Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Not sure if I'm infected or anything. Google.com redirecting

Started by Mienai , Dec 10 2009 06:33 PM

  • Please log in to reply

#1
Mienai
Posted 10 December 2009 - 06:33 PM

Mienai

    New Member

  • Member
  • Pip
  • 3 posts
As the topic states, I'm not sure if I'm infected or anything. However everytime I try to access a search engine (ie: Google.com), I get redirected to its German equivalent (in this case, google.de)

I've done the steps in the guide, with the exception of RootRepeal (I get a "FOPS - DeviceIoControl Error! Error Code=0xc0000024 Extended Info (0x000000dc)" message). I'm running Firefox 3.5.5 & the Windows 7 RC.

MBAM
Malwarebytes' Anti-Malware 1.42
Database version: 3334
Windows 6.1.7100
Internet Explorer 8.0.7100.0

12/9/2009 7:36:58 PM
mbam-log-2009-12-09 (19-36-58).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 249337
Time elapsed: 39 minute(s), 24 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by Mienai, 10 December 2009 - 06:37 PM.

  • 0

Advertisements

#2
Mienai
Posted 10 December 2009 - 06:35 PM

Mienai

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
HiJackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:10:48 PM, on 12/10/2009
Platform: Unknown Windows (WinNT 6.01.3004)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Digsby\lib\digsby-app.exe
C:\Program Files\Digsby\lib\aspell\bin\aspell.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Seesmic Desktop\Seesmic Desktop.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm
O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 4623 bytes
  • 0

#3
Mienai
Posted 10 December 2009 - 06:36 PM

Mienai

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
OTL
OTL logfile created on: 12/10/2009 5:25:37 PM - Run 1
OTL by OldTimer - Version 3.1.14.0 Folder = C:\Users\Mienai\Downloads
Ultimate Edition (Version = 6.1.7100) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7100.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 58.76% Memory free
3.98 Gb Paging File | 2.75 Gb Available in Paging File | 69.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 101.69 Gb Total Space | 66.81 Gb Free Space | 65.70% Space Free | Partition Type: NTFS
Drive D: | 8.21 Gb Total Space | 1.81 Gb Free Space | 21.98% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SYAORAN
Current User Name: Mienai
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/10 17:25:10 | 00,537,600 | ---- | M] (OldTimer Tools) -- C:\Users\Mienai\Downloads\OTL.exe
PRC - [2009/12/10 17:10:28 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
PRC - [2009/11/24 18:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 18:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 18:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 18:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 18:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/11/24 15:43:00 | 00,117,760 | ---- | M] (dotSyntax, LLC) -- C:\Program Files\Digsby\lib\digsby-app.exe
PRC - [2009/11/06 01:04:01 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/10/14 15:06:02 | 00,095,232 | ---- | M] () -- C:\Program Files\Seesmic Desktop\Seesmic Desktop.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/06/16 17:45:24 | 00,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2009/06/16 17:45:22 | 00,252,952 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2009/06/16 17:45:20 | 00,150,552 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2009/06/16 17:45:12 | 00,173,592 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2009/06/01 12:51:52 | 01,468,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe
PRC - [2009/04/23 05:29:18 | 07,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009/04/23 05:29:14 | 07,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009/04/22 00:19:35 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/04/22 00:19:02 | 02,607,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/22 00:18:52 | 00,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/03/11 15:13:08 | 00,788,332 | ---- | M] () -- C:\Program Files\Digsby\lib\aspell\bin\aspell.exe
PRC - [2007/07/10 05:28:08 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe


========== Modules (SafeList) ==========

MOD - [2009/12/10 17:25:10 | 00,537,600 | ---- | M] (OldTimer Tools) -- C:\Users\Mienai\Downloads\OTL.exe
MOD - [2009/05/13 01:15:18 | 01,679,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7100.19_none_b6a32c7c247ee542\comctl32.dll
MOD - [2009/04/22 00:22:04 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/04/22 00:21:49 | 00,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/04/22 00:21:46 | 00,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/04/22 00:21:43 | 00,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/04/22 00:21:19 | 00,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/04/22 00:20:43 | 00,280,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/04/22 00:20:19 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/04/22 00:20:14 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/04/22 00:20:07 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/04/22 00:20:00 | 00,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/11/24 18:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 18:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 18:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 18:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/07/08 16:53:41 | 00,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/04/22 00:22:25 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/04/22 00:22:12 | 00,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/04/22 00:22:10 | 00,119,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/04/22 00:22:07 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/04/22 00:22:02 | 00,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/04/22 00:21:49 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/04/22 00:21:46 | 00,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/04/22 00:21:43 | 00,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/04/22 00:21:42 | 00,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/04/22 00:21:42 | 00,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/04/22 00:21:42 | 00,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/04/22 00:21:40 | 01,004,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/04/22 00:20:52 | 00,680,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/22 00:20:40 | 00,396,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/04/22 00:20:40 | 00,396,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/04/22 00:20:30 | 00,797,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/04/22 00:20:14 | 00,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/04/22 00:20:13 | 00,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/04/22 00:19:55 | 00,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/04/22 00:19:54 | 00,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/04/22 00:19:51 | 00,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/04/22 00:19:50 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/04/22 00:19:20 | 03,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2007/07/10 05:28:08 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV - [2009/11/24 18:50:12 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009/11/24 18:50:00 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/11/24 18:49:48 | 00,053,328 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009/11/24 18:49:07 | 00,048,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009/11/24 18:48:57 | 00,023,120 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009/10/16 19:12:02 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2009/09/28 08:22:00 | 00,315,392 | ---- | M] () -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/01 06:01:27 | 00,063,640 | ---- | M] (Bazis) -- C:\Windows\System32\drivers\VirtDiskBus.sys -- (VirtDiskBus)
DRV - [2009/07/01 06:01:26 | 00,061,080 | ---- | M] (Bazis) -- C:\Windows\System32\drivers\BazisVirtualCD.sys -- (BazisVirtualCD)
DRV - [2009/06/16 17:28:22 | 04,756,992 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2009/04/22 00:24:35 | 00,422,992 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/04/22 00:24:29 | 00,297,552 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/04/22 00:24:23 | 00,453,712 | ---- | M] (Emulex) -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/04/22 00:24:21 | 00,332,368 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/04/22 00:24:21 | 00,159,312 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/04/22 00:24:21 | 00,146,512 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/04/22 00:24:20 | 00,236,112 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/04/22 00:24:19 | 00,086,608 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/04/22 00:24:17 | 00,142,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/04/22 00:24:16 | 00,133,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/04/22 00:24:14 | 00,117,328 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/04/22 00:24:14 | 00,095,824 | ---- | M] (LSI Corporation) -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/04/22 00:24:13 | 00,096,848 | ---- | M] (LSI Corporation) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/04/22 00:24:13 | 00,077,904 | ---- | M] (AMD) -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/04/22 00:24:12 | 00,089,168 | ---- | M] (LSI Corporation) -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/04/22 00:24:12 | 00,076,368 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/04/22 00:24:08 | 00,070,736 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/04/22 00:24:08 | 00,067,152 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/04/22 00:24:06 | 00,054,864 | ---- | M] (LSI Corporation) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/04/22 00:24:05 | 00,045,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/04/22 00:24:05 | 00,044,624 | ---- | M] (IBM Corporation) -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/04/22 00:24:04 | 00,042,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/04/22 00:24:04 | 00,023,120 | ---- | M] (AMD) -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/04/22 00:24:04 | 00,015,952 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/04/22 00:24:04 | 00,014,416 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/04/22 00:24:02 | 00,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/04/22 00:23:59 | 00,030,800 | ---- | M] (LSI Corporation) -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/04/22 00:23:56 | 01,383,504 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/04/22 00:23:55 | 00,175,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/04/22 00:23:55 | 00,173,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/04/22 00:23:53 | 00,013,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/04/22 00:23:52 | 00,158,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/04/22 00:23:52 | 00,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/04/22 00:23:49 | 00,105,552 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/04/22 00:23:49 | 00,077,904 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/04/22 00:23:47 | 00,040,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/04/22 00:23:45 | 00,040,016 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/04/22 00:23:44 | 00,032,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/04/22 00:23:44 | 00,028,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/04/22 00:23:43 | 00,021,072 | ---- | M] (Promise Technology) -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/04/22 00:23:43 | 00,019,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/04/22 00:23:42 | 00,016,976 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/04/22 00:23:29 | 00,369,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/04/21 23:53:34 | 00,272,128 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/04/21 23:01:13 | 00,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/04/21 23:00:12 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/04/21 22:53:30 | 00,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/04/21 22:52:25 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/04/21 22:51:14 | 00,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/04/21 22:50:28 | 00,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/04/21 22:50:20 | 00,162,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009/04/21 22:50:00 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/04/21 22:49:31 | 00,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/04/21 22:45:25 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/04/21 22:43:54 | 00,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/04/21 22:35:06 | 00,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/04/21 22:32:05 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/04/21 22:26:30 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/04/21 22:26:29 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/04/21 22:21:35 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/04/21 22:16:45 | 00,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/04/21 22:13:47 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/04/21 22:08:28 | 00,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/04/21 21:52:05 | 00,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/04/21 21:51:17 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/04/21 21:51:17 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/04/21 21:51:16 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/04/21 21:51:15 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/04/21 21:51:15 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/04/21 21:11:52 | 00,980,992 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (SrvHsfV92)
DRV - [2009/04/21 21:11:52 | 00,661,504 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (SrvHsfWinac)
DRV - [2009/04/21 21:11:52 | 00,207,360 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (SrvHsfHDA)
DRV - [2009/04/21 21:01:10 | 04,231,168 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/04/21 21:01:07 | 03,100,160 | ---- | M] (Broadcom Corporation) -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/04/21 21:01:07 | 00,430,080 | ---- | M] (Broadcom Corporation) -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/04/21 21:01:07 | 00,229,888 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/04/21 19:51:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2009/04/20 14:38:54 | 00,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2009/04/08 13:29:52 | 00,056,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\xusb21.sys -- (xusb21)
DRV - [2008/11/05 13:20:24 | 00,048,128 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/10/11 05:56:00 | 00,045,056 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/07/29 05:41:36 | 00,038,400 | ---- | M] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/08/01 06:42:32 | 00,164,864 | ---- | M] (Conexant Systems Inc.) -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/07/10 05:27:56 | 00,008,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 02:29:56 | 00,984,064 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 02:28:34 | 00,208,896 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/06/20 02:28:22 | 00,660,480 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/09/24 08:28:46 | 00,005,248 | ---- | M] (Windows ® 2000 DDK provider) -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2006/06/18 14:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2006/05/31 11:18:30 | 00,029,184 | ---- | M] (http://libusb-win32.sourceforge.net) -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0)
DRV - [1996/04/03 14:33:26 | 00,005,248 | ---- | M] () -- C:\Windows\system32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6B C0 E3 50 32 07 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.4
FF - prefs.js..extensions.enabledItems: [email protected]:0.9.8
FF - prefs.js..extensions.enabledItems: {d40f5e7b-d2cf-4856-b441-cc613eeffbe3}:1.45
FF - prefs.js..extensions.enabledItems: {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.76
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.7
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: Eraser@vikram:1.021
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a67}:0.5
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.7
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.11.2
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.2
FF - prefs.js..extensions.enabledItems: {582195F5-92E7-40a0-A127-DB71295901D7}:0.5.7.5
FF - prefs.js..extensions.enabledItems: {a95d8332-e4b4-6e7f-98ac-20b733364387}:0.4.3
FF - prefs.js..extensions.enabledItems: [email protected]:8.7.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.18
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.1
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
FF - prefs.js..extensions.enabledItems: [email protected]:3.4.6

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/06 01:04:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/26 21:41:00 | 00,000,000 | ---D | M]

[2009/07/16 00:04:11 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Extensions
[2009/12/10 03:46:16 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions
[2009/12/03 17:03:52 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2009/09/16 18:01:54 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a67}
[2009/10/21 15:56:19 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2009/11/27 23:07:10 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/11/05 16:46:30 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009/12/07 01:25:38 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2009/10/26 21:24:40 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}
[2009/11/21 01:01:33 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/08/12 23:01:41 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/11/07 00:01:52 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2009/10/28 12:43:58 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/07/16 12:21:10 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2009/12/01 00:11:56 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\[email protected]
[2009/11/03 00:34:49 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\Eraser@vikram
[2009/10/26 20:45:13 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\[email protected]
[2009/12/10 03:41:23 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\[email protected]
[2009/12/04 22:20:00 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\[email protected]
[2009/10/13 19:57:18 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\[email protected]
[2009/11/03 00:34:49 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\[email protected]
[2009/09/05 13:17:26 | 00,000,000 | ---D | M] -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\extensions\[email protected]
[2009/07/23 18:40:17 | 00,001,606 | ---- | M] () -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\searchplugins\amazondotcom.xml
[2009/07/31 00:09:31 | 00,001,606 | ---- | M] () -- C:\Users\Mienai\AppData\Roaming\Mozilla\Firefox\Profiles\szsf1rdd.default\searchplugins\ebay.xml
[2009/12/01 15:52:36 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/11/26 21:40:44 | 00,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

O1 HOSTS File: (824 bytes) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Users\Mienai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Copy to Semagic - C:\Program Files\Semagic\copy.htm ()
O8 - Extra context menu item: Semagic - C:\Program Files\Semagic\link.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/03/20 10:42:25 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 10:18:54 | 00,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{50ecdf17-c3e7-11de-b255-0016d39ebba5}\Shell - "" = AutoRun
O33 - MountPoints2\{50ecdf17-c3e7-11de-b255-0016d39ebba5}\Shell\AutoRun\command - "" = F:\FahrenheitAutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2009/12/10 17:10:27 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/12/10 02:30:19 | 00,000,000 | ---D | C] -- C:\Users\Mienai\AppData\Roaming\Mp3tag
[2009/12/08 21:43:22 | 00,000,000 | ---D | C] -- C:\Program Files\DVD Decrypter
[2009/12/04 22:19:16 | 00,000,000 | ---D | C] -- C:\Program Files\Mp3tag
[2009/12/04 22:15:58 | 00,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2009/12/01 15:52:34 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2009/12/01 15:52:34 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2009/12/01 15:52:34 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2009/12/01 07:35:49 | 00,000,000 | ---D | C] -- C:\inetpub
[2009/12/01 07:35:49 | 00,000,000 | ---D | C] -- C:\Windows\System32\BestPractices
[2009/11/30 23:20:50 | 00,000,000 | R--D | C] -- C:\Users\Mienai\Documents\My Dropbox
[2009/11/30 23:15:12 | 00,000,000 | ---D | C] -- C:\Users\Mienai\AppData\Roaming\Dropbox
[2009/11/30 00:19:10 | 00,000,000 | ---D | C] -- C:\Users\Mienai\Documents\Digsby Logs
[2009/11/30 00:14:16 | 00,000,000 | ---D | C] -- C:\Users\Mienai\AppData\Roaming\Digsby
[2009/11/30 00:14:16 | 00,000,000 | ---D | C] -- C:\Users\Mienai\AppData\Local\Digsby
[2009/11/26 21:41:00 | 00,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2009/11/26 21:41:00 | 00,000,000 | ---D | C] -- C:\Users\Mienai\AppData\Roaming\Foxit
[2009/11/24 21:27:19 | 00,000,000 | ---D | C] -- C:\Program Files\MediaMonkey
[2009/11/20 22:00:56 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2009/11/20 22:00:56 | 00,000,000 | ---D | C] -- C:\Program Files\Adobe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/10 17:27:53 | 01,310,720 | -HS- | M] () -- C:\Users\Mienai\NTUSER.DAT
[2009/12/10 17:10:28 | 00,002,043 | ---- | M] () -- C:\Users\Mienai\Desktop\HijackThis.lnk
[2009/12/10 16:55:42 | 00,016,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009/12/10 16:55:42 | 00,016,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009/12/10 16:52:54 | 05,565,772 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/12/10 16:52:54 | 00,760,620 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2009/12/10 16:52:54 | 00,735,874 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2009/12/10 16:52:54 | 00,711,654 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2009/12/10 16:52:54 | 00,673,056 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/12/10 16:52:54 | 00,434,896 | ---- | M] () -- C:\Windows\System32\perfh012.dat
[2009/12/10 16:52:54 | 00,423,664 | ---- | M] () -- C:\Windows\System32\perfh011.dat
[2009/12/10 16:52:54 | 00,421,804 | ---- | M] () -- C:\Windows\System32\prfh0404.dat
[2009/12/10 16:52:54 | 00,405,024 | ---- | M] () -- C:\Windows\System32\prfh0804.dat
[2009/12/10 16:52:54 | 00,152,940 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2009/12/10 16:52:54 | 00,151,866 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2009/12/10 16:52:54 | 00,150,054 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2009/12/10 16:52:54 | 00,122,934 | ---- | M] () -- C:\Windows\System32\perfc011.dat
[2009/12/10 16:52:54 | 00,122,934 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/12/10 16:52:54 | 00,122,528 | ---- | M] () -- C:\Windows\System32\prfc0804.dat
[2009/12/10 16:52:54 | 00,122,428 | ---- | M] () -- C:\Windows\System32\perfc012.dat
[2009/12/10 16:52:54 | 00,115,568 | ---- | M] () -- C:\Windows\System32\prfc0404.dat
[2009/12/10 16:48:35 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/12/10 16:48:30 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/12/10 16:48:22 | 16,030,35136 | -HS- | M] () -- C:\hiberfil.sys
[2009/12/10 04:33:04 | 07,667,019 | -H-- | M] () -- C:\Users\Mienai\AppData\Local\IconCache.db
[2009/12/04 19:42:35 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/12/03 16:14:06 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/03 16:13:56 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/03 13:39:23 | 00,000,688 | ---- | M] () -- C:\Users\Mienai\Desktop\Libraries - Shortcut.lnk
[2009/11/26 01:21:03 | 00,007,577 | ---- | M] () -- C:\Users\Mienai\Documents\Document.rtf
[2009/11/24 18:54:29 | 01,280,480 | ---- | M] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2009/11/24 18:50:12 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2009/11/24 18:50:00 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2009/11/24 18:49:48 | 00,053,328 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2009/11/24 18:49:07 | 00,048,560 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2009/11/24 18:48:57 | 00,023,120 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2009/11/24 18:47:28 | 00,097,480 | ---- | M] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2009/11/16 23:36:36 | 00,000,460 | ---- | M] () -- C:\Users\Mienai\Documents\cc_20091116_233625.reg
[2009/11/13 13:53:28 | 00,003,632 | ---- | M] () -- C:\Users\Mienai\Documents\cc_20091113_135318.reg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/10 17:10:28 | 00,002,043 | ---- | C] () -- C:\Users\Mienai\Desktop\HijackThis.lnk
[2009/12/04 19:42:21 | 00,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2009/12/03 13:39:23 | 00,000,688 | ---- | C] () -- C:\Users\Mienai\Desktop\Libraries - Shortcut.lnk
[2009/11/25 23:50:34 | 00,007,577 | ---- | C] () -- C:\Users\Mienai\Documents\Document.rtf
[2009/11/16 23:36:32 | 00,000,460 | ---- | C] () -- C:\Users\Mienai\Documents\cc_20091116_233625.reg
[2009/11/13 13:53:20 | 00,003,632 | ---- | C] () -- C:\Users\Mienai\Documents\cc_20091113_135318.reg
[2009/09/28 08:22:00 | 00,315,392 | ---- | C] () -- C:\Windows\System32\drivers\yk62x86.sys
[2009/07/22 11:39:27 | 00,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2009/04/21 22:50:07 | 00,073,216 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/04/21 22:40:32 | 00,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[1996/04/03 14:33:26 | 00,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
< End of report >
  • 0
Back to Web Browsers and Email · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Software
  3. Web Browsers and Email

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP