Jump to content

spudgirl

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

 Content Type 

Posts posted by spudgirl

    google redirect virus

    in Resolved Malware Removal Logs

    Posted

    I was getting google redirects last night and this morning but gmer and malwarebytes didn't find anything. Can someone look at my scan and see if there is something there? AVG didn't find anything either

    thank you so much

    Malwarebytes' Anti-Malware 1.46

    www.malwarebytes.org

    Database version: 4290

    Windows 6.1.7600

    Internet Explorer 8.0.7600.16385

    7/7/2010 2:43:23 PM

    mbam-log-2010-07-07 (14-43-23).txt

    Scan type: Full scan (C:\|)

    Objects scanned: 346471

    Time elapsed: 1 hour(s), 13 minute(s), 52 second(s)

    Memory Processes Infected: 0

    Memory Modules Infected: 0

    Registry Keys Infected: 0

    Registry Values Infected: 0

    Registry Data Items Infected: 0

    Folders Infected: 0

    Files Infected: 0

    Memory Processes Infected:

    (No malicious items detected)

    Memory Modules Infected:

    (No malicious items detected)

    Registry Keys Infected:

    (No malicious items detected)

    Registry Values Infected:

    (No malicious items detected)

    Registry Data Items Infected:

    (No malicious items detected)

    Folders Infected:

    (No malicious items detected)

    Files Infected:

    (No malicious items detected)

    DDS (Ver_10-03-17.01) - NTFSX64

    Run by at 15:06:53.88 on Wed 07/07/2010

    Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_18

    Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.4026.2631 [GMT -6:00]

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe

    C:\Program Files (x86)\AVG\AVG9\avgchsva.exe

    C:\Program Files (x86)\AVG\AVG9\avgrsa.exe

    C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe

    C:\Windows\system32\lsm.exe

    C:\Windows\system32\svchost.exe -k DcomLaunch

    C:\Windows\system32\svchost.exe -k RPCSS

    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

    C:\Windows\system32\svchost.exe -k netsvcs

    C:\Windows\servicing\TrustedInstaller.exe

    C:\Windows\system32\svchost.exe -k LocalService

    C:\Windows\system32\svchost.exe -k NetworkService

    C:\Windows\System32\spoolsv.exe

    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

    C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe

    C:\Windows\system32\svchost.exe -k apphost

    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe

    C:\Program Files (x86)\Bonjour\mDNSResponder.exe

    C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

    C:\Windows\System32\svchost.exe -k HPZ12

    C:\Windows\System32\svchost.exe -k HPZ12

    C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

    C:\Windows\System32\tcpsvcs.exe

    C:\Windows\system32\svchost.exe -k imgsvc

    C:\Program Files\Acer\Acer Updater\UpdaterService.exe

    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

    C:\Program Files (x86)\AVG\AVG9\avgemc.exe

    C:\Program Files (x86)\AVG\AVG9\avgnsa.exe

    C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe

    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

    C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

    C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Windows\system32\taskhost.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\SearchIndexer.exe

    C:\Windows\sysWow64\SearchProtocolHost.exe

    C:\Windows\system32\SearchFilterHost.exe

    C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

    C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

    C:\Windows\System32\igfxtray.exe

    C:\Windows\System32\igfxpers.exe

    C:\Windows\system32\igfxsrvc.exe

    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

    C:\Windows\PLFSetI.exe

    C:\Windows\system32\igfxext.exe

    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe

    C:\Windows\System32\StikyNot.exe

    C:\Windows\system32\wbem\wmiprvse.exe

    C:\Program Files (x86)\Launch Manager\LManager.exe

    C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe

    C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

    C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

    C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe

    C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

    C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe

    C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

    C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe

    C:\Program Files (x86)\AVG\AVG9\avgtray.exe

    C:\Program Files (x86)\Research In Motion\BlackBerry\DesktopMgr.exe

    C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe

    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AcroDist.exe

    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

    C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceService.exe

    C:\Program Files (x86)\Hewlett-Packard\HP Easy Printer Care\HPPRun.exe

    C:\Program Files (x86)\iTunes\iTunesHelper.exe

    C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Device Communication Services\AppInterfaces\HPDeviceHost.exe

    C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

    C:\Users\rregner\Desktop\dds.scr

    C:\Windows\system32\conhost.exe

    C:\Program Files\iPod\bin\iPodService.exe

    ============== Pseudo HJT Report ===============

    uStart Page = about:blank

    uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a945l0324z1l5t5892x29p

    mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a945l0324z1l5t5892x29p

    mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_5732z&r=27361209a945l0324z1l5t5892x29p

    uInternet Settings,ProxyOverride = *.local

    mWinlogon: Userinit=userinit.exe

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files (x86)\avg\avg9\avgssie.dll

    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll

    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll

    BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll

    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll

    uRun: [skype] "c:\program files (x86)\skype\\phone\Skype.exe" /nosplash /minimized

    uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe

    mRun: [LManager] c:\program files (x86)\launch manager\LManager.exe

    mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"

    mRun: [ArcadeDeluxeAgent] "c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\ArcadeDeluxeAgent.exe"

    mRun: [PlayMovie] "c:\program files (x86)\acer arcade deluxe\playmovie\PMVService.exe"

    mRun: [Acer Assist Launcher] c:\program files (x86)\acer\acer assist\launcher.exe

    mRun: [AdobeCS4ServiceManager] "c:\program files (x86)\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin

    mRun: [Adobe Acrobat Speed Launcher] "c:\program files (x86)\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"

    mRun: [Acrobat Assistant 8.0] "c:\program files (x86)\adobe\acrobat 9.0\acrobat\Acrotray.exe"

    mRun: [AmazonGSDownloaderTray] c:\program files (x86)\amazon\amazon games & software downloader\AmazonGSDownloaderTray.exe

    mRun: [intuit SyncManager] c:\program files (x86)\common files\intuit\sync\IntuitSyncManager.exe startup

    mRun: [AVG9_TRAY] c:\progra~2\avg\avg9\avgtray.exe

    mRun: [blackBerryAutoUpdate] c:\program files (x86)\common files\research in motion\auto update\RIMAutoUpdate.exe /background

    mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"

    mRun: [AppleSyncNotifier] c:\program files (x86)\common files\apple\mobile device support\bin\AppleSyncNotifier.exe

    mRun: [QuickTime Task] "c:\program files (x86)\quicktime\QTTask.exe" -atboottime

    mRun: [sunJavaUpdateSched] "c:\program files (x86)\common files\java\java update\jusched.exe"

    mRun: [KnexStarter] c:\program files (x86)\common files\hewlett-packard\hp device communication services\appinterfaces\HPDeviceService.exe

    mRun: [RunTasktray] "c:\program files (x86)\hewlett-packard\hp easy printer care\hpprun.exe" --regkeypath=software\hewlett-packard\hp easy printer care\HPPRun --valuename=InstallTTM

    mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe"

    StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\audibl~1.lnk - c:\program files (x86)\audible\bin\AudibleDownloadHelper.exe

    StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\deskto~1.lnk - c:\program files (x86)\research in motion\blackberry\DesktopMgr.exe

    StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files (x86)\common files\intuit\quickbooks\qbupdate\qbupdate.exe

    mPolicies-explorer: NoActiveDesktop = 1 (0x1)

    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

    mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)

    mPolicies-explorer: NoWelcomeScreen = 1 (0x1)

    mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

    mPolicies-system: EnableLUA = 0 (0x0)

    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

    mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

    IE: Append Link Target to Existing PDF - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

    IE: Append to Existing PDF - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html

    IE: Convert Link Target to Adobe PDF - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

    IE: Convert to Adobe PDF - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html

    IE: E&xport to Microsoft Excel - c:\progra~2\micros~1\office14\EXCEL.EXE/3000

    IE: Se&nd to OneNote - /105

    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll

    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~1\office12\ONBttnIE.dll

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~1\office12\REFIEBAR.DLL

    Trusted Zone: intuit.com\ttlc

    Trusted Zone: hp.com

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

    DPF: {C2ED62BE-4FF5-4FAF-9274-3BA328DCA35C} - hxxps://timetracking.quickbooks.com/ocx/tts/TimeTrackingV2.ocx

    DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

    Handler: HPDCS - {ba135f49-a12c-4e26-a2c4-6ea945999072} - c:\program files (x86)\common files\hewlett-packard\hp device communication services\app\hpdcsapp.dll

    Handler: hppfile - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - c:\program files (x86)\hewlett-packard\hp easy printer care\HPPCtrls.dll

    Handler: hppsam - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - c:\program files (x86)\hewlett-packard\hp easy printer care\HPPCtrls.dll

    Handler: hppzip - {C4E2084B-ED27-4893-A43D-488CA3F370E2} - c:\program files (x86)\hewlett-packard\hp easy printer care\HPPCtrls.dll

    Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files (x86)\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll

    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files (x86)\avg\avg9\avgpp.dll

    Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll

    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL

    BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files (x86)\avg\avg9\avgssiea.dll

    BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

    TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

    mRun-x64: [iAAnotif] c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe

    mRun-x64: [RtHDVCpl] c:\program files\realtek\audio\hda\RAVCpl64.exe

    mRun-x64: [Acer ePower Management] c:\program files\acer\acer epower management\ePowerTray.exe

    mRun-x64: [mwlDaemon] c:\program files (x86)\egistec\mywinlocker 3\x86\mwlDaemon.exe

    mRun-x64: [igfxTray] c:\windows\system32\igfxtray.exe

    mRun-x64: [HotKeysCmds] c:\windows\system32\hkcmd.exe

    mRun-x64: [Persistence] c:\windows\system32\igfxpers.exe

    mRun-x64: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

    mRun-x64: [PLFSetI] c:\windows\PLFSetI.exe

    AppInit_DLLs-X64: avgrssta.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\users\rregner\appdata\roaming\mozilla\firefox\profiles\tg8945kb.default\

    FF - prefs.js: network.proxy.type - 0

    FF - component: c:\program files (x86)\avg\avg9\firefox\components\avgssff.dll

    FF - component: c:\program files (x86)\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll

    FF - component: c:\users\rregner\appdata\roaming\mozilla\firefox\profiles\tg8945kb.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc_fireftp.dll

    FF - plugin: c:\program files (x86)\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll

    FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npatgpc.dll

    FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npCouponPrinter.dll

    FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll

    FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll

    FF - plugin: c:\users\rregner\appdata\roaming\mozilla\firefox\profiles\tg8945kb.default\extensions\2020player@2020technologies.com\plugins\NP2020Player.dll

    FF - HiddenExtension: Java Console: No Registry Reference - c:\program files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

    ---- FIREFOX POLICIES ----

    FF - user.js: yahoo.homepage.dontask - truec:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);

    c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr

    ef", true);

    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

    c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

    c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

    ============= SERVICES / DRIVERS ===============

    R1 AvgLdx64;AVG Free AVI Loader Driver x64;c:\windows\system32\drivers\avgldx64.sys [2009-12-11 269320]

    R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;c:\windows\system32\drivers\avgmfx64.sys [2009-12-11 35536]

    R1 AvgTdiA;AVG Free Network Redirector x64;c:\windows\system32\drivers\avgtdia.sys [2009-12-11 317520]

    R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 59904]

    R2 Amazon Download Agent;Amazon Download Agent;c:\program files (x86)\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2010-2-2 401920]

    R2 avg9emc;AVG Free E-mail Scanner;c:\program files (x86)\avg\avg9\avgemc.exe [2010-3-14 916760]

    R2 avg9wd;AVG Free WatchDog;c:\program files (x86)\avg\avg9\avgwdsvc.exe [2010-3-14 308064]

    R2 ePowerSvc;Acer ePower Service;c:\program files\acer\acer epower management\ePowerSvc.exe [2009-11-6 844320]

    R2 Updater Service;Updater Service;c:\program files\acer\acer updater\UpdaterService.exe [2009-11-6 240160]

    R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x64.sys [2009-11-6 58880]

    R3 QuickBooksDB20;QuickBooksDB20;c:\progra~2\intuit\quickb~1\qbdbmgrn.exe -hvquickbooksdb20 --> c:\progra~2\intuit\quickb~1\QBDBMgrN.exe -hvQuickBooksDB20 [?]

    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 17920]

    S2 Greg_Service;GRegService;c:\program files (x86)\acer\registration\GregHSRW.exe [2009-8-28 1150496]

    S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\common files\macrovision shared\flexnet publisher\FNPLicensingService64.exe [2010-1-5 1038088]

    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-11-6 225280]

    S3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;c:\progra~2\verizo~1\vzacce~1\SMSIVZAM5X64.SYS [2009-3-20 43032]

    S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]

    S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2010-4-19 50688]

    =============== Created Last 30 ================

    2010-07-07 20:56:01 0 d-----w- c:\program files (x86)\Microsoft CAPICOM 2.1.0.2

    2010-07-07 20:46:39 0 ----a-w- c:\users\rregner\defogger_reenable

    2010-07-07 20:42:08 1446912 ----a-w- c:\windows\system32\lsasrv.dll

    2010-07-07 20:42:08 12867072 ----a-w- c:\windows\syswow64\shell32.dll

    2010-07-07 20:42:07 96768 ----a-w- c:\windows\syswow64\sspicli.dll

    2010-07-07 20:42:07 22016 ----a-w- c:\windows\syswow64\secur32.dll

    2010-07-07 20:42:07 153160 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

    2010-07-07 20:40:51 3122176 ----a-w- c:\windows\system32\win32k.sys

    2010-07-07 20:39:40 464896 ----a-w- c:\windows\system32\drivers\srv.sys

    2010-07-07 20:39:40 162304 ----a-w- c:\windows\system32\drivers\srvnet.sys

    2010-06-29 02:28:51 0 d-----w- c:\program files (x86)\Microsoft Windows Small Business Server

    2010-06-25 04:04:28 0 d-----w- c:\program files\iPod

    2010-06-25 04:04:27 0 d-----w- c:\program files\iTunes

    2010-06-25 04:04:27 0 d-----w- c:\program files (x86)\iTunes

    2010-06-25 04:01:52 0 d-----w- c:\program files\Bonjour

    2010-06-25 04:01:52 0 d-----w- c:\program files (x86)\Bonjour

    2010-06-17 16:23:30 165547 ----a-w- C:\alarmcode.docx

    ==================== Find3M ====================

    2010-06-02 19:05:59 317520 ----a-w- c:\windows\system32\drivers\avgtdia.sys

    2010-06-02 19:05:58 35536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys

    2010-05-27 07:24:13 34304 ----a-w- c:\windows\syswow64\atmlib.dll

    2010-05-27 06:34:09 46080 ----a-w- c:\windows\system32\atmlib.dll

    2010-05-27 04:11:32 366080 ----a-w- c:\windows\system32\atmfd.dll

    2010-05-27 03:49:37 293888 ----a-w- c:\windows\syswow64\atmfd.dll

    2010-05-24 02:30:33 588706 ----a-w- C:\nmp_home_ov_demo.zip

    2010-05-24 02:30:23 4512663 ----a-w- C:\nmp_home_left_demo.zip

    2010-05-21 05:52:30 1192960 ----a-w- c:\windows\system32\wininet.dll

    2010-05-21 05:18:06 977920 ----a-w- c:\windows\syswow64\wininet.dll

    2010-05-21 05:14:50 48128 ----a-w- c:\windows\syswow64\jsproxy.dll

    2010-05-18 22:55:18 95520 ----a-w- c:\windows\system32\dnssd.dll

    2010-05-18 22:55:18 119584 ----a-w- c:\windows\system32\dns-sd.exe

    2010-05-18 22:35:16 91424 ----a-w- c:\windows\syswow64\dnssd.dll

    2010-05-18 22:35:16 107808 ----a-w- c:\windows\syswow64\dns-sd.exe

    2010-05-06 12:42:05 1225216 ----a-w- c:\windows\syswow64\urlmon.dll

    2010-05-06 12:41:55 606208 ----a-w- c:\windows\syswow64\mstime.dll

    2010-05-06 12:41:53 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll

    2010-05-06 12:41:53 5970944 ----a-w- c:\windows\syswow64\mshtml.dll

    2010-05-06 12:41:49 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll

    2010-05-06 12:41:49 10984448 ----a-w- c:\windows\syswow64\ieframe.dll

    2010-05-06 03:36:24 1611176 ----a-w- C:\AudibleDM_iTunesSetup.exe

    2010-04-23 07:13:36 2048 ----a-w- c:\windows\syswow64\tzres.dll

    2010-04-23 07:11:58 2048 ----a-w- c:\windows\system32\tzres.dll

    2010-04-20 02:47:42 3062048 ----a-w- c:\windows\system32\usbaaplrc.dll

    2010-04-09 05:00:25 411368 ----a-w- c:\windows\syswow64\deploytk.dll

    2010-04-09 05:00:25 153376 ----a-w- c:\windows\syswow64\javaws.exe

    2010-04-09 05:00:25 145184 ----a-w- c:\windows\syswow64\javaw.exe

    2010-04-09 05:00:25 145184 ----a-w- c:\windows\syswow64\java.exe

    2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat

    2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat

    2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat

    2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat

    2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini

    2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini

    2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

    2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

    2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

    2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

    2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat

    2010-02-28 04:12:45 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat

    2010-02-28 04:12:45 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat

    2010-02-28 04:12:45 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat

    2010-02-28 04:12:45 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

    2009-11-21 14:58:57 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009112120091122\index.dat

    2009-12-14 17:02:22 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009120720091214\index.dat

    2009-12-14 17:02:22 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009121420091215\index.dat

    2009-12-18 21:52:05 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009121820091219\index.dat

    2009-12-19 22:22:04 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012009121920091220\index.dat

    2010-01-12 00:22:47 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010010420100111\index.dat

    2010-01-12 00:22:47 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010011120100112\index.dat

    2010-01-19 01:24:43 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010011820100119\index.dat

    2010-01-22 17:52:58 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010012220100123\index.dat

    2010-01-24 02:29:45 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010012320100124\index.dat

    2010-01-25 02:47:55 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010012420100125\index.dat

    2010-01-30 04:44:38 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010012920100130\index.dat

    2010-02-02 00:58:31 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010020120100202\index.dat

    2010-02-04 00:43:00 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010020320100204\index.dat

    2010-02-15 16:41:14 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010020820100215\index.dat

    2010-02-23 02:10:22 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010022220100223\index.dat

    2010-02-24 02:13:22 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010022320100224\index.dat

    2010-02-25 02:43:20 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010022420100225\index.dat

    2010-02-26 03:07:33 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010022520100226\index.dat

    2010-02-27 03:23:24 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010022620100227\index.dat

    2010-02-28 03:53:23 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010022720100228\index.dat

    2010-03-01 00:23:22 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010022820100301\index.dat

    2010-03-02 00:43:54 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010030120100302\index.dat

    2010-03-03 02:59:37 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010030220100303\index.dat

    2010-03-04 03:28:23 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010030320100304\index.dat

    2010-03-05 03:58:22 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010030420100305\index.dat

    2010-03-06 04:10:18 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010030520100306\index.dat

    2010-03-07 04:17:33 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010030620100307\index.dat

    2010-03-08 04:24:49 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010030720100308\index.dat

    2010-03-09 04:50:56 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010030820100309\index.dat

    2010-03-10 05:05:49 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010030920100310\index.dat

    2010-03-11 05:23:40 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010031020100311\index.dat

    2010-03-12 15:24:43 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010031220100313\index.dat

    2010-03-13 15:38:53 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010031320100314\index.dat

    2010-03-14 16:08:47 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010031420100315\index.dat

    2010-03-15 16:35:14 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010031520100316\index.dat

    2010-03-16 16:48:55 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010031620100317\index.dat

    2010-03-17 17:11:03 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010031720100318\index.dat

    2010-03-18 17:19:16 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010031820100319\index.dat

    2010-03-19 17:41:20 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010031920100320\index.dat

    2010-03-20 17:59:09 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010032020100321\index.dat

    2010-03-21 18:29:07 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010032120100322\index.dat

    2010-03-22 18:51:13 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010032220100323\index.dat

    2010-03-23 19:09:56 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010032320100324\index.dat

    2010-03-24 19:19:50 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010032420100325\index.dat

    2010-03-25 19:21:58 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010032520100326\index.dat

    2010-03-26 21:13:27 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010032620100327\index.dat

    2010-03-27 21:43:25 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010032720100328\index.dat

    2010-03-28 22:13:23 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010032820100329\index.dat

    2010-03-29 22:43:20 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010032920100330\index.dat

    2010-03-30 23:13:20 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010033020100331\index.dat

    2010-03-31 23:19:46 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010033120100401\index.dat

    2010-04-01 23:49:44 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010040120100402\index.dat

    2010-04-03 00:19:42 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010040220100403\index.dat

    2010-04-04 00:49:41 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010040320100404\index.dat

    2010-04-05 00:57:24 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010040420100405\index.dat

    2010-04-06 01:17:33 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010040520100406\index.dat

    2010-04-07 01:18:05 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010040620100407\index.dat

    2010-04-08 01:25:36 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012010040720100408\index.dat

    2010-03-15 15:53:18 245760 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat

    2009-12-11 22:25:24 16384 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\index.dat

    2009-12-11 22:25:24 32768 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat

    2009-12-11 22:25:24 16384 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\roaming\microsoft\windows\cookies\index.dat

    2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe

    2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

    ============= FINISH: 15:09:13.63 ===============

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.