I was hit with a serious malware attack 2 days ago. I have a 64-bit HP Pavilion dv6 3010us laptop with 4 GB RAM. I am running Windows 7 Home Premium, SP 1, Build 7601. I was using McAfee Security-as-a-Service from Cox Business (my ISP). Not certain what I did to cause this infection but I was downloading and installing some drivers that appeared to be from a reputable source. I suspect strongly that I was complacent and careless and that one or more of those downloaded drivers was infected!
During this sequence I began noticing applications disappearing, one by one, from my hard drive. Within about 20 minutes nearly all were gone except the Windows operating system and Google Chrome browser (on which I'm writing this message now). Internet Explorer remained on the drive and I was able to open it but I could not get it to display any web pages. Java was gone, too.
I tried downloading several virus removal programs, including Microsoft Malware Removal Tool, McAfee, TrendMicro HouseCall, Hijack This, MalwareBytes AntiMalware, Emsisoft Anti-Malware, RootKit Buster, and Kaspersky Virus Removal Tool. The only programs of these that I could fully download and run were Hijack This, Avast AntiVirus, Kaspersky and Emsisoft, which said I was not infected. The others would either not load or were unable to download their definitions update files. I couldn't unzip the RootKit Buster installer because my machine would not allow me to install Hamster or WinZip.
I went to Avast's forum and posted a plea for help here:
http://forum.avast.c...c=83179.new#new
Pondus from Norway responded and referred me to Essexboy who directed me to Malwarebytes which I had already tried. Essexboy suggested I download and run OTL.exe which I did. He also said that if I had a particularly serious issue to post here in this forum. I am attaching the two OTL log files, OTL.txt and Extras.txt as Essexboy requested.
I am now hoping that someone who knows how to read these will be able to identify the problem(s) I have!
Your assistance is deeply appreciated.
OTL logfile created on: 8/16/2011 5:27:31 PM - Run 1
OTL by OldTimer - Version 3.2.26.4 Folder = C:\Users\Zinja\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.75 Gb Total Physical Memory | 2.45 Gb Available Physical Memory | 65.51% Memory free
7.49 Gb Paging File | 5.54 Gb Available in Paging File | 73.92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 277.31 Gb Total Space | 40.41 Gb Free Space | 14.57% Space Free | Partition Type: NTFS
Drive D: | 20.48 Gb Total Space | 2.97 Gb Free Space | 14.51% Space Free | Partition Type: NTFS
Drive E: | 99.34 Mb Total Space | 89.17 Mb Free Space | 89.77% Space Free | Partition Type: FAT32
Computer Name: ZINJA-WARRIOR | User Name: Zinja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2011/08/16 17:12:47 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Zinja\Downloads\OTL.exe
PRC - [2011/08/14 16:31:54 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Zinja\AppData\Local\Google\Update\1.3.21.65\GoogleCrashHandler.exe
PRC - [2011/08/01 14:44:08 | 026,441,568 | ---- | M] (SlimWare Utilities, Inc.) -- C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
PRC - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/07/04 06:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/07/04 06:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/06/30 09:50:40 | 003,029,208 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/05/21 16:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/05/18 12:26:54 | 000,062,184 | ---- | M] (Xobni Corporation) -- C:\Program Files (x86)\Xobni\XobniService.exe
PRC - [2011/04/19 01:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2011/04/19 01:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2011/03/31 14:38:17 | 000,126,976 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
PRC - [2011/01/25 01:06:12 | 000,291,064 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
PRC - [2010/10/15 14:44:10 | 000,324,928 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe
PRC - [2010/03/05 23:12:48 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
PRC - [2010/02/26 18:27:16 | 000,127,984 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (No Company Name) ==========
MOD - [2011/08/05 12:02:23 | 000,103,424 | ---- | M] () -- C:\Program Files (x86)\Google\Quick Search Box\bin\1.2.1151.245\rlz.dll
MOD - [2011/07/28 18:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 18:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/02/21 21:39:57 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/07/07 23:36:06 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/07/04 06:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/02/25 10:19:28 | 000,047,432 | ---- | M] (Cox Business) [Auto | Running] -- C:\Program Files\Online Backup\Cox_Business_CBOBbackup.exe -- (Cox_Business_CBOBbackup)
SRV:64bit: - [2011/01/19 10:18:20 | 000,156,248 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/01/12 14:03:04 | 000,203,104 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/01/12 14:01:58 | 000,190,256 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe -- (McShield)
SRV:64bit: - [2010/09/20 02:56:00 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/01/27 16:01:04 | 000,102,968 | ---- | M] (Hewlett-Packard) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV:64bit: - [2010/01/18 17:04:08 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [1999/12/31 19:00:00 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [1999/12/31 19:00:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/30 09:50:40 | 003,029,208 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/28 14:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/05/21 16:52:16 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/05/18 12:26:54 | 000,062,184 | ---- | M] (Xobni Corporation) [Auto | Running] -- C:\Program Files (x86)\Xobni\XobniService.exe -- (XobniService)
SRV - [2011/04/19 01:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2011/04/19 01:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/01/25 01:06:12 | 000,291,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe -- (RumorServer)
SRV - [2011/01/25 01:06:12 | 000,291,064 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe -- (myAgtSvc)
SRV - [2010/10/15 14:44:10 | 000,324,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe -- (McAfee SiteAdvisor Enterprise Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/05 23:12:48 | 000,338,168 | -H-- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2010/02/26 18:27:16 | 000,127,984 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/07/13 09:43:11 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/07/04 06:36:56 | 000,600,920 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/07/04 06:36:54 | 000,288,088 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/07/04 06:35:28 | 000,045,400 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/07/04 06:32:35 | 000,031,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/07/04 06:32:24 | 000,064,856 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/07/04 06:32:14 | 000,022,360 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/07/01 04:46:40 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/03/01 17:03:41 | 000,053,312 | ---- | M] (microOLAP Technologies LTD) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pssdk42.sys -- (PSSDK42)
DRV:64bit: - [2011/02/25 10:19:18 | 000,066,552 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\Cox_Business_CBOB.sys -- (Cox_Business_CBOBFilter)
DRV:64bit: - [2011/02/23 16:50:14 | 000,018,232 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2011/01/19 10:18:20 | 000,607,152 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/01/19 10:18:20 | 000,472,624 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/01/19 10:18:20 | 000,281,544 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/01/19 10:18:20 | 000,217,696 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/01/19 10:18:20 | 000,153,952 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/01/19 10:18:20 | 000,097,960 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/01/19 10:18:20 | 000,074,904 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2010/12/17 20:40:30 | 000,191,960 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cbfs64.sys -- (CbFs)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 04:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/20 03:14:16 | 007,767,552 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/09/20 02:21:04 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/09/13 17:00:08 | 001,390,640 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/09/02 00:52:50 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/09/01 03:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010/06/25 12:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/08 21:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/02/03 19:05:30 | 000,328,232 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010/01/28 13:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/22 04:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/11/11 15:09:32 | 000,020,056 | -H-- | M] (DeviceVM, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dvmio.sys -- (DVMIO)
DRV:64bit: - [2009/10/02 11:46:00 | 000,068,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/10/02 11:46:00 | 000,029,240 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/10/02 11:46:00 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/17 11:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 11:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/17 11:54:14 | 000,013,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2009/06/17 11:54:06 | 000,074,256 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 15:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 15:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [1999/12/31 19:00:00 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [1999/12/31 19:00:00 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV - [2011/08/10 15:55:40 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2011/02/20 21:30:06 | 000,085,800 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2010/09/05 12:25:22 | 000,048,216 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2010/05/05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.foxtab...yE&cr=455734634
IE - HKU\.DEFAULT\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-18\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - File not found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
IE - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Foxtab Web Search"
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.selectedEngine: "Foxtab Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.foxtab...E&cr=455734634"
FF - prefs.js..keyword.URL: "http://www.bing.com/...form=ZGAADF&q="
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_10_3_162.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2166.3772\npCIDetect14.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll File not found
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 11\plugins\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Users\Zinja\AppData\Local\HuluDesktop\instances\0.9.14.1\npHDPlg.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Zinja\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Zinja\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Zinja\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Zinja\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Firefox\plugins
[2011/06/26 05:45:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Extensions
[2011/02/22 18:04:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2011/04/12 16:48:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/05/07 09:33:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/08/13 18:34:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions
[2011/06/09 22:30:05 | 000,000,000 | ---D | M] (Toolbar Buttons) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
[2011/07/15 22:24:20 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2011/07/15 20:33:02 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011/07/16 13:24:58 | 000,000,000 | ---D | M] (AddThis) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79}
[2011/06/16 22:53:45 | 000,000,000 | ---D | M] (Qualys BrowserCheck) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}
[2011/07/08 23:41:35 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/08/04 03:45:26 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/06/25 23:38:38 | 000,000,000 | ---D | M] (Google Redesigned) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}
[2011/06/29 19:46:14 | 000,000,000 | ---D | M] (Evernote Web Clipper) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
[2011/07/31 15:23:33 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2011/08/13 18:34:16 | 000,000,000 | ---D | M] (DriverAgent Plugin for Firefox and Opera) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\{F8CC37C3-CBEB-4A00-8CBF-26A88693F0C5}
[2011/08/02 00:33:56 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\[email protected]
[2011/07/20 01:18:41 | 000,000,000 | ---D | M] ("Google+Facebook") -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\[email protected]
[2011/08/10 05:50:49 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\[email protected]
[2011/06/10 19:18:40 | 000,000,000 | ---D | M] (Disconnect) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\[email protected]
[2011/08/05 15:13:56 | 000,000,000 | ---D | M] (GoogleSharing) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\[email protected]
[2011/08/06 13:05:38 | 000,000,000 | ---D | M] (Awesome screenshot: Capture and Annotate) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack
[2011/08/10 06:34:53 | 000,000,000 | ---D | M] (SearchGBY) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\[email protected]
[2011/07/20 01:18:41 | 000,000,000 | ---D | M] (Rapportive) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\[email protected]
[2011/07/15 22:24:20 | 000,000,000 | ---D | M] (The Search Sidebar) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\[email protected]
[2011/08/05 15:13:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\[email protected]\chrome
[2011/08/05 15:13:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\[email protected]\components
[2011/08/05 15:13:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\extensions\[email protected]\defaults
[2011/02/22 16:31:17 | 000,001,919 | ---- | M] () -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\searchplugins\bing-zugo.xml
[2011/02/22 11:31:59 | 000,001,651 | ---- | M] () -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\searchplugins\erotic-search.xml
[2011/07/13 11:55:40 | 000,000,958 | ---- | M] () -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\searchplugins\facebook.xml
[2011/08/14 09:41:25 | 000,005,423 | ---- | M] () -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\searchplugins\Foxtab Web Search.xml
[2011/02/22 11:25:17 | 000,004,855 | ---- | M] () -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\searchplugins\google-images.xml
[2011/08/10 07:26:44 | 000,001,633 | ---- | M] () -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\searchplugins\googletranslate.xml
[2011/04/15 00:07:33 | 000,002,567 | ---- | M] () -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\searchplugins\hulu.xml
[2011/02/22 11:33:05 | 000,001,504 | ---- | M] () -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\searchplugins\imdb.xml
[2011/02/22 11:25:41 | 000,001,826 | ---- | M] () -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\searchplugins\nasa-images.xml
[2011/02/22 11:33:58 | 000,001,050 | ---- | M] () -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\searchplugins\siteadvisor.xml
[2011/03/17 19:58:53 | 000,002,306 | ---- | M] () -- C:\Users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\searchplugins\wot-safe-search.xml
File not found (No name found) --
File not found (No name found) -- C:\PROGRAM FILES (X86)\FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\{20CC25E2-48C9-45E1-9A1F-1CCC1882B81B}.XPI
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\{28197867-B1EF-4140-8E3B-55C45B9C8460}.XPI
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\{2E17E2B2-B8D4-4A67-8D7B-FAFA6CC9D1D0}.XPI
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.XPI
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}.XPI
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\{47624DDA-B77E-4FEB-820A-E4F077D5D4CA}.XPI
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\{5C46D283-ABDE-4DCE-B83C-08881401921C}.XPI
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\{962E0D4D-6B89-4B73-AA72-DF03360DA12E}.XPI
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\{CD617372-6743-4EE4-BAC4-FBF60F35719E}.XPI
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\ZINJA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6W4RQZWK.DEFAULT\EXTENSIONS\[email protected]
O1 HOSTS File: ([2011/06/14 21:25:02 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - File not found
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - File not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - File not found
O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O2 - BHO: (VizController Class) - {0F9CECE1-0306-4BB0-8BEF-C9EA3841E38A} - File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - File not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - File not found
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - File not found
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - File not found
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - File not found
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - File not found
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - File not found
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - File not found
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - File not found
O3 - HKLM\..\Toolbar: (DiskView) - {6A882320-BDD0-4ff4-BE3A-D8BAF82668E9} - File not found
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - File not found
O3 - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - File not found
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPToneControl] C:\Program Files\Hewlett-Packard\HPToneControl\HPToneCtl.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] File not found
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe ARM] File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [HFALoader] File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] File not found
O4 - HKLM..\Run: [TaskTray] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000..\Run: [DriverMax] File not found
O4 - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000..\Run: [DriverMax_RESTART] File not found
O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\SysWow64\grpconv.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 223
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 223
O7 - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - File not found
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - File not found
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - File not found
O9 - Extra Button: - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - File not found
O9 - Extra 'Tools' menuitem : - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - File not found
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - File not found
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - File not found
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - Reg Error: Value error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\.DEFAULT\..Trusted Domains: facebook.com ([www] https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\.DEFAULT\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-18\..Trusted Domains: facebook.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\..Trusted Domains: facebook.com ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-1115849333-2882087070-3583721905-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - File not found
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - File not found
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - File not found
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - File not found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O27:64bit: - HKLM IFEO\taskmgr.exe: Debugger - File not found
O27 - HKLM IFEO\taskmgr.exe: Debugger - "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{72ae5efb-bfb9-11e0-8c7b-bfef05e91997}\Shell - "" = AutoRun
O33 - MountPoints2\{72ae5efb-bfb9-11e0-8c7b-bfef05e91997}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2011/08/16 03:35:12 | 000,000,000 | ---D | C] -- C:\Users\Zinja\AppData\Roaming\Malwarebytes
[2011/08/16 01:34:34 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/08/16 01:34:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/16 01:34:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/08/16 01:34:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/08/15 22:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011/08/15 22:18:09 | 000,000,000 | ---D | C] -- C:\Users\Zinja\AppData\Local\Apps
[2011/08/15 10:12:23 | 000,000,000 | ---D | C] -- C:\Users\Zinja\AppData\Roaming\QuickScan
[2011/08/14 15:42:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/08/14 15:42:24 | 000,288,088 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/08/14 15:42:24 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/08/14 15:42:20 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/08/14 15:42:19 | 000,045,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/08/14 15:42:18 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/08/14 15:42:13 | 000,064,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/08/14 15:42:12 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/08/14 15:41:38 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/08/14 15:41:36 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/08/14 15:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/08/14 15:41:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/08/14 15:37:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011/08/14 15:37:15 | 000,000,000 | ---D | C] -- C:\Users\Zinja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/08/14 15:26:16 | 000,000,000 | ---D | C] -- C:\Users\Zinja\AppData\Local\Microsoft Help
[2011/08/14 15:25:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011/08/14 15:10:26 | 000,000,000 | ---D | C] -- C:\Users\Zinja\AppData\Roaming\Apple Computer
[2011/08/14 15:08:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\yahoo!
[2011/08/14 15:04:44 | 000,000,000 | ---D | C] -- C:\Users\Zinja\AppData\Roaming\Adobe
[2011/08/14 15:00:39 | 000,000,000 | ---D | C] -- C:\Users\Zinja\AppData\Local\ATI
[2011/08/14 14:49:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/08/14 14:47:17 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/08/14 11:49:35 | 000,651,776 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
[2011/08/14 11:46:35 | 000,520,192 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
[2011/08/14 11:46:31 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
[2011/08/14 11:46:30 | 001,499,136 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
[2011/08/14 11:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
[2011/08/14 11:17:42 | 000,000,000 | ---D | C] -- C:\Users\Zinja\AppData\Local\SlimWare Utilities Inc
[2011/08/14 11:17:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimDrivers
[2011/08/14 09:42:32 | 000,000,000 | ---D | C] -- C:\Users\Zinja\Documents\My Drivers
[2011/08/14 09:02:21 | 000,000,000 | ---D | C] -- C:\Users\Zinja\Documents\DriverGenius
[2011/08/13 17:46:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011/08/13 17:41:37 | 000,000,000 | ---D | C] -- C:\Users\Zinja\AppData\Local\AMD
[2011/08/13 17:39:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2011/08/13 17:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/08/12 11:31:49 | 000,000,000 | ---D | C] -- C:\Users\Zinja\AppData\Roaming\QTTabBar
[2011/08/11 00:14:37 | 000,000,000 | ---D | C] -- C:\Users\Zinja\AppData\Roaming\PrimoPDF
[2011/08/10 15:55:40 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2011/08/10 03:02:43 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2011/08/08 20:23:14 | 000,000,000 | ---D | C] -- C:\Users\Zinja\Desktop\Super F4
[2011/08/05 20:21:54 | 000,000,000 | ---D | C] -- C:\Users\Zinja\AppData\Roaming\U3
[2011/08/04 12:50:22 | 000,000,000 | ---D | C] -- C:\Users\Zinja\Desktop\Anti-Virus Specific Pgm
[2011/07/26 19:53:59 | 000,000,000 | ---D | C] -- C:\Users\Zinja\Desktop\Notes Folder
[2011/07/22 15:51:50 | 000,094,208 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll
[2011/07/20 14:18:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2011/07/20 14:18:40 | 000,000,000 | ---D | C] -- C:\Users\Zinja\Documents\Anti-Malware
[2011/07/19 00:39:42 | 000,000,000 | ---D | C] -- C:\Users\Zinja\Desktop\Registry backup
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/08/16 17:37:04 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1115849333-2882087070-3583721905-1000UA.job
[2011/08/16 17:28:39 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2011/08/16 17:27:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/08/16 17:23:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/08/16 17:11:14 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1115849333-2882087070-3583721905-1000Core.job
[2011/08/16 17:04:36 | 000,783,526 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/08/16 17:04:36 | 000,663,434 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/08/16 17:04:36 | 000,122,270 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/08/16 17:01:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/08/16 10:04:58 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/08/16 01:34:35 | 000,001,110 | ---- | M] () -- C:\Users\Zinja\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/08/16 01:34:35 | 000,001,086 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/08/15 22:34:31 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/15 22:34:31 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/15 22:24:37 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/14 16:16:00 | 000,000,036 | ---- | M] () -- C:\Users\Zinja\AppData\Local\housecall.guid.cache
[2011/08/14 15:42:25 | 000,001,814 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/08/14 15:42:12 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/08/14 15:37:15 | 000,002,935 | ---- | M] () -- C:\Users\Zinja\Desktop\HiJackThis.lnk
[2011/08/14 15:14:05 | 000,002,291 | ---- | M] () -- C:\Users\Zinja\Desktop\Google Chrome.lnk
[2011/08/14 15:12:46 | 000,017,408 | ---- | M] () -- C:\conf.dat
[2011/08/14 13:27:57 | 000,000,047 | ---- | M] () -- C:\Windows\SysWow64\_WKERNEL.FRE
[2011/08/14 00:13:15 | 000,007,792 | ---- | M] () -- C:\Users\Zinja\Desktop\Driver Analysis for ZINJA-WARRIOR.html
[2011/08/14 00:03:17 | 000,005,404 | ---- | M] () -- C:\Windows\Cox_Business_CBOB.blk
[2011/08/14 00:03:17 | 000,000,992 | ---- | M] () -- C:\Windows\Cox_Business_CBOB.flt
[2011/08/13 19:23:30 | 000,777,742 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/13 17:47:30 | 000,002,063 | ---- | M] () -- C:\Users\Zinja\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Pitstop Driver Alert2.lnk
[2011/08/12 00:02:25 | 000,001,127 | ---- | M] () -- C:\Users\Zinja\Application Data\Microsoft\Internet Explorer\Quick Launch\System Explorer.lnk
[2011/08/10 23:59:11 | 000,000,326 | ---- | M] () -- C:\Windows\primopdf.ini
[2011/08/10 15:55:40 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2011/08/05 23:55:45 | 001,049,314 | ---- | M] () -- C:\Windows\SysNative\oem46.inf
[2011/08/05 19:11:05 | 038,695,279 | ---- | M] () -- C:\Users\Zinja\Desktop\Emerson LD195EMX Manual.PDF
[2011/08/05 13:34:21 | 000,150,682 | ---- | M] () -- C:\Users\Zinja\Desktop\Second HP Support Session.xps
[2011/08/05 13:01:49 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForZinja.job
[2011/08/04 00:33:44 | 000,000,997 | ---- | M] () -- C:\Users\Zinja\Application Data\Microsoft\Internet Explorer\Quick Launch\WinUtilities.lnk
[2011/08/02 18:59:59 | 000,002,237 | ---- | M] () -- C:\Users\Zinja\Desktop\calendar.ics
[2011/07/28 20:26:42 | 000,000,600 | ---- | M] () -- C:\Users\Zinja\AppData\Roaming\winscp.rnd
[2011/07/28 20:25:56 | 000,001,890 | ---- | M] () -- C:\Users\Zinja\Application Data\Microsoft\Internet Explorer\Quick Launch\WinSCP.lnk
[2011/07/25 21:40:49 | 000,063,124 | ---- | M] () -- C:\Users\Zinja\Desktop\David Orr hawaiian shirt torso shot.jpg
[2011/07/25 18:13:15 | 000,000,002 | ---- | M] () -- C:\Windows\msoffice.ini
[2011/07/23 10:44:27 | 000,000,046 | ---- | M] () -- C:\Windows\SysWow64\_WKERNEL.SYL
[2011/07/22 15:51:50 | 000,094,208 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\dpl100.dll
[2011/07/22 15:50:19 | 000,002,515 | ---- | M] () -- C:\Users\Zinja\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/07/20 14:19:20 | 000,001,132 | ---- | M] () -- C:\Users\Zinja\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2011/07/20 11:30:00 | 000,001,555 | ---- | M] () -- C:\Users\Zinja\Application Data\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk
[2011/07/19 14:00:25 | 000,002,052 | ---- | M] () -- C:\Windows\epplauncher.mif
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/08/16 01:34:35 | 000,001,110 | ---- | C] () -- C:\Users\Zinja\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/08/16 01:34:35 | 000,001,086 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/14 16:16:00 | 000,000,036 | ---- | C] () -- C:\Users\Zinja\AppData\Local\housecall.guid.cache
[2011/08/14 15:42:25 | 000,001,814 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/08/14 15:42:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011/08/14 15:37:15 | 000,002,935 | ---- | C] () -- C:\Users\Zinja\Desktop\HiJackThis.lnk
[2011/08/14 15:14:05 | 000,002,291 | ---- | C] () -- C:\Users\Zinja\Desktop\Google Chrome.lnk
[2011/08/14 15:11:27 | 000,017,408 | ---- | C] () -- C:\conf.dat
[2011/08/14 12:17:08 | 000,099,389 | ---- | C] () -- C:\Users\Zinja\Desktop\Bighog1wiki.jpg
[2011/08/14 11:17:59 | 000,000,410 | ---- | C] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2011/08/14 00:13:15 | 000,007,792 | ---- | C] () -- C:\Users\Zinja\Desktop\Driver Analysis for ZINJA-WARRIOR.html
[2011/08/13 17:47:30 | 000,002,063 | ---- | C] () -- C:\Users\Zinja\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Pitstop Driver Alert2.lnk
[2011/08/10 23:59:16 | 000,095,008 | ---- | C] () -- C:\Windows\SysNative\Primomonnt.dll
[2011/08/10 17:14:40 | 000,000,942 | ---- | C] () -- C:\Users\Zinja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3RVX.lnk
[2011/08/09 18:11:33 | 000,266,930 | ---- | C] () -- C:\Users\Zinja\Desktop\Bear%20Lake%20County%20Sheriff%20ID.jpg
[2011/08/08 08:46:39 | 000,069,197 | ---- | C] () -- C:\Users\Zinja\Desktop\6153FMXN6QL.jpg
[2011/08/05 23:56:06 | 001,049,314 | ---- | C] () -- C:\Windows\SysNative\oem46.inf
[2011/08/05 19:04:46 | 038,695,279 | ---- | C] () -- C:\Users\Zinja\Desktop\Emerson LD195EMX Manual.PDF
[2011/08/05 13:34:19 | 000,150,682 | ---- | C] () -- C:\Users\Zinja\Desktop\Second HP Support Session.xps
[2011/08/04 12:49:20 | 000,606,378 | ---- | C] () -- C:\Users\Zinja\Documents\change yahoo name.pdf
[2011/08/02 19:00:10 | 000,002,237 | ---- | C] () -- C:\Users\Zinja\Desktop\calendar.ics
[2011/07/25 21:40:46 | 000,063,124 | ---- | C] () -- C:\Users\Zinja\Desktop\David Orr hawaiian shirt torso shot.jpg
[2011/07/25 18:13:15 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini
[2011/07/20 14:19:20 | 000,001,132 | ---- | C] () -- C:\Users\Zinja\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2011/07/20 11:30:00 | 000,001,555 | ---- | C] () -- C:\Users\Zinja\Application Data\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk
[2011/07/19 14:00:25 | 000,002,052 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/07/07 23:37:28 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/05/24 11:31:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/03/22 04:34:07 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/03/22 04:33:57 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/03/22 04:33:57 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/03/22 04:33:56 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/03/10 15:51:15 | 001,053,056 | ---- | C] () -- C:\Windows\SysWow64\drivers\CAMTHWDM.sys
[2011/03/10 15:50:08 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/02/28 05:17:26 | 000,777,742 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/22 19:07:04 | 000,000,600 | ---- | C] () -- C:\Users\Zinja\AppData\Roaming\winscp.rnd
[2011/02/22 18:04:51 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/02/21 20:32:56 | 000,026,424 | ---- | C] () -- C:\Users\Zinja\AppData\Roaming\UserTile.png
[2011/02/09 23:03:48 | 000,000,326 | ---- | C] () -- C:\Windows\primopdf.ini
[2010/06/25 12:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010/06/15 23:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/05/21 03:37:09 | 000,000,299 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010/05/21 03:37:09 | 000,000,240 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010/04/25 15:17:24 | 000,000,188 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010/02/09 20:58:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/09 23:03:56 | 000,370,312 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2011/08/14 15:05:02 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\Dropbox
[2011/08/14 15:05:10 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\IObit
[2011/03/20 22:09:37 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\IrfanView
[2011/06/23 04:55:09 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\Lunascape
[2011/06/12 19:46:53 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\Made for IT
[2011/05/25 20:55:32 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\Obvious Idea
[2011/02/22 17:59:51 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\ooVoo Details
[2011/02/23 16:33:37 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\OpenOffice.org
[2011/06/22 18:18:46 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\Opera
[2011/03/01 13:10:23 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\Philipp Winterberg
[2011/06/19 19:14:55 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\PhotoScape
[2011/08/11 00:14:37 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\PrimoPDF
[2011/08/12 11:31:49 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\QTTabBar
[2011/06/16 22:40:31 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\qualys
[2011/08/15 14:22:31 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\QuickScan
[2011/04/04 16:20:24 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\sfdc-desktop.0E7F0072024938CDBA99B20C38B5F315254C2A5B.1
[2011/03/28 13:09:25 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\Stardock
[2011/04/11 00:11:39 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\TreeCardGames
[2011/04/15 13:18:10 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\Trillian
[2011/05/08 17:17:25 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011/03/10 15:51:31 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\WebcamMax
[2011/02/24 14:20:43 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\Windows Live Writer
[2011/04/22 13:59:11 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\Wireshark
[2011/02/21 18:15:34 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\Xilisoft
[2011/06/18 06:01:56 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\Yoono
[2011/03/28 23:03:52 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\YouSendIt
[2011/06/18 05:02:25 | 000,000,000 | ---D | M] -- C:\Users\Zinja\AppData\Roaming\ZumoDrive
[2011/08/04 13:16:05 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/08/16 17:28:39 | 000,000,410 | ---- | M] () -- C:\Windows\Tasks\SlimDrivers Startup.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< MD5 for: EXPLORER.EXE >
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 08:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< End of report >
David Orr
Fayetteville, Arkansas