Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Browser Hijack

Started by bestrada , May 31 2011 07:56 AM

  • Please log in to reply

#1
bestrada
Posted 31 May 2011 - 07:56 AM

bestrada

    New Member

  • Member
  • Pip
  • 2 posts
Hello all! I got the Windows 7 Recovery virus, and I cleaned that off but I am still having an issue with a browser hijack. I have tried everything to fix it, and none of the programs have been successful. When I get into the internet and try to do any type of search, sometimes even when I type a url directly into the browser window, it redirects me to one of 100 different ad or search sites. I haven't seen the same redirect site twice. Can anyone help? This is my work computer and everything we do is based off of an internet site, not to mention that I get into and out of our bank accounts online all day. I am completely shut down as far as work goes until I get this fixed.




OTL logfile created on: 5/31/2011 8:47:23 AM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Ronnies6\Desktop
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.87 Gb Total Physical Memory | 0.99 Gb Available Physical Memory | 53.07% Memory free
3.74 Gb Paging File | 2.50 Gb Available in Paging File | 66.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.15 Gb Total Space | 232.49 Gb Free Space | 80.97% Space Free | Partition Type: NTFS
Drive Q: | 9.77 Gb Total Space | 2.65 Gb Free Space | 27.15% Space Free | Partition Type: NTFS
Drive T: | 132.76 Gb Total Space | 122.54 Gb Free Space | 92.30% Space Free | Partition Type: NTFS
Drive Z: | 55.69 Gb Total Space | 6.41 Gb Free Space | 11.52% Space Free | Partition Type: NTFS

Computer Name: BRIGETTE | User Name: Ronnies6 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/31 08:47:01 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Ronnies6\Desktop\OTL.exe
PRC - [2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/01/30 10:45:14 | 000,821,144 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2011/01/11 10:15:35 | 000,116,536 | ---- | M] (Cisco WebEx LLC) -- C:\Windows\System32\atashost.exe
PRC - [2010/12/08 14:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010/12/08 14:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/11/08 13:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/09/17 16:40:06 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2010/09/14 15:03:58 | 000,984,352 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2010/09/14 13:45:30 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2010/08/17 20:26:38 | 000,560,848 | ---- | M] (CrossLoop Inc) -- C:\Users\Ronnies6\AppData\Local\CrossLoop\CrossLoopService.exe
PRC - [2010/07/23 09:31:54 | 000,163,680 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\DIBS\DDNIService.exe
PRC - [2010/07/20 11:04:24 | 000,171,872 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe
PRC - [2010/06/01 19:54:36 | 000,286,208 | ---- | M] (LITE-ON TECHNOLOGY CORP.) -- C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe
PRC - [2010/05/13 17:40:02 | 000,384,512 | ---- | M] (LITEON) -- C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\skdh8821.exe
PRC - [2010/05/04 12:47:34 | 000,125,952 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
PRC - [2010/04/24 02:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/04/24 02:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/03/29 21:26:00 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2010/03/23 11:57:48 | 015,889,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
PRC - [2010/03/15 15:54:56 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- c:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2010/03/05 01:06:49 | 000,064,064 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
PRC - [2010/03/05 01:05:47 | 000,072,256 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
PRC - [2009/10/01 01:22:42 | 000,131,072 | ---- | M] (Intuit, Inc.) -- C:\Program Files\Intuit\QuickBooks 2009\QBDBMgrN.exe
PRC - [2009/08/28 16:09:58 | 001,019,904 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/06/10 16:20:02 | 000,221,872 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe
PRC - [2009/05/28 00:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/01/10 14:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


========== Modules (SafeList) ==========

MOD - [2011/05/31 08:47:01 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Ronnies6\Desktop\OTL.exe
MOD - [2010/08/21 00:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/04/27 14:40:23 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/16 10:34:39 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/01/11 10:15:35 | 000,116,536 | ---- | M] (Cisco WebEx LLC) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2010/12/08 14:11:38 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/12/08 14:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/11/11 10:10:10 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/11/08 13:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/09/14 13:45:30 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/08/17 20:26:38 | 000,560,848 | ---- | M] (CrossLoop Inc) [Auto | Running] -- C:\Users\Ronnies6\AppData\Local\CrossLoop\CrossLoopService.exe -- (CrossLoopService)
SRV - [2010/07/23 09:31:54 | 000,163,680 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] -- C:\Program Files\DDNI\DIBS\DDNIService.exe -- (DDNIService)
SRV - [2010/07/21 09:50:26 | 000,814,080 | ---- | M] (GlavSoft LLC.) [On_Demand | Stopped] -- C:\Users\Ronnies6\AppData\Local\CrossLoop\tvnserver.exe -- (tvnserver)
SRV - [2010/07/20 11:04:24 | 000,171,872 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] -- C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGService.exe -- (DDNIMSGService)
SRV - [2010/05/04 12:47:34 | 000,125,952 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe -- (Sks8821)
SRV - [2010/04/24 02:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/04/24 02:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/15 15:54:56 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- c:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2010/03/05 01:05:47 | 000,072,256 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE -- (Power Manager DBC Service)
SRV - [2009/10/01 01:22:42 | 000,131,072 | ---- | M] (Intuit, Inc.) [On_Demand | Running] -- C:\Program Files\Intuit\QuickBooks 2009\QBDBMgrN.exe -- (QuickBooksDB19)
SRV - [2009/08/28 16:09:58 | 001,019,904 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2009/07/13 20:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/11/18 16:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/10 14:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - [2011/03/16 10:34:41 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/12/08 14:12:02 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010/11/23 13:58:41 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/09/17 16:40:06 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010/09/17 16:40:06 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/05/07 14:46:14 | 000,021,360 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\PC-Doctor\pcdsrvc.pkms -- (PCDSRVC{3037D694-FD904ACA-06020000}_0)
DRV - [2010/04/24 02:10:54 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2010/04/24 02:10:52 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2010/04/24 02:10:50 | 000,195,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2010/04/24 02:10:44 | 000,550,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 18:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/13 17:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/07/01 21:16:16 | 000,033,088 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.co...ome/thinkcentre [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/05/27 11:13:35 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2011/05/27 12:33:29 | 000,434,670 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14957 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IdeaNotesUser] C:\Program Files\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe (Digital Delivery Networks, Inc.)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe ()
O4 - HKLM..\Run: [Power Manager Power Agenda] C:\Program Files\ThinkPad\Utilities\DPMHost.EXE ()
O4 - HKLM..\Run: [PWMTRV] C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [Skd8821] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe (LITE-ON TECHNOLOGY CORP.)
O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Users\Ronnies6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: americanbank.com ([www2] https in Trusted sites)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://americanbank...rt/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.90.11.6 65.90.11.8
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/06/10 11:32:46 | 000,000,049 | -HS- | M] () - Q:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{b7d20704-a1a9-11df-b742-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b7d20704-a1a9-11df-b742-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009/08/10 16:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/31 08:47:00 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Ronnies6\Desktop\OTL.exe
[2011/05/27 13:27:25 | 000,000,000 | ---D | C] -- C:\Data
[2011/05/27 12:42:32 | 000,000,000 | ---D | C] -- C:\Users\Ronnies6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/05/27 12:42:32 | 000,000,000 | ---D | C] -- C:\Program Files\HiJackThis
[2011/05/27 12:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011/05/27 12:24:17 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2011/05/27 11:16:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/05/27 09:19:13 | 000,000,000 | ---D | C] -- C:\Users\Ronnies6\AppData\Roaming\Uniblue
[2011/05/27 09:19:06 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2011/05/27 09:19:06 | 000,000,000 | ---D | C] -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011/05/27 09:18:55 | 000,000,000 | ---D | C] -- C:\Users\Ronnies6\AppData\Local\PackageAware
[2011/05/27 08:48:05 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/05/26 16:00:22 | 000,000,000 | ---D | C] -- C:\e
[2011/05/26 15:24:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/05/26 15:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/05/26 14:55:26 | 000,000,000 | ---D | C] -- C:\Users\Ronnies6\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery
[2011/05/24 10:14:06 | 000,000,000 | ---D | C] -- C:\Users\Ronnies6\AppData\Local\{4F7810EC-6EB9-4FC1-9429-7E9679CFE478}
[2011/05/19 17:33:44 | 000,000,000 | ---D | C] -- C:\Users\Ronnies6\Desktop\Reports fror bank rec
[2011/05/18 20:07:55 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2011/05/13 09:38:25 | 000,000,000 | ---D | C] -- C:\Users\Ronnies6\Desktop\registers
[2011/05/10 22:44:41 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2011/05/10 22:44:41 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2011/05/10 22:44:38 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/05/10 22:44:38 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/08/25 19:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/31 08:47:01 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Ronnies6\Desktop\OTL.exe
[2011/05/31 08:32:18 | 000,139,109 | ---- | M] () -- C:\Users\Ronnies6\Desktop\Mikes Boat Repair.pdf
[2011/05/30 15:00:00 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/05/30 13:47:14 | 000,002,006 | ---- | M] () -- C:\Users\Ronnies6\Documents\Default.rdp
[2011/05/30 13:15:26 | 000,016,976 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/30 13:15:26 | 000,016,976 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/30 13:11:48 | 000,627,288 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/30 13:11:48 | 000,107,346 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/30 13:07:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/30 13:07:08 | 1507,778,560 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/28 13:08:46 | 000,000,035 | ---- | M] () -- C:\Windows\inv.INI
[2011/05/28 13:08:46 | 000,000,018 | ---- | M] () -- C:\Windows\PW.INI
[2011/05/28 13:07:34 | 000,001,292 | ---- | M] () -- C:\Windows\Scanner.INI
[2011/05/28 13:05:57 | 000,000,056 | ---- | M] () -- C:\Windows\Boatss.INI
[2011/05/28 13:04:42 | 000,002,682 | ---- | M] () -- C:\Windows\service.INI
[2011/05/28 13:03:07 | 000,000,032 | ---- | M] () -- C:\Windows\WebUpdt.INI
[2011/05/28 13:03:07 | 000,000,030 | ---- | M] () -- C:\Windows\tcsnews.ini
[2011/05/27 12:42:32 | 000,003,001 | ---- | M] () -- C:\Users\Ronnies6\Desktop\HiJackThis.lnk
[2011/05/27 12:33:29 | 000,434,670 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/05/27 12:29:51 | 000,001,251 | ---- | M] () -- C:\Users\Ronnies6\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/05/27 12:29:51 | 000,001,227 | ---- | M] () -- C:\Users\Ronnies6\Desktop\Spybot - Search & Destroy.lnk
[2011/05/26 16:56:19 | 000,000,168 | ---- | M] () -- C:\ProgramData\~28827384r
[2011/05/26 16:56:19 | 000,000,144 | ---- | M] () -- C:\ProgramData\~28827384
[2011/05/26 16:00:28 | 000,000,240 | ---- | M] () -- C:\srch_site_1.gif
[2011/05/26 16:00:27 | 000,000,284 | ---- | M] () -- C:\srch_map_1.gif
[2011/05/26 16:00:27 | 000,000,277 | ---- | M] () -- C:\mov_1.gif
[2011/05/26 16:00:27 | 000,000,274 | ---- | M] () -- C:\trav_1.gif
[2011/05/26 16:00:27 | 000,000,273 | ---- | M] () -- C:\srch_stk_1.gif
[2011/05/26 16:00:27 | 000,000,138 | ---- | M] () -- C:\flk2.gif
[2011/05/26 16:00:26 | 000,000,380 | ---- | M] () -- C:\edu.bmp
[2011/05/26 16:00:26 | 000,000,268 | ---- | M] () -- C:\ab_1.gif
[2011/05/26 16:00:26 | 000,000,121 | ---- | M] () -- C:\srch_nws_1.gif
[2011/05/26 16:00:26 | 000,000,113 | ---- | M] () -- C:\del_1.gif
[2011/05/26 16:00:25 | 000,000,304 | ---- | M] () -- C:\dir.bmp
[2011/05/26 16:00:25 | 000,000,279 | ---- | M] () -- C:\hj_1.gif
[2011/05/26 16:00:25 | 000,000,265 | ---- | M] () -- C:\srch_ans_1.gif
[2011/05/26 16:00:25 | 000,000,131 | ---- | M] () -- C:\srch_loc_1.gif
[2011/05/26 16:00:25 | 000,000,123 | ---- | M] () -- C:\srch_sh_1.gif
[2011/05/26 16:00:25 | 000,000,113 | ---- | M] () -- C:\srch_aud_1.gif
[2011/05/26 16:00:24 | 000,000,235 | ---- | M] () -- C:\srch_1.gif
[2011/05/26 16:00:24 | 000,000,112 | ---- | M] () -- C:\srch_vid_1.gif
[2011/05/26 16:00:24 | 000,000,112 | ---- | M] () -- C:\srch_img_1.gif
[2011/05/26 15:15:36 | 000,000,496 | ---- | M] () -- C:\ProgramData\28827384
[2011/05/26 08:09:11 | 000,013,828 | ---- | M] () -- C:\Users\Ronnies6\Desktop\DADS.pdf
[2011/05/24 09:48:31 | 000,120,686 | ---- | M] () -- C:\Users\Ronnies6\Desktop\P90XWorkSheet_090110.pdf
[2011/05/24 07:50:39 | 000,063,829 | ---- | M] () -- C:\Users\Ronnies6\Desktop\247048_10150249582198064_502018063_8865768_7061651_n.jpg
[2011/05/19 11:21:24 | 000,000,906 | ---- | M] () -- C:\Windows\invrpts.INI
[2011/05/13 08:34:05 | 000,062,966 | ---- | M] () -- C:\Users\Ronnies6\Desktop\226989_225276247486884_150276778320165_1052768_5026898_n.jpg
[2011/05/12 13:49:22 | 000,000,676 | ---- | M] () -- C:\Windows\unitfi.INI
[2011/05/12 13:49:22 | 000,000,044 | ---- | M] () -- C:\Windows\ActivePrinter
[2011/05/12 13:49:18 | 000,009,791 | ---- | M] () -- C:\Windows\package.INI
[2011/05/11 11:01:39 | 000,007,269 | ---- | M] () -- C:\Windows\Dealform.INI
[2011/05/10 15:41:20 | 003,030,453 | ---- | M] () -- C:\Users\Ronnies6\Desktop\Ruben Estrada credit report.pdf
[2011/05/08 22:00:00 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/05/02 14:26:37 | 000,578,618 | ---- | M] () -- C:\Users\Ronnies6\Desktop\Div_With_Kit_Eng_April2011.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/31 08:32:18 | 000,139,109 | ---- | C] () -- C:\Users\Ronnies6\Desktop\Mikes Boat Repair.pdf
[2011/05/27 12:42:32 | 000,003,001 | ---- | C] () -- C:\Users\Ronnies6\Desktop\HiJackThis.lnk
[2011/05/27 12:29:51 | 000,001,251 | ---- | C] () -- C:\Users\Ronnies6\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/05/27 12:29:51 | 000,001,227 | ---- | C] () -- C:\Users\Ronnies6\Desktop\Spybot - Search & Destroy.lnk
[2011/05/26 16:00:28 | 000,000,240 | ---- | C] () -- C:\srch_site_1.gif
[2011/05/26 16:00:27 | 000,000,284 | ---- | C] () -- C:\srch_map_1.gif
[2011/05/26 16:00:27 | 000,000,277 | ---- | C] () -- C:\mov_1.gif
[2011/05/26 16:00:27 | 000,000,274 | ---- | C] () -- C:\trav_1.gif
[2011/05/26 16:00:27 | 000,000,273 | ---- | C] () -- C:\srch_stk_1.gif
[2011/05/26 16:00:27 | 000,000,138 | ---- | C] () -- C:\flk2.gif
[2011/05/26 16:00:26 | 000,000,380 | ---- | C] () -- C:\edu.bmp
[2011/05/26 16:00:26 | 000,000,268 | ---- | C] () -- C:\ab_1.gif
[2011/05/26 16:00:26 | 000,000,121 | ---- | C] () -- C:\srch_nws_1.gif
[2011/05/26 16:00:26 | 000,000,113 | ---- | C] () -- C:\del_1.gif
[2011/05/26 16:00:25 | 000,000,304 | ---- | C] () -- C:\dir.bmp
[2011/05/26 16:00:25 | 000,000,279 | ---- | C] () -- C:\hj_1.gif
[2011/05/26 16:00:25 | 000,000,265 | ---- | C] () -- C:\srch_ans_1.gif
[2011/05/26 16:00:25 | 000,000,131 | ---- | C] () -- C:\srch_loc_1.gif
[2011/05/26 16:00:25 | 000,000,123 | ---- | C] () -- C:\srch_sh_1.gif
[2011/05/26 16:00:25 | 000,000,113 | ---- | C] () -- C:\srch_aud_1.gif
[2011/05/26 16:00:24 | 000,000,235 | ---- | C] () -- C:\srch_1.gif
[2011/05/26 16:00:24 | 000,000,112 | ---- | C] () -- C:\srch_vid_1.gif
[2011/05/26 16:00:24 | 000,000,112 | ---- | C] () -- C:\srch_img_1.gif
[2011/05/26 14:55:29 | 000,000,168 | ---- | C] () -- C:\ProgramData\~28827384r
[2011/05/26 14:55:27 | 000,000,144 | ---- | C] () -- C:\ProgramData\~28827384
[2011/05/26 14:55:19 | 000,000,496 | ---- | C] () -- C:\ProgramData\28827384
[2011/05/26 08:09:11 | 000,013,828 | ---- | C] () -- C:\Users\Ronnies6\Desktop\DADS.pdf
[2011/05/24 09:48:31 | 000,120,686 | ---- | C] () -- C:\Users\Ronnies6\Desktop\P90XWorkSheet_090110.pdf
[2011/05/24 07:50:39 | 000,063,829 | ---- | C] () -- C:\Users\Ronnies6\Desktop\247048_10150249582198064_502018063_8865768_7061651_n.jpg
[2011/05/13 08:34:22 | 000,062,966 | ---- | C] () -- C:\Users\Ronnies6\Desktop\226989_225276247486884_150276778320165_1052768_5026898_n.jpg
[2011/05/10 15:41:20 | 003,030,453 | ---- | C] () -- C:\Users\Ronnies6\Desktop\Ruben Estrada credit report.pdf
[2011/05/02 14:26:37 | 000,578,618 | ---- | C] () -- C:\Users\Ronnies6\Desktop\Div_With_Kit_Eng_April2011.pdf
[2011/02/02 17:11:47 | 000,000,129 | ---- | C] () -- C:\Windows\tcscal.INI
[2011/01/06 16:05:03 | 000,000,268 | ---- | C] () -- C:\Windows\rptsbldr.INI
[2011/01/03 13:37:59 | 000,000,023 | ---- | C] () -- C:\Windows\QBExp.INI
[2011/01/03 13:34:49 | 000,000,906 | ---- | C] () -- C:\Windows\invrpts.INI
[2010/12/22 11:30:36 | 000,009,791 | ---- | C] () -- C:\Windows\package.INI
[2010/12/17 11:09:09 | 000,000,035 | ---- | C] () -- C:\Windows\inv.INI
[2010/12/17 11:09:09 | 000,000,018 | ---- | C] () -- C:\Windows\PW.INI
[2010/12/17 11:09:06 | 000,000,676 | ---- | C] () -- C:\Windows\unitfi.INI
[2010/12/17 11:09:04 | 000,007,269 | ---- | C] () -- C:\Windows\Dealform.INI
[2010/12/17 10:44:16 | 000,001,292 | ---- | C] () -- C:\Windows\Scanner.INI
[2010/12/17 10:41:38 | 000,002,682 | ---- | C] () -- C:\Windows\service.INI
[2010/12/17 10:39:57 | 000,000,528 | ---- | C] () -- C:\Windows\Bfiles.INI
[2010/12/17 10:30:55 | 000,000,056 | ---- | C] () -- C:\Windows\Boatss.INI
[2010/12/17 10:28:25 | 000,000,711 | ---- | C] () -- C:\Windows\Custar.INI
[2010/12/17 10:28:00 | 000,000,032 | ---- | C] () -- C:\Windows\WebUpdt.INI
[2010/12/17 10:27:59 | 000,000,030 | ---- | C] () -- C:\Windows\tcsnews.ini
[2010/11/11 13:04:03 | 000,000,095 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2010/08/25 20:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/08/25 20:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 20:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/06 18:22:59 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/08/06 18:22:58 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/08/06 18:22:58 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2010/08/06 18:22:57 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/08/06 17:34:48 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 000,467,304 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,627,288 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,107,346 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 19:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/13 17:09:19 | 000,139,824 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

< End of report >
  • 0

Advertisements

#2
bestrada
Posted 31 May 2011 - 09:41 AM

bestrada

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I tried the directions for the removing a Google redirect ont his forum, but I cannot get the TDSSkiller program to run. I click on it, click run, and then it doesn't open... any help?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP