Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Redirect from Google search results

Started by redirect81 , Dec 25 2010 09:44 PM

  • Please log in to reply

#1
redirect81
Posted 25 December 2010 - 09:44 PM

redirect81

    New Member

  • Member
  • Pip
  • 2 posts
Earlier this evening I did a google search for a news site (drudge) and clicked on the link to that site. Immediately the screen flashed and at the bottom right a small window popped up saying "the error has been fixed" or something along those lines. I clicked the box (big mistake I know...) and it went away. I clicked the "home" button and searched again for something else. Everything was ok until I tried to search for "how to play craps" within google. One of the first links I got was for a about.com page on craps. I clicked the link and it re-directed me to some page full of banner ads for online casinos, definitely not about.com. I went back, searched again. clicked the same link and went to the actual site this time.

Long story short, being re-directed. Here is a log I took from the OTL program. I ran a quick scan a few minutes ago. I know it's Christmas and everyone is probably with their families and not on a computer help forum tonight but I thank you in advance for your help.

OTL logfile created on: 12/25/2010 10:37:28 PM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\mike\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.00 Gb Available Physical Memory | 76.00% Memory free
15.00 Gb Paging File | 14.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 684.77 Gb Total Space | 529.76 Gb Free Space | 77.36% Space Free | Partition Type: NTFS
Drive D: | 13.87 Gb Total Space | 1.96 Gb Free Space | 14.13% Space Free | Partition Type: NTFS

Computer Name: MIKE-PC | User Name: mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/25 22:30:08 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\mike\Downloads\OTL.exe
PRC - [2010/12/14 13:01:48 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/14 13:01:47 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/02/01 23:10:14 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/02/01 23:10:10 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2010/01/11 14:21:52 | 000,490,216 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2009/09/15 17:47:36 | 000,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2009/04/10 01:26:02 | 001,328,424 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2009/04/10 01:22:06 | 000,185,640 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/03/19 12:54:52 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/02/09 21:29:56 | 000,430,080 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
PRC - [2008/11/20 12:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/11/13 09:33:46 | 000,333,088 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe


========== Modules (SafeList) ==========

MOD - [2010/12/25 22:30:08 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\mike\Downloads\OTL.exe
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/03/25 22:48:42 | 000,017,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/06/18 20:59:12 | 000,246,520 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/04 22:38:00 | 000,071,096 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/09/23 18:37:30 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2009/10/27 12:11:20 | 000,028,160 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2009/09/15 16:42:22 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2009/07/13 20:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 20:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/06 19:57:06 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/06/19 21:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/19 19:07:44 | 000,020,992 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/06 21:14:20 | 000,007,168 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2009/02/02 13:59:18 | 000,023,536 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms -- (PCDSRVC{F36B3A4C-F95654BD-06000000}_0)
DRV:64bit: - [2009/01/29 19:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009/01/29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2007/11/02 17:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2007/10/24 02:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2009/11/12 13:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/12/14 13:01:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/12/14 13:01:49 | 000,000,000 | ---D | M]

[2009/11/14 15:46:31 | 000,000,000 | ---D | M] -- C:\Users\mike\AppData\Roaming\Mozilla\Extensions
[2010/12/25 22:21:59 | 000,000,000 | ---D | M] -- C:\Users\mike\AppData\Roaming\Mozilla\Firefox\Profiles\7w5ep8he.default\extensions
[2010/12/24 16:54:28 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\mike\AppData\Roaming\Mozilla\Firefox\Profiles\7w5ep8he.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/11/14 15:46:31 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus®)) -- C:\Users\mike\AppData\Roaming\Mozilla\Firefox\Profiles\7w5ep8he.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/03/28 20:02:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions

Hosts file not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HP Remote Software] C:\Program Files\Hewlett-Packard\HP Remote\HP REMOTE V1.0.5.exe ()
O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NVRaidService] C:\Windows\SysNative\nvraidservice.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [SystemCommonvga] C:\Users\mike\AppData\Local\kbdnetEnum\SystemCommonvga.DLL ()
O4 - Startup: C:\Users\mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Media Check Tool.lnk = C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {36299202-09EF-4ABF-ADB9-47C599DBE778} https://www.hpwindow...PProdDetect.cab (HP Product Detection Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Users\mike\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\mike\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{6d6b39a1-1288-11df-82d2-0026184b7369}\Shell - "" = AutoRun
O33 - MountPoints2\{6d6b39a1-1288-11df-82d2-0026184b7369}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O33 - MountPoints2\{8d23e27a-18c4-11df-bd69-0026184b7369}\Shell - "" = AutoRun
O33 - MountPoints2\{8d23e27a-18c4-11df-bd69-0026184b7369}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/25 22:18:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010/12/25 14:02:31 | 000,000,000 | ---D | C] -- C:\Users\mike\AppData\Local\kbdnetEnum
[2010/12/14 13:52:02 | 000,000,000 | ---D | C] -- C:\Users\mike\AppData\Local\Electronic Arts

========== Files - Modified Within 30 Days ==========

[2010/12/25 22:18:44 | 000,002,971 | ---- | M] () -- C:\Users\mike\Desktop\HiJackThis.lnk
[2010/12/25 22:08:51 | 000,009,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/25 22:08:51 | 000,009,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/25 22:07:19 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/25 22:07:19 | 000,615,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/25 22:07:19 | 000,103,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/25 22:01:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/25 22:01:11 | 1945,542,655 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/17 17:39:53 | 000,464,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/12/16 16:31:14 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/12/14 16:29:20 | 000,324,513 | ---- | M] () -- C:\Users\mike\Documents\Praxis test scores.pdf
[2010/12/14 13:51:56 | 000,001,264 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2010/11/29 18:47:56 | 000,043,520 | ---- | M] () -- C:\Users\Public\Documents\GRG_CL_TP-8^.doc
[2010/11/29 18:44:37 | 000,067,072 | ---- | M] () -- C:\Users\Public\Documents\GRG_CL_TP-1^_SOW.doc
[2010/11/29 18:43:47 | 000,017,267 | ---- | M] () -- C:\Users\Public\Documents\GRG CL MHRs Summary.xlsx
[2010/11/29 18:42:06 | 000,017,438 | ---- | M] () -- C:\Users\Public\Documents\CL10 TP-3 MH^.xlsx
[2010/11/29 18:40:51 | 000,034,304 | ---- | M] () -- C:\Users\Public\Documents\GRG_CL_TP-17x_SOW.doc
[2010/11/28 16:38:40 | 000,016,194 | ---- | M] () -- C:\Users\Public\Documents\anderson county cover letter.docx
[2010/11/28 16:31:56 | 000,108,978 | ---- | M] () -- C:\Users\Public\Documents\Amyrandolphresume[1].rtf

========== Files Created - No Company Name ==========

[2010/12/25 22:18:44 | 000,002,971 | ---- | C] () -- C:\Users\mike\Desktop\HiJackThis.lnk
[2010/12/25 21:59:29 | 000,001,984 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
[2010/12/25 21:59:29 | 000,001,942 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2010/12/25 21:59:29 | 000,001,938 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk
[2010/12/14 16:29:20 | 000,324,513 | ---- | C] () -- C:\Users\mike\Documents\Praxis test scores.pdf
[2010/12/14 13:51:56 | 000,001,264 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2010/11/29 18:47:55 | 000,043,520 | ---- | C] () -- C:\Users\Public\Documents\GRG_CL_TP-8^.doc
[2010/11/29 18:44:37 | 000,067,072 | ---- | C] () -- C:\Users\Public\Documents\GRG_CL_TP-1^_SOW.doc
[2010/11/29 18:43:47 | 000,017,267 | ---- | C] () -- C:\Users\Public\Documents\GRG CL MHRs Summary.xlsx
[2010/11/29 18:42:06 | 000,017,438 | ---- | C] () -- C:\Users\Public\Documents\CL10 TP-3 MH^.xlsx
[2010/11/29 18:40:50 | 000,034,304 | ---- | C] () -- C:\Users\Public\Documents\GRG_CL_TP-17x_SOW.doc
[2010/11/28 16:38:40 | 000,016,194 | ---- | C] () -- C:\Users\Public\Documents\anderson county cover letter.docx
[2010/11/28 16:01:47 | 000,108,978 | ---- | C] () -- C:\Users\Public\Documents\Amyrandolphresume[1].rtf
[2010/08/27 10:03:51 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010/07/28 18:09:25 | 000,000,191 | ---- | C] () -- C:\ProgramData\RmUserCfg.ini
[2010/07/28 18:09:25 | 000,000,044 | ---- | C] () -- C:\ProgramData\Logo_Language.ini
[2010/07/28 18:09:25 | 000,000,021 | ---- | C] () -- C:\ProgramData\IpAndPort.fig
[2010/05/25 18:35:02 | 000,032,648 | ---- | C] () -- C:\Users\mike\AppData\Local\March AFB Interested Vendors-1.docx
[2010/05/11 16:20:52 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Standard
[2010/05/11 16:20:52 | 000,000,268 | RH-- | C] () -- C:\Users\mike\AppData\Roaming\Spacious
[2010/05/11 16:20:52 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010/05/11 16:20:52 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Strings
[2010/05/11 16:19:26 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Speech Enhancer
[2010/05/11 16:19:26 | 000,000,268 | RH-- | C] () -- C:\Users\mike\AppData\Roaming\Soundtrack
[2010/05/11 16:19:26 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/05/11 16:19:26 | 000,000,012 | RH-- | C] () -- C:\ProgramData\StatusSheet
[2010/03/10 02:39:22 | 000,193,024 | ---- | C] () -- C:\Windows\SysWow64\CovH264ToAvi.dll
[2010/03/08 22:43:56 | 000,667,754 | ---- | C] () -- C:\Windows\SysWow64\RM_DVRNET_DLL.dll
[2010/03/08 09:14:12 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\logo_language.ini
[2009/12/02 12:02:50 | 001,632,887 | ---- | C] () -- C:\Windows\SysWow64\ffmpegmt.dll
[2009/12/02 11:56:10 | 004,840,081 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll
[2009/11/15 19:03:30 | 000,000,000 | ---- | C] () -- C:\Users\mike\AppData\Roaming\wklnhst.dat
[2009/11/14 16:56:02 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2009/11/14 16:56:02 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2009/11/14 16:56:02 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2009/11/04 13:45:44 | 000,611,638 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2009/11/04 13:43:20 | 000,324,096 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2009/11/03 15:11:22 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2009/11/03 15:11:00 | 000,146,944 | ---- | C] () -- C:\Windows\SysWow64\ff_tremor.dll
[2009/11/03 15:10:42 | 000,183,296 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2009/11/03 15:09:18 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2009/11/03 15:08:58 | 000,484,864 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2009/11/03 15:08:12 | 000,257,024 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2009/11/03 15:07:16 | 000,142,848 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2009/11/03 14:36:06 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2009/11/03 14:34:56 | 000,100,864 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2009/11/03 14:34:38 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/11/03 13:07:24 | 000,895,308 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/11/03 13:05:02 | 000,957,047 | ---- | C] () -- C:\Windows\SysWow64\ff_x264.dll
[2009/10/27 17:46:26 | 000,248,320 | ---- | C] () -- C:\Windows\SysWow64\ff_kernelDeint.dll
[2009/10/21 14:18:54 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/07/23 05:51:26 | 000,229,442 | ---- | C] () -- C:\Windows\SysWow64\winpubf.dll
[2009/07/23 05:51:26 | 000,196,608 | ---- | C] () -- C:\Windows\SysWow64\nvrfs.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/05/09 06:46:22 | 000,354,816 | ---- | C] () -- C:\Windows\SysWow64\pythoncom26.dll
[2009/05/09 06:46:22 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\pywintypes26.dll
[2009/01/10 17:17:32 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2009/01/10 17:16:56 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2009/01/10 17:16:50 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2009/01/10 17:16:14 | 000,141,312 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2009/01/10 17:15:54 | 000,120,832 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2009/01/10 17:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\mmfinfo.dll
[2009/01/10 17:15:32 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2009/01/10 17:15:28 | 000,246,784 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2009/01/10 17:15:12 | 000,097,280 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2009/01/10 17:14:08 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2009/01/10 17:14:06 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2008/12/03 17:11:50 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2008/11/06 11:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2008/04/12 09:21:40 | 007,276,032 | ---- | C] () -- C:\Windows\SysWow64\avcodec.dll
[2008/04/12 09:21:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\avutil.dll
[2008/04/12 09:21:34 | 000,666,624 | ---- | C] () -- C:\Windows\SysWow64\avformat.dll
[2007/10/13 04:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini

========== LOP Check ==========

[2010/10/04 16:14:22 | 000,000,000 | ---D | M] -- C:\Users\mike\AppData\Roaming\Amazon
[2010/08/27 10:04:02 | 000,000,000 | ---D | M] -- C:\Users\mike\AppData\Roaming\Canneverbe Limited
[2009/11/14 15:46:27 | 000,000,000 | ---D | M] -- C:\Users\mike\AppData\Roaming\funkitron
[2009/11/14 15:46:27 | 000,000,000 | ---D | M] -- C:\Users\mike\AppData\Roaming\GetRightToGo
[2010/08/14 16:31:21 | 000,000,000 | ---D | M] -- C:\Users\mike\AppData\Roaming\Nikon
[2010/03/28 20:04:33 | 000,000,000 | ---D | M] -- C:\Users\mike\AppData\Roaming\OpenOffice.org
[2009/11/14 15:46:31 | 000,000,000 | ---D | M] -- C:\Users\mike\AppData\Roaming\PictureMover
[2009/11/14 15:46:31 | 000,000,000 | ---D | M] -- C:\Users\mike\AppData\Roaming\WildTangent
[2010/08/31 09:01:22 | 000,000,552 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2010/10/19 15:37:13 | 000,032,654 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
redirect81
Posted 25 December 2010 - 10:52 PM

redirect81

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I might have solved it... I just updated Java and now I'm not getting the redirects. Could be coincidence??? Not sure...

EDIT: No, didn't help...still being redirected when I click on links that show up from Google searches.

Edited by redirect81, 25 December 2010 - 11:37 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP