Tech Support Forum banner
Status
Not open for further replies.
1 - 2 of 2 Posts

·
Registered
Joined
·
2 Posts
Discussion Starter · #1 ·
Hi

I need your help with an already famous virus: Sirefef.

My laptop = Sony Vaio, Windows Vista, Service Pack 2.

A couple of days ago Microsoft Security Essential detected the following viruses and took the following actions:
"TrojanDropper:Win32/Sirefef.B" ---> Action taken: allowed
"Trojan:Win64/Sirefef.E" ---> Action taken: allowed"Trojan:Win32/Sirefef.I" ---> Action taken: allowed
"Trojan:Win32/Sirefef.J" ---> Action taken: allowed
"Trojan:Win64/Sirefef.D" ---> Action taken: allowed
"Trojan:Win32/Sirefef.P" ---> Action taken: allowed
"Trojan:Win32/Conedex.A" ---> Action taken: allowed

I had serious problems with google redirect, in practice I couldn't move from a google search to the choosen website.

Knowing the virus was inside my PC, and somehow it was not deleted by MSE, I run an online ESET scan which found and deleted some viruses.
After one day, I re-run both an ESET scan (with MSE temporarly disabled) and a quick MSE scan. This time both of them didn't find any viruses.
I don't have the google redirect problem anymore.

Now I am not sure whether I still have those viruses in my PC. How can I be 100% sure that my PC is clean? Could you please help?

Please find below DDS log.

Thanks a lot in advance.



DDS


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Luigi at 12:39:29 on 2012-01-08
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\RtkAudioService.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\sony\Network Utility\NSUService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files\sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\sony\ISB Utility\ISBMgr.exe
C:\Program Files\sony\Marketing Tools\MarketingTools.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Luigi\Program Files\DNA\btdna.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
C:\Windows\System32\mobsync.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Users\Luigi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luigi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luigi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luigi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luigi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luigi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luigi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Luigi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luigi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\notepad.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Luigi\Desktop\dds.scr
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.club-vaio.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
mDefault_Page_URL = hxxp://www.club-vaio.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [BitTorrent DNA] "c:\users\luigi\program files\dna\btdna.exe"
uRun: [Google Update] "c:\users\luigi\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [updateMgr] c:\program files\adobe\acrobat 7.0\acrobat\AdobeUpdateManager.exe AcPro7_0_0 -reboot 1
uRun: [Facebook Update] "c:\users\luigi\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [MarketingTools] c:\program files\sony\marketing tools\MarketingTools.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Skytel] Skytel.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [VirtualCloneDrive] "c:\program files\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "c:\program files\common files\adobe\cs5.5servicemanager\CS5.5ServiceManager.exe" -launchedbylogin
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&sporta in Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{6778BC13-2D5A-4A38-ACAA-E99341469638} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{C1458549-CA0B-4A3B-8F8E-9259653AA0DD} : DhcpNameServer = 192.168.1.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\luigi\appdata\roaming\mozilla\firefox\profiles\okj89sud.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=http%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl&bsv=1eic6yu9oa4y3&scc=1&ltmpl=default&ltmplcache=2
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101757&gct=&gc=1&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\picasa2\npPicasa3.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - plugin: c:\program files\vistacodecpack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\vistacodecpack\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\luigi\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\luigi\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\users\luigi\appdata\roaming\mozilla\plugins\npicaN.dll
FF - plugin: c:\users\luigi\program files\dna\plugins\npbtdna.dll
.
============= SERVICES / DRIVERS ===============
.
R? BBSvc;Bing Bar Update Service
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? fssfltr;fssfltr
R? fsssvc;Windows Live Family Safety Service
R? GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335
R? gupdate;Google Update Service (gupdate)
R? gupdatem;Google Update Service (gupdatem)
R? McComponentHostService;McAfee Security Scan Component Host Service
R? MpKsl031d00f1;MpKsl031d00f1
R? MpKsl8057fb6c;MpKsl8057fb6c
R? MpKsl831a2ddb;MpKsl831a2ddb
R? MpKslab6c5656;MpKslab6c5656
R? MpKsle910e13a;MpKsle910e13a
R? MpKslfdf3ad01;MpKslfdf3ad01
R? SOHCImp;VAIO Media plus Content Importer
R? SOHDms;VAIO Media plus Digital Media Server
R? SOHDs;VAIO Media plus Device Searcher
R? SwitchBoard;SwitchBoard
R? TfFsMon;TfFsMon
R? TfNetMon;TfNetMon
R? TfSysMon;TfSysMon
R? VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager
R? wlcrasvc;Windows Live Mesh remote connections service
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect
S? FontCache;Windows Font Cache Service
S? MpFilter;Microsoft Malware Protection Driver
S? MpKslf5c62f43;MpKslf5c62f43
S? MpNWMon;Microsoft Malware Protection Network Driver
S? NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit
S? NisDrv;Microsoft Network Inspection System
S? NisSrv;Microsoft Network Inspection
S? NSUService;NSUService
S? regi;regi
S? RtkAudioService;Realtek Audio Service
S? SFEP;Sony Firmware Extension Parser
S? uCamMonitor;CamMonitor
S? VAIO Power Management;VAIO Power Management
S? VCFw;VAIO Content Folder Watcher
S? VUAgent;VUAgent
.
=============== Created Last 30 ================
.
2012-01-08 12:05:16 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{eff39247-7561-4c72-a2d4-e4f8a50b522f}\MpKslf5c62f43.sys
2012-01-08 12:05:14 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{eff39247-7561-4c72-a2d4-e4f8a50b522f}\offreg.dll
2012-01-08 12:05:06 6823496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{eff39247-7561-4c72-a2d4-e4f8a50b522f}\mpengine.dll
2012-01-08 00:53:44 -------- d-----w- c:\users\luigi\appdata\local\{29204008-E06A-4636-9362-88C191BD6E5F}
2012-01-08 00:53:33 -------- d-----w- c:\users\luigi\appdata\local\{01D09630-E4E2-4941-9E6A-C615E5CDF083}
2012-01-08 00:47:12 -------- d-sh--w- C:\found.001
2012-01-07 17:23:03 -------- d-----w- c:\users\luigi\appdata\roaming\PerformerSoft
2012-01-07 17:22:59 17464 ----a-w- c:\windows\system32\roboot.exe
2012-01-07 17:22:52 -------- d-----w- c:\program files\PC Performer
2012-01-07 10:59:33 -------- d-----w- c:\program files\ESET
2012-01-06 20:02:35 703824 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{ccd8b7ed-beb5-4649-963c-db26d60639b3}\gapaengine.dll
2012-01-06 17:00:31 -------- d-----w- c:\users\luigi\appdata\local\{AC70CF5D-0E37-4321-AE68-7E2140645064}
2012-01-06 17:00:06 -------- d-----w- c:\users\luigi\appdata\local\{303993B6-04D4-41C8-B1C6-AA29C479AD2D}
2012-01-06 16:45:34 -------- d-----w- C:\8c94985afdc1ea784a8b3b3add
2012-01-06 16:40:45 -------- d-sh--w- c:\users\luigi\appdata\local\4727d948
2012-01-05 21:55:39 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2012-01-05 20:49:08 -------- d-----w- c:\users\luigi\appdata\roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-01-05 20:46:26 -------- d-----w- c:\program files\Adobe Download Assistant
2012-01-05 12:29:32 -------- d-----w- c:\program files\WinHTTrack
2012-01-04 14:40:55 -------- d-----w- c:\program files\iPod
2012-01-04 14:40:53 -------- d-----w- c:\program files\iTunes
2011-12-23 01:14:33 -------- d-----w- c:\users\luigi\appdata\local\{7B121714-3491-484D-B8C7-F2E920A2E9F0}
2011-12-23 01:14:23 -------- d-----w- c:\users\luigi\appdata\local\{C26A5A82-4735-41AC-9E36-C0803FA10C45}
2011-12-20 12:45:35 -------- d-----w- c:\program files\PlayerPlus
2011-12-20 11:33:49 -------- d-----w- c:\users\luigi\appdata\local\{F5762898-E3F3-484B-8DAD-98902497B2FC}
2011-12-20 11:33:38 -------- d-----w- c:\users\luigi\appdata\local\{4D8BF32B-D0B9-490E-857A-0AB756074EE8}
2011-12-16 15:33:46 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-16 15:33:46 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-16 15:33:25 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-12-16 15:33:21 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-12-16 15:33:19 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2011-12-16 15:32:49 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-16 15:32:42 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-16 15:20:41 -------- d-----w- c:\users\luigi\appdata\local\{85CB9BE3-1D92-43B6-B7BD-9FA900E758AB}
2011-12-16 15:20:29 -------- d-----w- c:\users\luigi\appdata\local\{F304877E-3845-475C-BE12-FA2A5D3A33D4}
2011-12-16 03:19:47 -------- d-----w- c:\users\luigi\appdata\local\{BC6726D7-616D-4E58-8E46-1C4C03A105BE}
2011-12-16 03:19:36 -------- d-----w- c:\users\luigi\appdata\local\{5A41AB07-87FE-444A-8ED6-B0294876EB02}
2011-12-14 09:19:21 -------- d-----w- c:\users\luigi\appdata\local\{D0D6A727-C053-450A-8E55-42A92A083BC2}
2011-12-14 09:19:07 -------- d-----w- c:\users\luigi\appdata\local\{92F3AC7E-F6D6-42EF-B91A-9C00178D4A33}
2011-12-13 09:31:15 -------- d-----w- c:\users\luigi\appdata\local\{AB214495-80DF-4F38-9C54-AC6792CEC947}
2011-12-13 09:31:02 -------- d-----w- c:\users\luigi\appdata\local\{B4410D38-AD69-43A2-B51F-BED8198FE340}
2011-12-12 10:35:53 -------- d-----w- c:\users\luigi\appdata\local\{E6CDA109-68FE-4FC1-BF93-2EA15A2E636F}
2011-12-11 23:26:10 -------- d-----w- c:\program files\Cisco
2011-12-11 23:26:04 -------- d-----w- c:\program files\common files\Intel
2011-12-11 21:32:49 -------- d-----w- c:\users\luigi\appdata\local\{F5B8B367-A32E-47AE-B5D1-FB32EBEDEE61}
2011-12-11 21:32:38 -------- d-----w- c:\users\luigi\appdata\local\{4C4BED75-D67A-4CE3-8DE9-5AF43DC96DC6}
2011-12-11 14:31:50 -------- d-----w- c:\programdata\Windows
.
==================== Find3M ====================
.
2011-12-09 10:04:05 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 12:40:36.11 ===============
 

Attachments

1 - 2 of 2 Posts
Status
Not open for further replies.
Top