. DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26 Run by Clive at 6:36:54 on 2011-12-19 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1024.487 [GMT -8:00] . AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security *Enabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Bonjour\mDNSResponder.exe svchost.exe D:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files\Java\jre6\bin\jqs.exe D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe C:\WINDOWS\system32\nvsvc32.exe D:\Program Files\Secunia\PSI\PSIA.exe D:\Program Files\Secunia\PSI\sua.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\Program Files\Norton Internet Security\Engine\19.2.0.10\ccSvcHst.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\MXOALDR.EXE C:\Program Files\Canon\MyPrinter\BJMyPrt.exe C:\Program Files\Pure Networks\Network Magic\nmapp.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\WINDOWS\system32\ezSP_Px.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\taskmgr.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://mirostart.com/?cfg=2-365-0-QcG4 uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/keyword/%s BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\19.2.0.10\coIEPlg.dll BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\19.2.0.10\ips\IPSBHO.DLL BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - d:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll" BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\19.2.0.10\coIEPlg.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll" EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [DNS7reminder] "c:\program files\nuance\naturallyspeaking10\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\nuance\naturallyspeaking10\Ereg.ini mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [MXOBG] c:\windows\MXOALDR.EXE mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe" mRun: [ezShieldProtector for Px] c:\windows\system32\ezSP_Px.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Resource.dll/RC_Print.html IE: Send To &Bluetooth - d:\program files\belkin\bluetooth software\btsendto_ie_ctx.htm IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe Trusted Zone: intuit.com\ttlc DPF: DirectAnimation Java Classes DPF: Microsoft XML Parser for Java DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1247343244515 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1247376780203 DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} - file:///D:/Program%20Files/AutoCAD%202000i/AcDcToday.ocx DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab DPF: {C6637286-300D-11D4-AE0A-0010830243BD} - file:///D:/Program%20Files/AutoCAD%202000i/InstFred.ocx DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {F281A59C-7B65-11D3-8617-0010830243BD} - file:///D:/Program%20Files/AutoCAD%202000i/AcPreview.ocx TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{5A0FB424-A277-4000-8B36-D0B66388018B} : DhcpNameServer = 192.168.0.1 Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\clive\application data\mozilla\firefox\profiles\pfrurtul.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3074349&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3074349&SearchSource=2&q= FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\coffplgn\components\coFFPlgn.dll FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\ipsffplgn\components\IPSFFPl.dll FF - component: c:\documents and settings\clive\application data\mozilla\firefox\profiles\pfrurtul.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - component: c:\documents and settings\clive\application data\mozilla\firefox\profiles\pfrurtul.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll FF - component: c:\documents and settings\clive\application data\mozilla\firefox\profiles\pfrurtul.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}\platform\winnt_x86-msvc\components\pagespeed.dll FF - component: c:\documents and settings\clive\application data\mozilla\firefox\profiles\pfrurtul.default\extensions\dttoolbar@toolbarnet.com\components\DTToolbarFF.dll FF - component: c:\program files\nokia\nokia ovi suite\connectors\bookmarks connector\firefoxextension\components\FirefoxExtension.dll FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll FF - plugin: c:\documents and settings\clive\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.71\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll FF - plugin: c:\program files\microsoft\web platform installer\NPWPIDetector.dll . ============= SERVICES / DRIVERS =============== . R0 SMR210;Symantec SMR Utility Service 2.1.0;c:\windows\system32\drivers\SMR210.SYS [2011-12-12 83064] R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1302000.00a\symds.sys [2011-12-8 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1302000.00a\symefa.sys [2011-12-8 897656] R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\bashdefs\20111210.003\BHDrvx86.sys [2011-12-14 819320] R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1302000.00a\ccsetx86.sys [2011-12-8 132744] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1302000.00a\ironx86.sys [2011-12-8 149624] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608] R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-6-15 249648] R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-9-25 189736] R2 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-7-29 30192] R2 MBAMService;MBAMService;d:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-11-25 366152] R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.2.0.10\ccsvchst.exe [2011-12-8 138760] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704] R2 Secunia PSI Agent;Secunia PSI Agent;d:\program files\secunia\psi\psia.exe [2010-12-21 987704] R2 Secunia Update Agent;Secunia Update Agent;d:\program files\secunia\psi\sua.exe [2010-12-21 399416] R3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys [2011-9-29 28256] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-11-9 106104] R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\ipsdefs\20111216.001\IDSXpx86.sys [2011-12-17 356280] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-11-25 22216] R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\virusdefs\20111216.034\NAVENG.SYS [2011-12-17 86136] R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\virusdefs\20111216.034\NAVEX15.SYS [2011-12-17 1576312] S0 iycct;iycct;c:\windows\system32\drivers\bhcfi.sys --> c:\windows\system32\drivers\bhcfi.sys [?] S2 Apache2.2;Apache2.2;d:\xampplite\apache\bin\httpd.exe [2011-10-1 29416] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-8-22 133104] S2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?] S3 appliand;Applian Network Service;c:\windows\system32\drivers\appliand.sys [2011-9-29 28256] S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-7-7 195336] S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;d:\program files\solidworks\solidworks\swscheduler\DTSCoordinatorService.exe [2009-10-15 87336] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-8-22 133104] S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S3 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [2010-10-29 245888] S4 MsDepSvc;Web Deployment Agent Service;c:\program files\iis\microsoft web deploy\MsDepSvc.exe [2011-4-1 67400] S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\microsoft visual studio 8\common7\ide\remote debugger\x86\msvsmon.exe [2005-9-23 2799808] . =============== Created Last 30 ================ . 2011-12-18 02:41:24 2237440 ----a-r- C:\OTLPE.exe 2011-12-18 02:37:07 -------- d-----w- C:\_OTL 2011-12-15 06:00:20 -------- d-----w- c:\documents and settings\clive\application data\SUPERAntiSpyware.com 2011-12-15 05:57:33 -------- d-----w- c:\program files\SUPERAntiSpyware 2011-12-15 05:57:33 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com 2011-12-14 18:36:32 388096 ----a-r- c:\documents and settings\clive\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe 2011-12-14 18:36:30 -------- d-----w- c:\program files\Trend Micro 2011-12-14 01:21:23 709968 ----a-w- c:\windows\is-28FEL.exe 2011-12-13 02:24:36 162816 ----a-w- C:\netbt.sys 2011-12-13 00:20:59 -------- d-----w- c:\documents and settings\clive\application data\FixZeroAccess 2011-12-12 23:10:22 46640 ----a-w- c:\windows\system32\msln.exe 2011-12-12 22:55:46 384414 ----a-w- c:\windows\system32\drivers\SMR210.dat 2011-12-12 22:55:45 83064 ----a-w- c:\windows\system32\drivers\SMR210.SYS 2011-12-12 22:55:40 -------- d-----w- c:\documents and settings\clive\local settings\application data\NPE 2011-12-11 22:50:58 2801 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\symvtcer.dat 2011-12-09 03:35:10 344184 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\symtdiv.sys 2011-12-09 03:35:09 387192 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\symtdi.sys 2011-12-09 03:35:09 314488 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\symnets.sys 2011-12-09 03:35:08 897656 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\symefa.sys 2011-12-09 03:35:07 340088 ----a-r- c:\windows\system32\drivers\nis\1302000.00a\symds.sys 2011-12-09 03:35:07 31864 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\srtspx.sys 2011-12-09 03:35:06 566904 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\srtsp.sys 2011-12-09 03:35:06 149624 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\ironx86.sys 2011-12-09 03:35:05 132744 ----a-w- c:\windows\system32\drivers\nis\1302000.00a\ccsetx86.sys 2011-12-09 03:33:35 -------- d-----w- c:\windows\system32\drivers\nis\1302000.00A 2011-12-07 17:43:03 -------- d-----w- c:\program files\Appnimi 2011-11-27 22:50:45 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll 2011-11-27 22:50:44 19416 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll 2011-11-21 01:23:00 -------- d-----w- C:\SW2010_SP0.0 . ==================== Find3M ==================== . 2011-12-08 22:01:21 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL 2011-12-08 22:01:21 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys 2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll 2011-11-04 19:20:51 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-11-04 11:23:59 385024 ----a-w- c:\windows\system32\html.iec 2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll 2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-25 13:33:08 2192768 ------w- c:\windows\system32\ntoskrnl.exe 2011-10-25 12:52:03 2069376 ------w- c:\windows\system32\ntkrnlpa.exe 2011-10-24 21:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-10-24 21:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts 2011-10-18 11:13:22 186880 ----a-w- c:\windows\system32\encdec.dll 2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll 2011-09-27 16:37:04 8892928 ----a-w- c:\documents and settings\all users\application data\atscie.msi 2011-09-26 18:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 18:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-26 18:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-25 05:49:10 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . ============= FINISH: 6:38:15.35 ===============