DDS.txt
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1
Run by VanZwolC at 22:57:13 on 2012-06-26
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3539.2713 [GMT 2:00]
.
AV: Microsoft Forefront Client Security *Enabled/Outdated* {926A3D4F-E4E7-4F47-9902-4EDD55FFE1AF}
AV: Lavasoft Ad-Aware *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Lavasoft Ad-Aware *Disabled*
.
============== Running Processes ===============
.
C:\Program Files\Fingerprint Sensor\AtService.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Microsoft Forefront\Client Security\Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
svchost.exe
C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\WINDOWS\system32\spoolsv.exe
c:\drivers\audio\r190031\stacsv.exe
svchost.exe
C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Microsoft Forefront\Client Security\Client\SSA\FcsSas.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft Forefront\Client Security\Client\Microsoft Operations Manager 2005\MOMService.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Intel\WiFi\bin\WLKeeper.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BtTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe
C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Microsoft Internet Explorer provided by CEVA Logistics
uStart Page = hxxp://cevanet.logistics.corp/Pages/default.aspx
uDefault_Page_URL = hxxp://cevanet.logistics.corp/Pages/default.aspx
uInternet Settings,ProxyServer = proxy.gblogistics.co.uk:8080
uInternet Settings,ProxyOverride = hxxp://10.*;.edc.logistics.tnt;*.logistics.corp;*vpn.uk.cevalogistics.com;*.gblogistics.co.uk;*.eaglegl.com;http://13.62.*;citrixgateway.starbucks.net*;*.egl.corp;<local>[/url]
mSearchAssistant = hxxp://
www.google.co.uk/hws/sb/dell-usuk-rel/en/side.html?channel=uk
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [WavXMgr] c:\program files\wave systems corp\services manager\docmgr\bin\WavXDocMgr.exe
mRun: [SecureUpgrade] c:\program files\wave systems corp\SecureUpgrade.exe
mRun: [EmbassySecurityCheck] "c:\program files\wave systems corp\embassy security setup\EMBASSYSecurityCheck.exe"
mRun: [DellControlPoint] "c:\program files\dell\dell controlpoint\Dell.ControlPoint.exe"
mRun: [DCPstrApp] c:\program files\dell\dell controlpoint\security manager\SecurityDeviceInfoSetRegistryString.exe
mRun: [DellConnectionManager] "c:\program files\dell\dell controlpoint\connection manager\Dell.UCM.exe"
mRun: [IntelZeroConfig] "c:\program files\intel\wifi\bin\ZCfgSvc.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Microsoft Forefront Client Security Antimalware Service] "c:\program files\microsoft forefront\client security\client\antimalware\MSASCui.exe" -hide
mRun: [Ad-Aware Browsing Protection] "c:\documents and settings\all users\application data\ad-aware browsing protection\adawarebp.exe"
mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uExplorerRun: [Wave Systems Corp.] c:\documents and settings\vanzwolc\application data\838B27.exe
mPolicies-explorer: NoWelcomeScreen = 1 (0x1)
mPolicies-system: RunLogonScriptSync = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2iexp.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: btsmartnumbers1.com\www
Trusted Zone: depoelconsulting.com
Trusted Zone: imscan.co.uk\www
Trusted Zone: imscan.net\www
Trusted Zone: lsmgroup.com
Trusted Zone: masternaut.co.uk\www
Trusted Zone: skillport.com
Trusted Zone: skillport.com\eval
Trusted Zone: skillsoft.com
Trusted Zone: uklapp002
Trusted Zone: uklepo001
Trusted Zone: ukllms01
Trusted Zone: uklweb019
Trusted Zone: btsmartnumbers1.com\www
Trusted Zone: depoelconsulting.com
Trusted Zone: imscan.co.uk\www
Trusted Zone: imscan.net\www
Trusted Zone: lsmgroup.com
Trusted Zone: masternaut.co.uk\www
Trusted Zone: skillport.com
Trusted Zone: skillport.com\eval
Trusted Zone: skillsoft.com
Trusted Zone: uklapp002
Trusted Zone: uklepo001
Trusted Zone: ukllms01
Trusted Zone: uklweb019
DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {28B66320-9687-4B13-8757-36F901887AB5} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://vpn.uk.cevalogistics.com/CACHE/stc/1/binaries/vpnweb.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://
www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1227280743546
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://
www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1290280695277
DPF: {705EC6D4-B138-4079-A307-EF13E4889A82} - hxxps://vpn.uk.cevalogistics.com/CACHE/sdesktop/install/binaries/instweb.cab
DPF: {8161DA4A-CF2C-4926-8D29-C3F138FA7FA1} - hxxp://eupdwswebb204.logistics.corp:84/jde/axctls/jdewebctls.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: igfxcui - igfxdev.dll
Notify: TPSvc - TPSvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
LSA: Authentication Packages = msv1_0 wvauth
Hosts: 127.0.0.1
www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\vanzwolc\application data\mozilla\firefox\profiles\d2skqlez.default\
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\innova-engineering gmbh\3d-viewer-innoplus\npIno3DViewer.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\nos\bin\np_gp.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2012-5-30 21240]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2012-5-30 335224]
R1 sbtis;sbtis;c:\windows\system32\drivers\sbtis.sys [2012-5-30 217976]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-5-3 1226096]
R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2008-6-11 1664248]
R2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\broadcom\mgmtagent\BrcmMgmtAgent.exe [2008-7-1 110592]
R2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\dell\dell controlpoint\DCPButtonSvc.exe [2008-6-3 386328]
R2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\dell\dell controlpoint\system manager\DCPSysMgrSvc.exe [2008-8-18 455960]
R2 FCSAM;Microsoft Forefront Client Security Antimalware Service;c:\program files\microsoft forefront\client security\client\antimalware\MsMpEng.exe [2011-1-8 16896]
R2 FcsSas;Microsoft Forefront Client Security State Assessment Service;c:\program files\microsoft forefront\client security\client\ssa\FcsSas.exe [2007-4-6 73120]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-6-26 654408]
R2 MOM;MOM;c:\program files\microsoft forefront\client security\client\microsoft operations manager 2005\MOMService.exe [2005-7-21 134656]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2012-5-30 77816]
R2 SMManager;Smith Micro Connection Manager Service;c:\program files\dell\dell controlpoint\connection manager\SMManager.exe [2008-9-9 69632]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2010-5-7 92008]
R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\cisco\cisco anyconnect vpn client\vpnagent.exe [2008-5-19 370872]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2008-11-8 108160]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-11-8 110080]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-6-26 22344]
R3 mdvdrv;Connectivity Driver;c:\windows\system32\drivers\mdvdrv.sys [2009-5-9 115200]
R3 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-2-2 71296]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2012-5-30 94584]
S1 ftdvqhes;ftdvqhes;\??\c:\windows\system32\drivers\ftdvqhes.sys --> c:\windows\system32\drivers\ftdvqhes.sys [?]
S1 kxudcocj;kxudcocj;\??\c:\windows\system32\drivers\kxudcocj.sys --> c:\windows\system32\drivers\kxudcocj.sys [?]
S1 mferkdk;VSCore mferkdk;\??\c:\program files\mcafee\virusscan enterprise\mferkdk.sys --> c:\program files\mcafee\virusscan enterprise\mferkdk.sys [?]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-10-26 101112]
S2 AMService;AMService;c:\windows\system32\xotmksushimhgcdutwmuxt.exe run --> c:\windows\system32\xotmksushimhgcdutwmuxt.exe run [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-6 136176]
S2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2011-12-19 3289032]
S3 3y4n.sys;3y4n.sys;\??\c:\windows\system32\drivers\3y4n.sys --> c:\windows\system32\drivers\3y4n.sys [?]
S3 7hblk.sys;7hblk.sys;\??\c:\windows\system32\drivers\7hblk.sys --> c:\windows\system32\drivers\7hblk.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-5 253600]
S3 g7zqafssd.sys;g7zqafssd.sys;\??\c:\windows\system32\drivers\g7zqafssd.sys --> c:\windows\system32\drivers\g7zqafssd.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-4-6 136176]
S3 ipz4nzupj.sys;ipz4nzupj.sys;\??\c:\windows\system32\drivers\ipz4nzupj.sys --> c:\windows\system32\drivers\ipz4nzupj.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-6-19 113120]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [2012-5-30 94584]
S3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2012-5-30 93816]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-25 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-06-26 19:24:03 -------- d-----w- c:\documents and settings\vanzwolc\application data\Malwarebytes
2012-06-26 19:23:42 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-06-26 19:23:41 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-26 19:23:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-06-21 16:57:10 42960 ----a-w- c:\windows\system32\drivers\zhmrneja.sys
2012-06-19 07:37:27 -------- d-----w- c:\documents and settings\vanzwolc\local settings\application data\Sun
2012-06-18 23:44:08 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft forefront\client security\client\antimalware\definition updates\{ea641888-9bf1-44e0-9298-063b6fb40f00}\MpKslfe13365c.sys
2012-06-18 23:41:23 -------- d-----w- c:\program files\Oracle
2012-06-18 23:41:08 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-06-18 23:31:20 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-06-18 23:31:12 113120 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe
2012-06-18 23:31:11 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
2012-06-18 23:31:11 157608 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe
2012-06-18 23:31:10 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
2012-06-18 10:10:51 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft forefront\client security\client\antimalware\definition updates\{ea641888-9bf1-44e0-9298-063b6fb40f00}\MpKsl87181a9e.sys
2012-06-15 08:32:22 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft forefront\client security\client\antimalware\definition updates\{ea641888-9bf1-44e0-9298-063b6fb40f00}\MpKsl2c38377c.sys
2012-06-05 23:49:39 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft forefront\client security\client\antimalware\definition updates\{ea641888-9bf1-44e0-9298-063b6fb40f00}\MpKsl7ca41a22.sys
2012-06-04 15:59:29 6737808 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft forefront\client security\client\antimalware\definition updates\{ea641888-9bf1-44e0-9298-063b6fb40f00}\mpengine.dll
2012-06-04 13:02:34 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-06-04 13:02:34 3072 ------w- c:\windows\system32\iacenc.dll
2012-05-30 15:05:04 -------- d-----w- c:\documents and settings\vanzwolc\local settings\application data\adaware
2012-05-30 15:04:36 93816 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-05-30 15:04:36 77816 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2012-05-30 15:04:36 21240 ----a-w- c:\windows\system32\drivers\sbaphd.sys
2012-05-30 15:04:35 217976 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-05-30 15:04:10 94584 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-05-30 15:04:10 335224 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-05-30 15:04:01 -------- d-----w- c:\windows\system32\drivers\VDD
2012-05-30 15:03:54 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-05-30 15:01:02 -------- d-----w- c:\documents and settings\vanzwolc\local settings\application data\adawarebp
2012-05-30 15:00:56 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Browsing Protection
2012-05-30 15:00:45 -------- d-----w- c:\program files\Toolbar Cleaner
2012-05-30 15:00:23 -------- d-----w- c:\documents and settings\vanzwolc\application data\adawaretb
2012-05-30 15:00:21 -------- d-----w- c:\program files\adawaretb
2012-05-30 14:59:13 -------- d-----w- c:\documents and settings\vanzwolc\application data\Ad-Aware Antivirus
.
==================== Find3M ====================
.
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-04 17:29:50 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-05-04 17:29:16 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-05 16:57:20 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-05 16:57:20 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
============= FINISH: 23:04:56.70 ===============