Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

google redicts etc

Started by tenzinJamphell , Jun 25 2011 07:08 PM

  • Please log in to reply

#1
tenzinJamphell
Posted 25 June 2011 - 07:08 PM

tenzinJamphell

    New Member

  • Member
  • Pip
  • 1 posts
OTL logfile created on: 6/25/2011 6:04:26 PM - Run 1
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\jamphell\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 60.09% Memory free
6.19 Gb Paging File | 5.08 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74.69 Gb Total Space | 35.22 Gb Free Space | 47.15% Space Free | Partition Type: NTFS

Computer Name: FREETIBET | User Name: jamphell | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/25 18:01:29 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\jamphell\Desktop\OTL.exe
PRC - [2011/06/23 23:29:50 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/04/13 04:01:14 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010/07/27 17:05:00 | 000,069,560 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2010/04/26 13:46:32 | 000,144,824 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ZOOM\TpScrex.exe
PRC - [2010/04/07 14:37:38 | 000,093,032 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
PRC - [2010/04/07 14:37:22 | 000,063,928 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2010/04/01 14:50:44 | 000,043,960 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
PRC - [2010/03/25 10:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010/01/15 05:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/11/24 13:51:18 | 000,176,056 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/07/25 16:06:30 | 002,027,792 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2007/07/25 16:02:54 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/07/25 16:02:32 | 000,403,728 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2007/07/20 00:40:48 | 000,137,752 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/07/20 00:38:54 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2007/04/17 20:45:54 | 000,368,640 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
PRC - [2007/02/06 12:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE


========== Modules (SafeList) ==========

MOD - [2011/06/25 18:01:29 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\jamphell\Desktop\OTL.exe
MOD - [2010/08/31 08:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2007/07/20 00:40:36 | 000,113,176 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcInj.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/04/07 14:37:38 | 000,093,032 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe -- (Lenovo.VIRTSCRLSVC)
SRV - [2010/04/07 14:37:22 | 000,063,928 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2010/04/07 12:02:16 | 000,045,496 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV - [2010/01/15 05:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/03/06 12:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/20 00:42:30 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/07/20 00:40:48 | 000,137,752 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/07/20 00:38:54 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2007/02/06 12:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)


========== Driver Services (SafeList) ==========

DRV - [2010/03/26 08:17:20 | 000,220,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2009/07/07 14:48:44 | 000,027,696 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2009/07/07 14:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/05/12 18:04:02 | 000,013,480 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2008/01/19 00:42:12 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2007/10/15 20:29:28 | 000,737,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/07/20 00:39:50 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/07/20 00:37:56 | 002,109,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/07/18 17:44:22 | 003,599,000 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Pro 5000(UVC)
DRV - [2007/07/18 17:44:00 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/07/18 17:42:42 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/07/18 17:42:28 | 001,920,920 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007/04/05 15:36:16 | 002,464,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007/04/05 15:36:16 | 002,464,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2006/11/27 17:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/23 23:29:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/06/20 18:42:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jamphell\AppData\Roaming\Mozilla\Extensions
[2011/06/20 18:41:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2010/06/17 03:01:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/06/23 23:29:50 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/25 17:27:54 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (vShare Plugin) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll ()
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [Spyware Doctor] File not found
O4 - Startup: C:\Users\jamphell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: userplane.com ([www] http in Trusted sites)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.76.182 68.87.78.134
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\vsharechrome {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{281164a1-71c0-11df-b27b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{281164a1-71c0-11df-b27b-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Start.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/25 18:01:28 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\jamphell\Desktop\OTL.exe
[2011/06/25 17:43:54 | 000,000,000 | ---D | C] -- C:\Users\jamphell\Desktop\GooredFix Backups
[2011/06/25 17:41:20 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Users\jamphell\Desktop\GooredFix.exe
[2011/06/25 17:27:53 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/06/25 15:37:49 | 000,000,000 | ---D | C] -- C:\Users\jamphell\AppData\Roaming\Malwarebytes
[2011/06/25 15:37:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/06/25 15:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/25 15:37:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/25 15:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/24 11:17:04 | 000,000,000 | ---D | C] -- C:\Users\jamphell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Repair
[2011/06/24 10:57:54 | 000,000,000 | ---D | C] -- C:\e
[2011/06/24 10:57:54 | 000,000,000 | ---D | C] -- C:\Data
[2011/06/20 18:41:58 | 000,000,000 | ---D | C] -- C:\Users\jamphell\AppData\Local\Mozilla
[2011/06/20 18:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/06/18 17:40:29 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/06/16 15:28:52 | 001,441,584 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\jamphell\Desktop\TDSSKiller.exe
[2011/06/14 21:47:35 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011/06/05 04:00:49 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011/06/03 20:23:09 | 000,000,000 | ---D | C] -- C:\found.000
[2011/06/01 23:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Riverdeep Interactive Learning Limited
[2011/06/01 23:05:04 | 000,000,000 | ---D | C] -- C:\Users\jamphell\AppData\Local\Broderbund Software
[2011/06/01 23:05:04 | 000,000,000 | ---D | C] -- C:\Users\jamphell\AppData\Local\ApplicationHistory
[2011/06/01 22:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Broderbund Software
[2011/06/01 22:49:23 | 000,000,000 | ---D | C] -- C:\Users\jamphell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer
[2011/06/01 22:49:22 | 000,000,000 | ---D | C] -- C:\Program Files\Web Publish
[2011/06/01 22:49:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickArt 400,000
[2011/06/01 22:48:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Broderbund
[2011/06/01 22:48:38 | 000,000,000 | ---D | C] -- C:\Program Files\ClickArt 400,000
[2011/06/01 22:45:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP

========== Files - Modified Within 30 Days ==========

[2011/06/25 18:01:29 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\jamphell\Desktop\OTL.exe
[2011/06/25 17:56:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/25 17:44:46 | 000,626,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/25 17:44:46 | 000,112,798 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/25 17:41:20 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Users\jamphell\Desktop\GooredFix.exe
[2011/06/25 17:40:12 | 000,004,048 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/25 17:40:08 | 000,004,048 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/25 17:39:11 | 000,350,856 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/25 17:38:32 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/25 17:38:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/25 17:36:39 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/06/25 17:27:54 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2011/06/25 17:19:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3960590969-335918339-2072287715-1000UA.job
[2011/06/25 15:37:39 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/25 15:35:19 | 000,011,776 | ---- | M] () -- C:\Users\jamphell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/25 15:24:49 | 000,000,400 | ---- | M] () -- C:\ProgramData\35708572
[2011/06/25 15:21:42 | 000,000,216 | ---- | M] () -- C:\ProgramData\~35708572
[2011/06/25 15:21:42 | 000,000,152 | ---- | M] () -- C:\ProgramData\~35708572r
[2011/06/24 10:58:01 | 000,000,274 | ---- | M] () -- C:\trav_1.gif
[2011/06/24 10:58:01 | 000,000,240 | ---- | M] () -- C:\srch_site_1.gif
[2011/06/24 10:58:00 | 000,000,284 | ---- | M] () -- C:\srch_map_1.gif
[2011/06/24 10:58:00 | 000,000,277 | ---- | M] () -- C:\mov_1.gif
[2011/06/24 10:58:00 | 000,000,273 | ---- | M] () -- C:\srch_stk_1.gif
[2011/06/24 10:57:59 | 000,000,380 | ---- | M] () -- C:\edu.bmp
[2011/06/24 10:57:59 | 000,000,268 | ---- | M] () -- C:\ab_1.gif
[2011/06/24 10:57:59 | 000,000,138 | ---- | M] () -- C:\flk2.gif
[2011/06/24 10:57:59 | 000,000,113 | ---- | M] () -- C:\del_1.gif
[2011/06/24 10:57:58 | 000,000,304 | ---- | M] () -- C:\dir.bmp
[2011/06/24 10:57:58 | 000,000,279 | ---- | M] () -- C:\hj_1.gif
[2011/06/24 10:57:58 | 000,000,121 | ---- | M] () -- C:\srch_nws_1.gif
[2011/06/24 10:57:58 | 000,000,113 | ---- | M] () -- C:\srch_aud_1.gif
[2011/06/24 10:57:57 | 000,000,265 | ---- | M] () -- C:\srch_ans_1.gif
[2011/06/24 10:57:57 | 000,000,131 | ---- | M] () -- C:\srch_loc_1.gif
[2011/06/24 10:57:57 | 000,000,123 | ---- | M] () -- C:\srch_sh_1.gif
[2011/06/24 10:57:56 | 000,000,235 | ---- | M] () -- C:\srch_1.gif
[2011/06/24 10:57:56 | 000,000,112 | ---- | M] () -- C:\srch_vid_1.gif
[2011/06/24 10:57:56 | 000,000,112 | ---- | M] () -- C:\srch_img_1.gif
[2011/06/23 22:50:34 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2011/06/23 22:50:21 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3960590969-335918339-2072287715-1000Core.job
[2011/06/20 23:57:53 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/06/20 18:42:00 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011/06/20 18:41:51 | 000,000,870 | ---- | M] () -- C:\Users\jamphell\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/20 18:41:51 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/06/19 18:59:52 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/19 12:02:34 | 000,013,284 | -HS- | M] () -- C:\ProgramData\eaf4t80ryk7jdpnw4003g5did5pum01u3d8364
[2011/06/19 12:02:33 | 000,013,284 | -HS- | M] () -- C:\Users\jamphell\AppData\Local\eaf4t80ryk7jdpnw4003g5did5pum01u3d8364
[2011/06/16 15:28:52 | 001,441,584 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\jamphell\Desktop\TDSSKiller.exe
[2011/06/01 22:49:14 | 000,001,812 | ---- | M] () -- C:\Users\Public\Desktop\Broderbund.com.lnk
[2011/06/01 22:49:13 | 000,001,874 | ---- | M] () -- C:\Users\Public\Desktop\ClickArt 400,000.lnk

========== Files Created - No Company Name ==========

[2011/06/25 16:56:38 | 000,002,000 | ---- | C] () -- C:\Users\Public\Desktop\Picture Motion Browser Guide.lnk
[2011/06/25 16:56:38 | 000,001,971 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/06/25 16:56:38 | 000,001,940 | ---- | C] () -- C:\Users\Public\Desktop\Network Magic.lnk
[2011/06/25 16:56:38 | 000,001,921 | ---- | C] () -- C:\Users\Public\Desktop\Logitech QuickCam.lnk
[2011/06/25 16:56:38 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/25 16:56:38 | 000,001,874 | ---- | C] () -- C:\Users\Public\Desktop\ClickArt 400,000.lnk
[2011/06/25 16:56:38 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2011/06/25 16:56:38 | 000,001,812 | ---- | C] () -- C:\Users\Public\Desktop\Broderbund.com.lnk
[2011/06/25 16:56:38 | 000,001,801 | ---- | C] () -- C:\Users\Public\Desktop\Picture Motion Browser.lnk
[2011/06/25 16:56:38 | 000,001,792 | ---- | C] () -- C:\Users\Public\Desktop\Canon My Printer.lnk
[2011/06/25 16:56:38 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011/06/25 16:56:38 | 000,001,675 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2011/06/25 16:56:38 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/06/25 16:56:38 | 000,000,942 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2011/06/25 16:56:38 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/06/25 16:56:38 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/06/25 16:56:38 | 000,000,839 | ---- | C] () -- C:\Users\Public\Desktop\Picture Package Music Transfer.lnk
[2011/06/25 16:56:38 | 000,000,165 | ---- | C] () -- C:\Users\Public\Desktop\Product Registration.url
[2011/06/25 16:56:37 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/06/25 16:56:37 | 000,001,955 | ---- | C] () -- C:\Users\jamphell\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/25 16:56:37 | 000,001,950 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk
[2011/06/25 16:56:37 | 000,001,938 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Network Magic.lnk
[2011/06/25 16:56:37 | 000,001,854 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2011/06/25 16:56:37 | 000,001,854 | ---- | C] () -- C:\Users\jamphell\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/06/25 16:56:37 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk
[2011/06/25 16:56:37 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/06/25 16:56:37 | 000,001,803 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/06/25 16:56:37 | 000,001,726 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk
[2011/06/25 16:56:37 | 000,001,724 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
[2011/06/25 16:56:37 | 000,001,713 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk
[2011/06/25 16:56:37 | 000,001,703 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk
[2011/06/25 16:56:37 | 000,001,699 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/06/25 16:56:37 | 000,001,673 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2011/06/25 16:56:37 | 000,001,630 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011/06/25 16:56:37 | 000,000,966 | ---- | C] () -- C:\Users\jamphell\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2011/06/25 16:56:37 | 000,000,943 | ---- | C] () -- C:\Users\jamphell\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/06/25 16:56:37 | 000,000,938 | ---- | C] () -- C:\Users\jamphell\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/06/25 16:56:37 | 000,000,870 | ---- | C] () -- C:\Users\jamphell\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/06/25 16:56:37 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/06/25 16:56:37 | 000,000,604 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk
[2011/06/25 16:56:37 | 000,000,258 | ---- | C] () -- C:\Users\jamphell\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/06/25 16:56:37 | 000,000,240 | ---- | C] () -- C:\Users\jamphell\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/06/25 15:37:39 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/24 11:17:05 | 000,000,216 | ---- | C] () -- C:\ProgramData\~35708572
[2011/06/24 11:17:05 | 000,000,152 | ---- | C] () -- C:\ProgramData\~35708572r
[2011/06/24 11:16:58 | 000,000,400 | ---- | C] () -- C:\ProgramData\35708572
[2011/06/24 10:58:01 | 000,000,274 | ---- | C] () -- C:\trav_1.gif
[2011/06/24 10:58:01 | 000,000,240 | ---- | C] () -- C:\srch_site_1.gif
[2011/06/24 10:58:00 | 000,000,284 | ---- | C] () -- C:\srch_map_1.gif
[2011/06/24 10:58:00 | 000,000,277 | ---- | C] () -- C:\mov_1.gif
[2011/06/24 10:58:00 | 000,000,273 | ---- | C] () -- C:\srch_stk_1.gif
[2011/06/24 10:57:59 | 000,000,380 | ---- | C] () -- C:\edu.bmp
[2011/06/24 10:57:59 | 000,000,268 | ---- | C] () -- C:\ab_1.gif
[2011/06/24 10:57:59 | 000,000,138 | ---- | C] () -- C:\flk2.gif
[2011/06/24 10:57:59 | 000,000,113 | ---- | C] () -- C:\del_1.gif
[2011/06/24 10:57:58 | 000,000,304 | ---- | C] () -- C:\dir.bmp
[2011/06/24 10:57:58 | 000,000,279 | ---- | C] () -- C:\hj_1.gif
[2011/06/24 10:57:58 | 000,000,121 | ---- | C] () -- C:\srch_nws_1.gif
[2011/06/24 10:57:58 | 000,000,113 | ---- | C] () -- C:\srch_aud_1.gif
[2011/06/24 10:57:57 | 000,000,265 | ---- | C] () -- C:\srch_ans_1.gif
[2011/06/24 10:57:57 | 000,000,131 | ---- | C] () -- C:\srch_loc_1.gif
[2011/06/24 10:57:57 | 000,000,123 | ---- | C] () -- C:\srch_sh_1.gif
[2011/06/24 10:57:56 | 000,000,235 | ---- | C] () -- C:\srch_1.gif
[2011/06/24 10:57:56 | 000,000,112 | ---- | C] () -- C:\srch_vid_1.gif
[2011/06/24 10:57:56 | 000,000,112 | ---- | C] () -- C:\srch_img_1.gif
[2011/06/20 18:42:00 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/06/18 18:18:17 | 000,002,167 | ---- | C] () -- C:\Users\jamphell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk
[2011/06/14 11:44:31 | 000,013,284 | -HS- | C] () -- C:\Users\jamphell\AppData\Local\eaf4t80ryk7jdpnw4003g5did5pum01u3d8364
[2011/06/14 11:44:31 | 000,013,284 | -HS- | C] () -- C:\ProgramData\eaf4t80ryk7jdpnw4003g5did5pum01u3d8364
[2010/11/12 08:14:14 | 000,011,776 | ---- | C] () -- C:\Users\jamphell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/17 16:26:27 | 000,001,076 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010/06/22 04:04:33 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2010/06/21 22:50:52 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/06/21 22:50:52 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/06/20 20:02:15 | 008,892,928 | ---- | C] () -- C:\ProgramData\atscie.msi
[2010/06/07 22:32:22 | 000,058,163 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2007/07/18 17:42:42 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2007/04/05 15:04:24 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/03/06 14:04:54 | 000,143,676 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 05:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 05:47:37 | 000,350,856 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:33:01 | 000,626,470 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,112,798 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2011/06/25 17:36:39 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


i have tried doing the google redirect fix but the TDSSKiller didnt load at all.

Edited by tenzinJamphell, 25 June 2011 - 07:09 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP