:\windows\system32\DRIVERS\atikmpag.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?]
S3 hitmanpro35;Hitman Pro 3.5 Support Driver;\??\C:\windows\system32\drivers\hitmanpro36.sys --> C:\windows\system32\drivers\hitmanpro36.sys [?]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\windows\system32\DRIVERS\MpNWMon.sys --> C:\windows\system32\DRIVERS\MpNWMon.sys [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\system32\drivers\rdpvideominiport.sys --> C:\windows\system32\drivers\rdpvideominiport.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
S4 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe --> C:\windows\system32\atiesrxx.exe [?]
S4 gupdate;Google Update Service (gupdate);"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [?]
S4 gupdatem;Google Update Service (gupdatem);"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc --> C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [?]
S4 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-9-11 517632]
S4 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [2010-6-25 103792]
S4 taisregispinger;taisregispinger;C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe [2010-3-24 297344]
S4 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-6-25 51512]
S4 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928]
S4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S4 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
.
=============== Created Last 30 ================
.
2012-03-26 21:22:01 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1964FBF6-F1D7-4079-AE58-95EC2DF28E2C}\offreg.dll
2012-03-26 20:41:15 -------- d-sh--w- C:\windows\BitLockerDiscoveryVolumeContents
2012-03-26 20:41:15 -------- d-----w- C:\windows\RemotePackages
2012-03-26 20:32:56 -------- d-----w- C:\Program Files (x86)\uTorrent
2012-03-26 20:32:31 -------- d-----w- C:\Users\Janay\AppData\Roaming\uTorrent
2012-03-26 19:18:25 283200 ----a-w- C:\windows\System32\drivers\dtsoftbus01.sys
2012-03-26 19:18:15 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Lite
2012-03-26 19:17:57 -------- d-----w- C:\Users\Janay\AppData\Roaming\DAEMON Tools Lite
2012-03-26 19:17:55 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2012-03-26 17:07:31 8669240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1964FBF6-F1D7-4079-AE58-95EC2DF28E2C}\mpengine.dll
2012-03-26 01:19:38 53248 ----a-r- C:\Users\Janay\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-03-26 01:06:27 -------- d-----w- C:\Users\Janay\AppData\Roaming\Logishrd
2012-03-24 20:26:26 8669240 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-03-24 15:06:30 82960 ----a-w- C:\windows\SysWow64\Picclp32.ocx
2012-03-24 15:06:30 164112 ----a-w- C:\windows\SysWow64\temp.005
2012-03-24 15:06:29 614672 ----a-w- C:\windows\SysWow64\temp.004
2012-03-24 15:06:28 1384448 ----a-w- C:\windows\SysWow64\temp.003
2012-03-24 15:06:27 22288 ----a-w- C:\windows\SysWow64\temp.002
2012-03-24 15:06:27 16896 ----a-w- C:\windows\SysWow64\temp.000
2012-03-24 15:06:27 143632 ----a-w- C:\windows\SysWow64\temp.001
2012-03-24 15:06:27 140288 ----a-w- C:\windows\SysWow64\Comdlg32.ocx
2012-03-24 15:06:26 101888 ----a-w- C:\windows\SysWow64\Vb6stkit.dll
2012-03-24 15:06:17 70088 ----a-w- C:\windows\SysWow64\Project2-1.ocx
2012-03-24 15:06:17 -------- d-----w- C:\Program Files (x86)\eGames
2012-03-23 21:15:17 77312 ----a-w- C:\windows\System32\rdpwsx.dll
2012-03-23 21:15:17 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll
2012-03-23 21:15:16 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe
2012-03-23 20:27:15 5559152 ----a-w- C:\windows\System32\ntoskrnl.exe
2012-03-23 20:27:14 3968368 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2012-03-23 20:27:13 3913584 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2012-03-23 19:56:21 -------- d-----w- C:\windows\System32\SPReview
2012-03-23 19:56:06 3145728 ----a-w- C:\windows\System32\win32k.sys
2012-03-23 19:55:30 -------- d-----w- C:\windows\System32\EventProviders
2012-03-23 19:55:21 1077248 ----a-w- C:\windows\SysWow64\DWrite.dll
2012-03-23 19:55:19 1544192 ----a-w- C:\windows\System32\DWrite.dll
2012-03-23 19:54:37 826880 ----a-w- C:\windows\SysWow64\rdpcore.dll
2012-03-23 19:54:36 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys
2012-03-23 19:54:36 210944 ----a-w- C:\windows\System32\drivers\rdpwd.sys
2012-03-23 19:54:35 1031680 ----a-w- C:\windows\System32\rdpcore.dll
2012-03-23 19:54:34 20992 ----a-w- C:\windows\System32\drivers\rdpvideominiport.sys
2012-03-23 19:54:34 162816 ----a-w- C:\windows\System32\rdpudd.dll
2012-03-23 19:54:34 1112064 ----a-w- C:\windows\System32\rdpcorets.dll
2012-03-23 19:54:05 -------- d-----w- C:\Users\Janay\AppData\Local\Microsoft Help
2012-03-23 19:51:39 -------- d-sh--w- C:\found.000
2012-03-23 19:47:03 23152 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-03-23 19:27:57 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3C2CA40A-EAAC-4394-9D94-063995AA52BD}\gapaengine.dll
2012-03-23 19:25:40 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2012-03-23 18:41:44 27424 ----a-w- C:\windows\System32\drivers\hitmanpro36.sys
2012-03-23 18:40:40 414368 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-23 18:35:36 509952 ----a-w- C:\windows\System32\ntshrui.dll
2012-03-23 18:35:36 442880 ----a-w- C:\windows\SysWow64\ntshrui.dll
2012-03-23 18:34:36 515584 ----a-w- C:\windows\System32\timedate.cpl
2012-03-23 18:34:35 478720 ----a-w- C:\windows\SysWow64\timedate.cpl
2012-03-23 18:34:34 498688 ----a-w- C:\windows\System32\drivers\afd.sys
2012-03-23 18:31:26 -------- d-----w- C:\ProgramData\HitmanPro
2012-03-23 18:31:03 690688 ----a-w- C:\windows\SysWow64\msvcrt.dll
2012-03-23 18:31:03 634880 ----a-w- C:\windows\System32\msvcrt.dll
2012-03-23 18:28:52 0 --sha-w- C:\windows\System32\dds_trash_log.cmd
2012-03-23 18:28:46 -------- d-----w- C:\ProgramData\Hitman Pro
2012-03-23 18:26:42 -------- d-----w- C:\TDSSKiller_Quarantine
2012-03-23 18:25:38 287304 ----a-w- C:\windows\System32\drivers\TrufosAlt.sys
2012-03-23 18:22:30 -------- d-----w- C:\89616d12b36e2ccbda46
2012-03-23 18:15:53 20480 ----a-w- C:\windows\svchost.exe
2012-03-23 15:12:04 -------- d-----w- C:\Users\Janay\AppData\Roaming\Malwarebytes
2012-03-23 15:11:22 -------- d-----w- C:\ProgramData\Malwarebytes
2012-03-23 15:11:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-03-23 14:23:11 -------- d-----w- C:\Program Files\Microsoft Security Client
.
==================== Find3M ====================
.
2012-03-23 20:42:57 175616 ----a-w- C:\windows\System32\msclmd.dll
2012-03-23 20:42:57 152576 ----a-w- C:\windows\SysWow64\msclmd.dll
2012-01-27 05:52:58 279656 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 18:08:22.45 ===============