Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google Redirect...ugh

Started by snipeer2811 , Jun 17 2011 11:48 AM

  • This topic is locked This topic is locked

#16
snipeer2811
Posted 25 June 2011 - 11:03 PM

snipeer2811

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Here's the new log...

OTL logfile created on: 6/25/2011 11:50:11 PM - Run 4
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Lea\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.83 Gb Available Physical Memory | 61.27% Memory free
6.18 Gb Paging File | 4.86 Gb Available in Paging File | 78.64% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.74 Gb Total Space | 59.52 Gb Free Space | 43.53% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 4.56 Gb Free Space | 46.71% Space Free | Partition Type: NTFS

Computer Name: LAPTOP | User Name: Lea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/24 15:38:14 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Lea\Desktop\OTL.exe
PRC - [2010/11/19 14:38:08 | 000,193,880 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2010/11/19 14:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2010/10/12 17:28:26 | 000,726,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2010/10/12 17:24:38 | 000,304,568 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2009/11/02 13:17:08 | 000,604,888 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoTransfer.exe
PRC - [2009/11/02 13:17:06 | 002,195,160 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoServer.exe
PRC - [2009/11/02 13:17:04 | 000,430,808 | ---- | M] (TiVo Inc.) -- C:\Program Files\TiVo\Desktop\TiVoNotify.exe
PRC - [2009/07/06 20:07:00 | 001,848,648 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/04 14:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/10/04 14:58:02 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/09/30 11:03:14 | 000,820,464 | ---- | M] (Dell Inc.) -- c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe
PRC - [2008/09/30 11:03:12 | 000,173,296 | ---- | M] (SingleClick Systems) -- C:\ProgramData\SingleClick Systems\Remote Access File Sync Service\dsl_fs_sync.exe
PRC - [2008/05/04 04:25:32 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2008/05/04 04:25:26 | 000,167,936 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2008/05/04 04:25:26 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2008/05/04 04:25:26 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2008/03/04 00:05:24 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2008/01/25 02:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2008/01/20 21:33:24 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2008/01/20 21:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/09 17:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2007/12/11 13:33:42 | 000,358,224 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007/12/05 11:04:10 | 000,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2007/11/26 11:46:14 | 000,023,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2007/11/12 06:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/11/12 06:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/11/01 20:12:38 | 000,582,992 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2007/11/01 20:12:38 | 000,265,040 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcuimgr.exe
PRC - [2007/09/21 15:26:34 | 000,015,872 | ---- | M] (Apache Software Foundation) -- C:\ProgramData\SingleClick Systems\apache\bin\httpd.exe
PRC - [2007/09/14 15:35:04 | 005,730,304 | ---- | M] () -- C:\ProgramData\SingleClick Systems\MySQL\bin\mysqld.exe
PRC - [2007/07/24 13:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2007/07/18 16:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2007/03/21 14:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 14:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/02/28 19:43:30 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbxcoms.exe
PRC - [2006/11/17 16:54:34 | 000,537,480 | ---- | M] ( ) -- C:\Windows\System32\dlcjcoms.exe


========== Modules (SafeList) ==========

MOD - [2011/06/24 15:38:14 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Lea\Desktop\OTL.exe
MOD - [2010/08/31 10:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (DockLoginService)
SRV - [2010/11/19 14:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2009/11/02 13:17:00 | 001,098,968 | ---- | M] (TiVo Inc.) [Disabled | Stopped] -- C:\Program Files\TiVo\Desktop\TiVoBeacon.exe -- (TivoBeacon2)
SRV - [2009/05/20 14:18:28 | 000,297,472 | ---- | M] (Amazon.com) [On_Demand | Stopped] -- C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)
SRV - [2008/12/20 08:17:36 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/10/04 14:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2008/09/30 11:03:14 | 000,820,464 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)
SRV - [2008/09/30 11:03:12 | 000,173,296 | ---- | M] (SingleClick Systems) [Auto | Running] -- C:\ProgramData\SingleClick Systems\Remote Access File Sync Service\dsl_fs_sync.exe -- (dsl-fs-sync)
SRV - [2008/07/04 18:17:48 | 000,164,600 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/01/25 02:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008/01/20 21:35:18 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lpdsvc.dll -- (LPDSVC)
SRV - [2008/01/20 21:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/09 17:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2007/12/11 13:33:42 | 000,358,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2007/12/05 11:04:10 | 000,695,624 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2007/11/26 11:46:14 | 000,023,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2007/11/12 06:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/12 06:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/11/07 10:35:40 | 000,378,184 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2007/09/21 15:26:34 | 000,015,872 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\ProgramData\SingleClick Systems\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2007/09/14 15:35:04 | 005,730,304 | ---- | M] () [Auto | Running] -- C:\ProgramData\SingleClick Systems\MySQL\bin\mysqld.exe -- (dsl-db)
SRV - [2007/07/24 13:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2007/07/18 16:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2007/03/21 14:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/02/28 19:43:30 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbxcoms.exe -- (dlbx_device)
SRV - [2006/11/17 16:54:34 | 000,537,480 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlcjcoms.exe -- (dlcj_device)


========== Driver Services (SafeList) ==========

DRV - [2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/07/14 12:51:56 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2010/01/20 15:18:26 | 000,033,792 | ---- | M] (Belcarra Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btblan.sys -- (Leapfrog-USBLAN)
DRV - [2008/10/27 04:52:00 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008/06/23 07:45:44 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/06/17 13:01:06 | 000,022,016 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\packet.sys -- (Packet)
DRV - [2008/05/04 04:25:24 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/04/01 14:33:16 | 000,019,456 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlyUsb.sys -- (FlyUsb)
DRV - [2008/03/06 02:58:44 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/03/04 00:05:34 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2008/03/04 00:05:18 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2008/01/20 21:32:51 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/12/02 13:51:42 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2007/11/22 07:44:08 | 000,201,320 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2007/11/22 07:44:08 | 000,079,304 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2007/11/22 07:44:08 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2007/11/22 07:44:04 | 000,033,832 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/11/12 06:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/06 11:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/06 11:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/06 11:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/07/13 07:21:12 | 000,125,728 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2004/09/29 01:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctpdusb2.sys -- (Jukebox)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = CB 50 85 0E 71 FE F3 47 A2 46 BF 8A 55 10 6C AA [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = CB 50 85 0E 71 FE F3 47 A2 46 BF 8A 55 10 6C AA [binary data]

IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=us&ibd=6081220
IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = CB 50 85 0E 71 FE F3 47 A2 46 BF 8A 55 10 6C AA [binary data]
IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-1226883020-3580698897-141179692-1001\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = CB 50 85 0E 71 FE F3 47 A2 46 BF 8A 55 10 6C AA [binary data]

========== FireFox ==========


FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/24 16:01:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/13 23:32:07 | 000,000,000 | ---D | M]

[2008/12/30 11:32:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lea\AppData\Roaming\Mozilla\Extensions
[2011/06/23 13:17:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lea\AppData\Roaming\Mozilla\Firefox\Profiles\1s6uavsf.default\extensions
[2010/09/10 17:38:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lea\AppData\Roaming\Mozilla\Firefox\Profiles\1s6uavsf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/22 17:02:48 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Lea\AppData\Roaming\Mozilla\Firefox\Profiles\1s6uavsf.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/05/22 07:00:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/22 07:00:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/06/24 16:01:50 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/10/12 16:33:32 | 000,124,344 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\CCMSDK.dll
[2010/10/12 16:37:06 | 000,070,592 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\CgpCore.dll
[2010/10/12 16:35:42 | 000,091,576 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\confmgr.dll
[2010/10/12 16:34:56 | 000,022,464 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\ctxlogging.dll
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/12 18:16:54 | 000,484,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npicaN.dll
[2010/10/12 16:37:02 | 000,024,000 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\TcpPServ.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/24 16:06:13 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\Program Files\McAfee\MSK\mcapbho.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.1852\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O4 - HKLM..\Run: [AmazonGSDownloaderTray] C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe (Amazon.com)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Monitor] C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1226883020-3580698897-141179692-1000..\Run: [TivoNotify] C:\Program Files\TiVo\Desktop\TiVoNotify.exe (TiVo Inc.)
O4 - HKU\S-1-5-21-1226883020-3580698897-141179692-1000..\Run: [TivoServer] C:\Program Files\TiVo\Desktop\TiVoServer.exe (TiVo Inc.)
O4 - HKU\S-1-5-21-1226883020-3580698897-141179692-1000..\Run: [TivoTransfer] C:\Program Files\TiVo\Desktop\TiVoTransfer.exe (TiVo Inc.)
O4 - HKU\S-1-5-21-1226883020-3580698897-141179692-1000..\Run: [TranscodingService] C:\Program Files\TiVo\Desktop\Plus\\TranscodingService.exe ()
O4 - Startup: C:\Users\Dan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1226883020-3580698897-141179692-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica; charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=euc-jp {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=ISO-8859-1 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS936 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS949 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=MS950 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\application/x-ica;charset=UTF-8 {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - AppInit_DLLs: (c:\progra~1\google\google~3\goec62~1.dll) - c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\Lea\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Lea\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{f074beef-fa92-11df-ac24-0023ae0ed539}\Shell - "" = AutoRun
O33 - MountPoints2\{f074beef-fa92-11df-ac24-0023ae0ed539}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/24 15:34:30 | 000,000,000 | ---D | C] -- C:\Users\Lea\Desktop\RK_Quarantine
[2011/06/17 16:44:00 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/17 15:58:01 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Lea\Desktop\OTL.exe
[2011/06/17 15:55:34 | 000,581,120 | ---- | C] (AVAST Software) -- C:\Users\Lea\Desktop\aswMBR.exe
[2011/06/17 12:35:01 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Lea\Desktop\HiJackThis.exe
[2011/06/13 23:52:17 | 000,000,000 | ---D | C] -- C:\Users\Lea\Desktop\Dan School
[2011/06/13 23:50:56 | 000,000,000 | ---D | C] -- C:\Users\Lea\Desktop\Lea Work
[2011/06/13 23:49:15 | 000,000,000 | ---D | C] -- C:\Users\Lea\Desktop\Installers
[2011/06/13 23:48:13 | 000,000,000 | ---D | C] -- C:\Users\Lea\Desktop\Security Stuff
[2011/06/13 23:24:54 | 000,000,000 | ---D | C] -- C:\Users\Lea\AppData\Roaming\Malwarebytes
[2011/06/13 23:24:46 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/06/13 23:24:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/13 23:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/13 23:24:42 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/06/13 23:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/13 22:24:01 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/06/03 11:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2011/06/03 11:32:53 | 000,000,000 | ---D | C] -- C:\Users\Lea\AppData\Roaming\ICAClient
[2011/06/03 11:32:53 | 000,000,000 | ---D | C] -- C:\Users\Lea\AppData\Local\Citrix
[2011/06/03 11:31:34 | 000,000,000 | ---D | C] -- C:\Users\Lea\AppData\Roaming\Download Manager
[2011/06/01 07:54:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/05/31 22:06:45 | 000,000,000 | ---D | C] -- C:\Users\Lea\Desktop\Cowboys
[2010/02/05 23:48:48 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbxserv.dll
[2010/02/05 23:48:48 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\dlbxusb1.dll
[2010/02/05 23:48:48 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbxpmui.dll
[2010/02/05 23:48:48 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbxinpa.dll
[2010/02/05 23:48:48 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbxiesc.dll
[2010/02/05 23:48:48 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlbxih.exe
[2010/02/05 23:48:48 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\DLBXhcp.dll
[2010/02/05 23:48:48 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbxprox.dll
[2010/02/05 23:48:48 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbxpplc.dll
[2010/02/05 23:48:47 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbxhbn3.dll
[2010/02/05 23:48:47 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbxcomc.dll
[2010/02/05 23:48:47 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlbxcomm.dll
[2010/02/05 23:48:47 | 000,382,448 | ---- | C] ( ) -- C:\Windows\System32\dlbxcfg.exe
[2006/11/17 16:54:36 | 000,385,928 | ---- | C] ( ) -- C:\Windows\System32\dlcjih.exe
[2006/11/17 16:54:34 | 000,537,480 | ---- | C] ( ) -- C:\Windows\System32\dlcjcoms.exe
[2006/11/17 16:54:32 | 000,381,832 | ---- | C] ( ) -- C:\Windows\System32\dlcjcfg.exe
[2006/11/06 17:37:46 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcjpmui.dll
[2006/11/06 17:35:50 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcjserv.dll
[2006/11/06 17:28:08 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcjcomm.dll
[2006/11/06 17:26:14 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcjlmpm.dll
[2006/11/06 17:24:44 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcjiesc.dll
[2006/11/06 17:21:48 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcjpplc.dll
[2006/11/06 17:20:48 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcjcomc.dll
[2006/11/06 17:20:14 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcjprox.dll
[2006/11/06 17:12:44 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcjinpa.dll
[2006/11/06 17:11:58 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcjusb1.dll
[2006/11/06 17:07:04 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcjhbn3.dll
[2004/12/16 10:33:48 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbxlmpm.dll
[2004/12/16 10:26:58 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlbxcoms.exe
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/25 23:49:31 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/25 23:49:31 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/25 23:46:00 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/25 23:45:52 | 000,032,997 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2011/06/25 23:44:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/24 21:21:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1226883020-3580698897-141179692-1000UA.job
[2011/06/24 20:57:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/24 20:26:29 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/24 20:26:29 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/24 19:21:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1226883020-3580698897-141179692-1000Core.job
[2011/06/24 16:26:25 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/24 16:06:13 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/06/24 15:38:14 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Lea\Desktop\OTL.exe
[2011/06/24 15:33:33 | 000,510,976 | ---- | M] () -- C:\Users\Lea\Desktop\RogueKiller.exe
[2011/06/19 22:34:01 | 000,002,651 | ---- | M] () -- C:\Users\Lea\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2011/06/17 15:57:46 | 000,000,512 | ---- | M] () -- C:\Users\Lea\Desktop\MBR.dat
[2011/06/17 15:55:35 | 000,581,120 | ---- | M] (AVAST Software) -- C:\Users\Lea\Desktop\aswMBR.exe
[2011/06/17 12:35:05 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Lea\Desktop\HiJackThis.exe
[2011/06/17 12:28:48 | 001,309,375 | ---- | M] () -- C:\Users\Lea\Desktop\tdsskiller.zip
[2011/06/17 12:11:16 | 000,006,648 | ---- | M] () -- C:\Users\Lea\AppData\Local\d3d9caps.dat
[2011/06/15 01:00:00 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2011/06/07 11:58:41 | 000,002,609 | ---- | M] () -- C:\Users\Lea\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2011/06/01 07:54:45 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/06/01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/24 15:33:32 | 000,510,976 | ---- | C] () -- C:\Users\Lea\Desktop\RogueKiller.exe
[2011/06/17 15:57:46 | 000,000,512 | ---- | C] () -- C:\Users\Lea\Desktop\MBR.dat
[2011/06/17 12:28:44 | 001,309,375 | ---- | C] () -- C:\Users\Lea\Desktop\tdsskiller.zip
[2011/06/17 12:18:23 | 3210,784,768 | -HS- | C] () -- C:\hiberfil.sys
[2011/06/01 07:54:45 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010/02/05 23:48:48 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlbxutil.dll
[2010/02/05 23:48:48 | 000,274,432 | ---- | C] () -- C:\Windows\System32\DLBXinst.dll
[2010/02/05 23:48:48 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlbxinsb.dll
[2010/02/05 23:48:48 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlbxins.dll
[2010/02/05 23:48:48 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlbxjswr.dll
[2010/02/05 23:48:48 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlbxinsr.dll
[2010/02/05 23:48:47 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlbxcub.dll
[2010/02/05 23:48:47 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlbxcu.dll
[2010/02/05 23:48:47 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlbxcur.dll
[2010/02/05 22:07:12 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlbxcfg.dll
[2010/02/05 15:58:37 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbxcnv4.dll
[2010/02/05 15:58:37 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbxvs.dll
[2010/02/05 15:58:35 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbxcoin.dll
[2009/10/22 13:18:11 | 000,098,304 | ---- | C] () -- C:\Windows\System32\PdeSrv2p.dll
[2009/10/22 13:18:10 | 000,149,504 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2009/06/26 00:23:02 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/04/14 15:49:54 | 000,000,826 | ---- | C] () -- C:\Windows\eReg.dat
[2009/01/27 11:55:10 | 000,006,648 | ---- | C] () -- C:\Users\Lea\AppData\Local\d3d9caps.dat
[2009/01/11 18:52:42 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/12/30 11:30:51 | 000,031,744 | ---- | C] () -- C:\Users\Lea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/30 11:11:38 | 000,002,033 | ---- | C] () -- C:\Users\Lea\AppData\Roaming\install.dat
[2008/12/20 09:36:35 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/12/20 09:36:35 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/12/20 09:36:35 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2008/12/20 09:36:34 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/12/20 09:36:34 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/12/20 09:36:31 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/12/20 09:33:28 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/12/20 09:33:28 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/12/20 08:02:20 | 000,055,808 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/12/20 08:02:19 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2008/12/20 07:58:11 | 000,000,076 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2008/02/03 18:37:35 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 12:30:48 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlcjcoin.dll
[2006/11/02 07:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:44:53 | 000,302,952 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:33:01 | 000,604,502 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,170 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/10/20 05:04:52 | 000,106,496 | ---- | C] () -- C:\Windows\System32\dlcjinsr.dll
[2006/10/20 05:04:42 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dlcjcur.dll
[2006/10/20 05:04:00 | 000,135,168 | ---- | C] () -- C:\Windows\System32\dlcjjswr.dll
[2006/10/20 04:58:06 | 000,176,128 | ---- | C] () -- C:\Windows\System32\dlcjinsb.dll
[2006/10/20 04:57:52 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dlcjcub.dll
[2006/10/20 04:57:30 | 000,073,728 | ---- | C] () -- C:\Windows\System32\dlcjcu.dll
[2006/10/20 04:57:18 | 000,159,744 | ---- | C] () -- C:\Windows\System32\dlcjins.dll
[2006/10/20 04:55:02 | 000,434,176 | ---- | C] () -- C:\Windows\System32\dlcjutil.dll
[2006/09/06 06:26:28 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlcjcfg.dll
[2005/08/18 07:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlcjvs.dll

========== LOP Check ==========

[2009/11/22 18:53:10 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Amazon
[2010/09/19 23:22:20 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\AnvSoft
[2010/09/19 21:43:39 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\avidemux
[2011/02/09 21:38:16 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\calibre
[2009/02/22 11:05:41 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Greyfirst
[2011/06/03 13:03:27 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\ICAClient
[2009/04/11 14:35:59 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\iWin
[2010/05/02 12:42:23 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\MechCAD
[2010/10/24 20:55:38 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Mobipocket
[2009/10/22 01:52:44 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\OverDrive
[2010/07/16 17:10:24 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\Solecismic Software
[2011/03/16 12:25:12 | 000,000,000 | ---D | M] -- C:\Users\Lea\AppData\Roaming\WildTangent
[2011/06/15 01:00:00 | 000,000,356 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2011/06/01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2011/06/24 16:25:40 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:5D432CE3

< End of report >
  • 0

Advertisements

#17
Essexboy
Posted 26 June 2011 - 04:10 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Any further problems ?
  • 0

#18
snipeer2811
Posted 27 June 2011 - 01:16 PM

snipeer2811

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Another computer on my home network is infected with something similar but different...We have 2 desktops and one laptop on the network. The laptop is the one you've been fixing. Of the desktops, one is XP one is Vista. The one running Vista had a similar "scareware" thing, but with this one, I couldn't open anything (literally). I finally restarted in safe mode and did a restore, and I am currently running mbab on it. I'm going to buy whatever the best security out there is because I am tired of this. Any suggestions? I've heard Webroot or Ad-Aware Pro are the best.

Thanks,
Dan
  • 0

#19
Essexboy
Posted 27 June 2011 - 01:36 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Do you want me to look at the other system ?

If you want the best paid for - well the one I rarely see here is Kaspersky. They make TDSSKiller and the AVP tool I use quite a lot
  • 0

#20
snipeer2811
Posted 27 June 2011 - 01:54 PM

snipeer2811

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Just the best overall. Regarding the other system, I think it should be good for now. I do appreciate the offer, but I don't want to take up your time any more than I have.

Maybe you could just answer a few questions instead...

1. Has there been a recent spate of infections or is it just my lucky month?
2. If one system becomes infected, are the others more susceptible to infection?
3. Can I avoid these in the future (staying away from flash videos, etc)?

Thanks again.
  • 0

#21
Essexboy
Posted 27 June 2011 - 02:59 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

3. Can I avoid these in the future (staying away from flash videos, etc)?

Difficult to answer as a lot of the malware is now delivered via hacked websites, an innocuous java is added which then redirects and downloads

If one system becomes infected, are the others more susceptible to infection?

If they are networked and have shares then it is possible

Has there been a recent spate of infections or is it just my lucky month?

It has been a bit busier than normal

http://www.kaspersky...rsky_anti-virus for a paid version I think this would be at the top

Any further questions do not hesitate to ask :)
  • 0

#22
Essexboy
Posted 29 June 2011 - 03:04 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP