OIL scan for Google Redirect problem

View previous topic View next topic Go down

OIL scan for Google Redirect problem

Post by schmangy on Sat 02 Jul 2011, 4:26 pm

OTL logfile created on: 7/2/2011 12:13:43 AM - Run 1
OTL by OldTimer - Version 3.2.25.0 Folder = C:\Documents and Settings\Jeffrey Harris\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1014.17 Mb Total Physical Memory | 286.09 Mb Available Physical Memory | 28.21% Memory free
2.38 Gb Paging File | 1.77 Gb Available in Paging File | 74.16% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 141.05 Gb Total Space | 107.20 Gb Free Space | 76.00% Space Free | Partition Type: NTFS

Computer Name: ACER-5AA5AADF84 | User Name: Jeffrey Harris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/07/02 00:13:13 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeffrey Harris\My Documents\Downloads\OTL.com
PRC - [2011/06/24 01:25:50 | 001,012,792 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Jeffrey Harris\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2011/01/31 18:23:24 | 002,659,688 | ---- | M] (ParetoLogic Inc.) -- C:\Program Files\ParetoLogic\Anti-Spyware\Pareto_AS.exe
PRC - [2010/10/30 14:30:13 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2010/09/24 14:19:08 | 000,159,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2010/09/24 14:19:08 | 000,057,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ZuneBusEnum.exe
PRC - [2010/07/13 16:26:12 | 004,302,704 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
PRC - [2010/07/13 16:26:10 | 006,076,272 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe
PRC - [2010/07/13 16:26:10 | 002,533,232 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
PRC - [2010/07/13 16:26:10 | 000,616,816 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe
PRC - [2010/03/16 09:36:30 | 000,337,256 | ---- | M] () -- C:\Program Files\Garmin\MyGarminAgent\myGarminAgent.exe
PRC - [2009/03/28 17:43:00 | 000,086,016 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\PersistenceThread.exe
PRC - [2009/02/11 17:46:28 | 000,565,248 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2009/02/05 10:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2008/10/17 12:44:58 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/07/02 00:13:13 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jeffrey Harris\My Documents\Downloads\OTL.com
MOD - [2011/04/18 22:51:18 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
MOD - [2011/04/18 22:51:18 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
MOD - [2010/10/30 14:31:04 | 000,040,448 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (NMSAccess)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/09/24 14:19:16 | 000,444,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010/09/24 14:19:16 | 000,268,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2010/09/24 14:19:08 | 006,351,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2010/09/24 14:19:08 | 000,057,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2010/07/13 16:26:10 | 006,076,272 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2010/07/13 16:26:10 | 000,616,816 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2009/02/05 10:14:56 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)


========== Driver Services (SafeList) ==========

DRV - [2011/06/12 14:14:35 | 000,012,984 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2010/05/19 16:52:36 | 000,016,240 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2009/09/21 18:29:22 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009/04/15 22:10:06 | 000,132,480 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009/03/14 00:05:26 | 001,528,928 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2009/03/12 02:55:32 | 000,164,864 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/03/04 18:58:34 | 005,045,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/08/05 21:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/04/13 19:06:38 | 000,010,240 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\compbatt.sys -- (Compbatt)
DRV - [2007/10/01 16:59:46 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/02/16 14:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2006/11/02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/01/04 16:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {f69e22c7-bc50-414a-9269-0f5c344cd94c}:1.2
FF - prefs.js..extensions.enabledItems: {4176DFF4-4698-11DE-BEEB-45DA55D89593}:0.8.17

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/10/30 14:31:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/15 21:39:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/15 18:02:04 | 000,000,000 | ---D | M]

[2011/03/14 19:36:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeffrey Harris\Application Data\Mozilla\Extensions
[2011/06/22 22:07:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jeffrey Harris\Application Data\Mozilla\Firefox\Profiles\29y083w1.default\extensions
[2011/03/21 19:20:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Jeffrey Harris\Application Data\Mozilla\Firefox\Profiles\29y083w1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/19 20:58:26 | 000,000,000 | ---D | M] (AniWeather) -- C:\Documents and Settings\Jeffrey Harris\Application Data\Mozilla\Firefox\Profiles\29y083w1.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}
[2011/06/19 20:54:45 | 000,000,000 | ---D | M] (Theme Font & Size Changer) -- C:\Documents and Settings\Jeffrey Harris\Application Data\Mozilla\Firefox\Profiles\29y083w1.default\extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}
[2011/06/22 22:07:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/08 20:42:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
[2010/10/30 14:31:08 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2009/09/12 22:10:46 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\JEFFREY HARRIS\APPLICATION DATA\MOVE NETWORKS
[2009/08/15 11:29:49 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2008/04/14 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (no name) - {9D425283-D487-4337-BAB6-AB8354A81457} - No CLSID value found.
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MyGarminAgent] C:\Program Files\Garmin\MyGarminAgent\myGarminAgent.exe ()
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [PersistenceThread] C:\WINDOWS\system32\PersistenceThread.exe (Intel Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\System32\csnp2uvc.dll ( )
O4 - HKLM..\Run: [TkBellExe] C:\program files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ParetoLogic Anti-Spyware] C:\Program Files\ParetoLogic\Anti-Spyware\Pareto_AS.exe (ParetoLogic Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igdlogin: DllName - igdlogin.dll - C:\WINDOWS\System32\igdlogin.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Jeffrey Harris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jeffrey Harris\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {51C55F9E-C308-4c95-89AB-8858D8AFD819} - C:\Program Files\ParetoLogic\Anti-Spyware\PASShlExt.dll (ParetoLogic Inc.)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/04/15 07:46:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/07/01 23:56:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeffrey Harris\Start Menu\Programs\CyberLink PowerDVD 8
[2011/06/27 22:08:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
[2011/06/16 22:35:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/06/16 22:25:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/06/12 16:20:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\FxsTmp
[2011/06/12 16:19:52 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsst.dll
[2011/06/12 16:19:52 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2011/06/12 16:19:52 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsxp32.dll
[2011/06/12 16:19:52 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2011/06/12 16:19:52 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxstiff.dll
[2011/06/12 16:19:52 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2011/06/12 16:19:52 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscomex.dll
[2011/06/12 16:19:52 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2011/06/12 16:19:52 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2011/06/12 16:19:52 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxst30.dll
[2011/06/12 16:19:52 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2011/06/12 16:19:52 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscover.exe
[2011/06/12 16:19:52 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2011/06/12 16:19:52 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxswzrd.dll
[2011/06/12 16:19:52 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2011/06/12 16:19:52 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsui.dll
[2011/06/12 16:19:52 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2011/06/12 16:19:52 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclnt.exe
[2011/06/12 16:19:52 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2011/06/12 16:19:52 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclntR.dll
[2011/06/12 16:19:52 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2011/06/12 16:19:52 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscfgwz.dll
[2011/06/12 16:19:52 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2011/06/12 16:19:52 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscom.dll
[2011/06/12 16:19:52 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2011/06/12 16:19:52 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsevent.dll
[2011/06/12 16:19:52 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2011/06/12 16:19:52 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsroute.dll
[2011/06/12 16:19:52 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2011/06/12 16:19:52 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsdrv.dll
[2011/06/12 16:19:52 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2011/06/12 16:19:52 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsmon.dll
[2011/06/12 16:19:52 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2011/06/12 16:19:52 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsext32.dll
[2011/06/12 16:19:52 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2011/06/12 16:19:52 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxssend.exe
[2011/06/12 16:19:52 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2011/06/12 16:19:52 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsperf.dll
[2011/06/12 16:19:52 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2011/06/12 16:19:52 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsres.dll
[2011/06/12 16:19:52 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2011/06/12 16:19:48 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsapi.dll
[2011/06/12 16:19:48 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2011/06/04 13:20:53 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011/06/02 22:02:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2011/06/02 22:02:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2011/06/02 22:01:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2011/06/02 22:00:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeffrey Harris\Application Data\Windows Desktop Search
[2011/06/02 21:58:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
[2011/06/02 21:58:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2011/06/02 21:55:29 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011/06/02 21:53:44 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2011/06/02 21:42:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2011/06/02 20:42:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeffrey Harris\Local Settings\Application Data\SlimWare Utilities Inc
[2011/06/02 20:37:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jeffrey Harris\Application Data\FixCleaner
[2011/06/02 20:37:32 | 000,000,000 | ---D | C] -- C:\Program Files\FixCleaner
[2009/05/18 14:21:33 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2009/05/18 14:21:30 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2009/04/15 08:23:42 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/02 00:02:00 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1987657003-2230923689-572454927-1007UA.job
[2011/07/01 23:59:00 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1987657003-2230923689-572454927-1008UA.job
[2011/07/01 23:56:49 | 000,000,296 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1987657003-2230923689-572454927-1005.job
[2011/07/01 23:56:45 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1987657003-2230923689-572454927-1005.job
[2011/07/01 23:55:52 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/01 23:55:48 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1987657003-2230923689-572454927-1007.job
[2011/07/01 23:55:44 | 000,000,318 | -HS- | M] () -- C:\WINDOWS\tasks\QTWVNW.job
[2011/07/01 23:55:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/07/01 23:55:19 | 1063,510,016 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/01 22:35:00 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/01 22:30:00 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1987657003-2230923689-572454927-1005UA.job
[2011/07/01 21:23:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1987657003-2230923689-572454927-1006UA.job
[2011/07/01 21:23:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1987657003-2230923689-572454927-1006Core.job
[2011/07/01 18:17:50 | 000,313,330 | ---- | M] () -- C:\Documents and Settings\Jeffrey Harris\My Documents\To Know.cwp
[2011/07/01 18:00:06 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2011/06/30 22:02:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1987657003-2230923689-572454927-1007Core.job
[2011/06/30 21:29:57 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Jeffrey Harris\Desktop\Microsoft Office Word 2003.lnk
[2011/06/30 02:28:01 | 000,505,798 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/06/30 02:28:00 | 000,088,758 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/06/30 01:34:17 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Jeffrey Harris\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/30 01:34:14 | 000,002,355 | ---- | M] () -- C:\Documents and Settings\Jeffrey Harris\Desktop\Google Chrome.lnk
[2011/06/30 01:21:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/06/27 20:09:25 | 000,075,776 | ---- | M] () -- C:\Documents and Settings\Jeffrey Harris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/27 19:59:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1987657003-2230923689-572454927-1008Core.job
[2011/06/27 00:33:01 | 000,000,430 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update.job
[2011/06/26 14:30:00 | 000,000,962 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1987657003-2230923689-572454927-1005Core.job
[2011/06/25 20:18:02 | 000,006,307 | ---- | M] () -- C:\Documents and Settings\Jeffrey Harris\My Documents\two years aniversary.abw
[2011/06/16 22:36:39 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/06/13 22:27:54 | 000,002,348 | ---- | M] () -- C:\Documents and Settings\Jeffrey Harris\Application Data\wklnhst.dat
[2011/06/12 16:19:53 | 000,000,535 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2011/06/12 14:14:35 | 000,012,984 | ---- | M] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2011/06/12 13:57:22 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1987657003-2230923689-572454927-1007.job
[2011/06/12 13:57:21 | 000,000,390 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2011/06/12 13:57:20 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\DriverCure_sch_D25D89B6-E1DC-11DE-BCEA-00242C608AFB.job
[2011/06/04 13:52:44 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Jeffrey Harris\Desktop\Shortcut to VHS to DVD.lnk
[2011/06/04 13:52:44 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Jeffrey Harris\Desktop\Shortcut to devotional.lnk
[2011/06/02 21:58:56 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2011/06/02 21:55:01 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/06/02 21:55:01 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/01 22:38:07 | 000,000,296 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1987657003-2230923689-572454927-1005.job
[2011/07/01 22:38:06 | 000,000,304 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1987657003-2230923689-572454927-1005.job
[2011/07/01 18:04:37 | 000,313,330 | ---- | C] () -- C:\Documents and Settings\Jeffrey Harris\My Documents\To Know.cwp
[2011/06/25 20:18:01 | 000,006,307 | ---- | C] () -- C:\Documents and Settings\Jeffrey Harris\My Documents\two years aniversary.abw
[2011/06/12 16:19:52 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2011/06/12 16:19:52 | 000,001,361 | ---- | C] () -- C:\WINDOWS\System32\fxscount.h
[2011/06/02 21:58:56 | 000,001,791 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
[2011/06/02 21:58:55 | 000,001,807 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
[2011/06/02 21:54:45 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/06/02 20:42:59 | 000,012,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2011/05/08 20:09:42 | 000,057,344 | RHS- | C] () -- C:\WINDOWS\System32\c_500O.dll
[2011/04/05 06:11:12 | 000,315,846 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/03/14 19:36:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/12/21 23:28:09 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/11/29 19:55:18 | 001,235,456 | ---- | C] () -- C:\Documents and Settings\Jeffrey Harris\Local Settings\Application Data\186171.exe
[2010/11/18 23:35:50 | 000,115,465 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/11/18 23:35:50 | 000,097,545 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/10/26 20:45:47 | 000,001,364 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010/05/13 22:29:42 | 000,000,358 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/05/12 22:35:47 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/05/12 22:35:47 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/05/12 22:35:47 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/05/12 22:35:47 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/05/12 22:35:47 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/04/15 01:04:22 | 000,014,704 | -HS- | C] () -- C:\Documents and Settings\Jeffrey Harris\Local Settings\Application Data\TcP0eIPn2W
[2010/04/15 01:04:22 | 000,014,704 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\TcP0eIPn2W
[2009/10/26 21:53:48 | 000,069,116 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/08/25 10:45:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/08/13 13:49:35 | 000,075,776 | ---- | C] () -- C:\Documents and Settings\Jeffrey Harris\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/08 12:43:40 | 000,002,348 | ---- | C] () -- C:\Documents and Settings\Jeffrey Harris\Application Data\wklnhst.dat
[2009/05/18 14:25:50 | 000,626,688 | ---- | C] () -- C:\WINDOWS\Image.dll
[2009/05/18 14:21:33 | 001,769,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2009/05/18 14:21:33 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2009/05/18 14:21:33 | 000,000,036 | ---- | C] () -- C:\WINDOWS\PidList.ini
[2009/04/15 10:27:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009/04/15 08:52:14 | 000,090,772 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtConvEQ.DAT
[2009/04/15 08:52:14 | 000,000,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\SamSfPa.dat
[2009/04/15 08:52:14 | 000,000,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtHdatEx.dat
[2009/04/15 08:52:14 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX2.dat
[2009/04/15 08:52:14 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX1.dat
[2009/04/15 08:52:14 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTEQEX0.dat
[2009/04/15 08:52:14 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2009/04/15 08:50:25 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2009/04/15 08:48:51 | 000,004,343 | ---- | C] () -- C:\WINDOWS\System32\lpgun.ini
[2009/04/15 08:48:41 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\igdlogin.dll
[2009/04/15 08:23:18 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/04/15 08:23:16 | 000,505,798 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/04/15 08:23:16 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/04/15 08:23:16 | 000,088,758 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/04/15 08:23:16 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/04/15 08:23:15 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/04/15 08:23:14 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/04/15 08:23:13 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/04/15 08:23:10 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/04/15 08:23:10 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/04/15 08:23:03 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/04/15 08:23:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009/04/15 07:50:09 | 000,006,782 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/04/15 07:50:08 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2009/04/15 07:49:04 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/04/15 07:43:41 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/04/15 00:39:21 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\compbatt.sys
[2009/04/15 00:37:47 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/04/15 00:36:47 | 000,313,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/02/24 21:20:23 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LauncheRyDiscCalc.exe
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Alternate Data Streams ==========

@Alternate Data Stream - 304 bytes -> C:\Documents and Settings\Jeffrey Harris\My Documents\spirit gift.jpg:SummaryInformation
@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:798A3728
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\Temp:9E22BBE8

< End of report >

schmangy

Unborn
Unborn

Posts : 1
Joined : 2011-06-05
Operating System : Windows XP

View user profile

Back to top Go down

Re: OIL scan for Google Redirect problem

Post by Pancake on Sat 02 Jul 2011, 5:43 pm

I see from your log you have used Combofix.You should not be using ComboFix unless specifically instructed to do so by a Malware Removal Expert who can interpret the logs. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.
When issues arise due to complex malware infections, possible false detections, problems running ComboFix or with other security tools causing conflicts, experts are usually aware of them and can advise what should or should not be done while providing individual assistance. Those attempting to use ComboFix on their own do not have such information and are at risk when running the tool in an unsupervised environment.

Please read the pinned topic ComboFix usage, Questions, Help? - Look here


=========================================


In Internet Explorer go to Tools - Internet Options - Connections Tab - Lan Settings and remove the reference to 127.0.0.1:5555 then uncheck "Use a proxy server" and check "Automatically detect settings". You will have to reboot the machine after installing.

After that......

Please download Malwarebytes' Anti-Malware from one of these places:

Majorgeeks or Besttechie


Double Click mbam-setup.exe to install the application.

* Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.

* Once the program has loaded, select "Perform Quick Scan", then click Scan.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click OK, then Show Results to view the results.
* Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.Do so.
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
* Copy&Paste the entire report in your next reply.








Home Town Web Page

Pancake

Tech Staff
Tech Staff

Posts : 222
Joined : 2010-03-06
Operating System : Windows 7

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum