Google Search Results Redirected

Good Evening!

Thank you in advance for any help you might be able to offer me. (I have read the Goggle Redirect article and followed the directions...)

I'm trying to fix a friend's computer - it was chock full of viruses. Used Malewarebytes, and fixed most everything. Scans come up clean (same with MSE) and the MSE and Windows updates now run successfully.

The only problem left that I see is that Google search results get redirected to seemingly random sites - but only on the first attempt to follow that link...

(If I enter 'apple' in google search bar, and hover over the first result, the URL given is http://0942.r.google...651d7334bd74320 )

Here is the OTL scan....

OTL logfile created on: 5/17/2011 9:50:26 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 85.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 101.24 Gb Total Space | 75.23 Gb Free Space | 74.31% Space Free | Partition Type: NTFS
Drive D: | 9.52 Gb Total Space | 1.34 Gb Free Space | 14.08% Space Free | Partition Type: FAT32

Computer Name: PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/17 17:45:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
PRC - [2011/04/21 16:54:40 | 000,402,832 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011/04/21 16:54:38 | 000,801,680 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
PRC - [2011/04/21 16:54:38 | 000,352,656 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/04/14 12:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/11/30 13:20:36 | 000,997,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2010/04/08 16:46:20 | 000,154,152 | ---- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe
PRC - [2010/04/08 16:46:18 | 000,117,288 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
PRC - [2010/04/08 16:46:12 | 000,117,288 | R--- | M] (Authentium, Inc) -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
PRC - [2009/04/07 10:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/29 14:27:04 | 000,587,096 | ---- | M] (Lavasoft AB) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PRC - [2005/12/24 00:44:26 | 000,491,606 | ---- | M] () -- C:\Program Files\HPQ\Shared\HpqToaster.exe
PRC - [2005/09/24 12:42:32 | 000,475,136 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hp\Digital Imaging\bin\hpqimzone.exe
PRC - [2005/04/05 18:01:36 | 000,282,624 | ---- | M] (FUJI PHOTO FILM CO., LTD.) -- C:\Program Files\FinePixViewer\QuickDCF.exe

========== Modules (SafeList) ==========

MOD - [2011/05/17 17:45:13 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\Downloads\OTL.exe
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/04/21 16:54:38 | 000,352,656 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2010/11/11 12:26:40 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/04/08 16:46:20 | 000,154,152 | ---- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe -- (vseqrts)
SRV - [2010/04/08 16:46:18 | 000,117,288 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe -- (vsedsps)
SRV - [2010/04/08 16:46:12 | 000,117,288 | R--- | M] (Authentium, Inc) [Auto | Running] -- C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe -- (vseamps)
SRV - [2007/10/29 14:27:04 | 000,587,096 | ---- | M] (Lavasoft AB) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)

========== Driver Services (SafeList) ==========

DRV - [2011/05/17 21:41:26 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E480E20A-FE9B-41FD-B67A-CE60694C07F0}\MpKsl43059a94.sys -- (MpKsl43059a94)
DRV - [2011/05/17 21:04:54 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E480E20A-FE9B-41FD-B67A-CE60694C07F0}\MpKsl52dab097.sys -- (MpKsl52dab097)
DRV - [2009/06/22 07:48:44 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC)
DRV - [2008/05/08 10:02:52 | 000,203,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rmcast.sys -- (RMCAST)
DRV - [2006/04/18 07:29:06 | 000,569,856 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService)
DRV - [2006/03/14 14:02:54 | 001,428,480 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2006/03/02 07:03:32 | 000,057,096 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2005/09/20 06:30:56 | 000,162,432 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/09/19 16:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005/09/19 16:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005/09/19 16:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2005/08/22 11:07:00 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/08/22 11:06:16 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/08/22 11:06:10 | 000,718,464 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/08/04 02:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..keyword.URL: "http://search.avg.co...s&lng=en-US&q="
FF - prefs.js..network.proxy.type: 0

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/17 15:42:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/17 15:42:27 | 000,000,000 | ---D | M]

[2010/11/15 21:50:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions
[2007/12/07 00:12:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bimywvbj.default\extensions
[2011/05/17 15:42:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2010/01/04 11:44:16 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/14 12:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/05/17 21:38:57 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RecGuard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - HKLM..\RunOnceEx: [Title] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe (FUJI PHOTO FILM CO., LTD.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\Owner\Start Menu\Programs\StartUp\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 157
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.109.66.23 213.109.75.218 1.1.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\FD7Y: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\itlntfy: DllName - itlnfw32.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/07/27 22:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 14:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/05/17 21:46:09 | 001,407,280 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\TDSSKiller.exe
[2011/05/17 21:44:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\GooredFix Backups
[2011/05/17 21:43:08 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Documents and Settings\Owner\Desktop\GooredFix.exe
[2011/05/17 21:38:56 | 000,000,000 | ---D | C] -- C:\_OTM
[2011/05/17 21:37:42 | 000,519,680 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTM.exe
[2011/05/17 21:37:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/05/17 21:36:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
[2011/05/17 21:36:25 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011/05/17 20:55:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Advanced SystemCare 4
[2011/05/17 20:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\IObit
[2011/05/17 20:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011/05/17 16:06:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\RegRun2
[2011/05/17 16:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\UnHackMe
[2011/05/17 15:27:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011/05/17 15:18:31 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IECompatCache
[2011/05/17 15:17:50 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2011/05/17 15:16:46 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2011/05/17 15:10:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011/05/17 15:08:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/05/17 14:44:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/05/17 14:44:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/17 14:44:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/05/17 14:44:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/05/17 14:44:25 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/05/17 14:44:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/15 18:30:10 | 000,000,000 | ---D | C] -- C:\Program Files\Search Toolbar
[2 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/17 21:46:26 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/05/17 21:43:06 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Documents and Settings\Owner\Desktop\GooredFix.exe
[2011/05/17 21:41:51 | 000,000,956 | ---- | M] () -- C:\hpqp.ini
[2011/05/17 21:41:48 | 000,000,039 | ---- | M] () -- C:\XP_TV.ini
[2011/05/17 21:41:43 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/17 21:41:42 | 000,000,270 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/05/17 21:41:17 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/17 21:41:15 | 1600,245,760 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/17 21:38:57 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011/05/17 21:37:51 | 000,519,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTM.exe
[2011/05/17 21:37:05 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Owner\Start Menu\Programs\StartUp\ERUNT AutoBackup.lnk
[2011/05/17 21:36:27 | 000,000,611 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2011/05/17 21:36:27 | 000,000,592 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2011/05/17 20:55:20 | 000,000,896 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Quick Care.lnk
[2011/05/17 20:55:19 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 4.lnk
[2011/05/17 20:55:19 | 000,000,874 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare 4.lnk
[2011/05/17 16:06:56 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/17 16:06:56 | 000,001,688 | ---- | M] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011/05/17 16:06:56 | 000,000,002 | RHS- | M] () -- C:\WINDOWS\winstart.bat
[2011/05/17 15:42:34 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/05/17 15:42:34 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/05/17 15:36:08 | 000,253,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/05/17 15:30:35 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/05/17 15:16:45 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/17 14:44:31 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/13 13:21:00 | 001,407,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Owner\Desktop\TDSSKiller.exe
[2011/05/12 20:27:39 | 000,014,362 | -HS- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\2287585103
[2011/05/12 20:27:39 | 000,014,362 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\2287585103
[2 C:\Documents and Settings\Owner\My Documents\*.tmp files -> C:\Documents and Settings\Owner\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/17 21:37:05 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\StartUp\ERUNT AutoBackup.lnk
[2011/05/17 21:36:27 | 000,000,611 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\NTREGOPT.lnk
[2011/05/17 21:36:27 | 000,000,592 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\ERUNT.lnk
[2011/05/17 20:55:54 | 000,000,270 | ---- | C] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/05/17 20:55:20 | 000,000,896 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Quick Care.lnk
[2011/05/17 20:55:19 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 4.lnk
[2011/05/17 20:55:19 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Advanced SystemCare 4.lnk
[2011/05/17 16:06:56 | 000,000,002 | RHS- | C] () -- C:\WINDOWS\winstart.bat
[2011/05/17 15:42:33 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/17 14:44:31 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/04/12 21:40:38 | 000,014,362 | -HS- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\2287585103
[2011/04/12 21:40:38 | 000,014,362 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2287585103
[2011/03/29 19:16:39 | 000,013,288 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\263cyn4d704r424100o082ajaj54c21l28va58
[2011/03/29 19:16:39 | 000,013,288 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\263cyn4d704r424100o082ajaj54c21l28va58
[2011/03/26 16:22:02 | 000,014,064 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\qs62j7j7kokb3sl16ks3i788j2j0dsfvb310pwniewq2jv2
[2011/03/25 12:23:46 | 000,013,958 | -HS- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\669035207
[2011/03/25 12:23:00 | 000,013,950 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\669035207
[2011/03/25 12:23:00 | 000,013,950 | -HS- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\1572846173
[2011/03/25 10:27:35 | 000,014,060 | -HS- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\qs62j7j7kokb3sl16ks3i788j2j0dsfvb310pwniewq2jv2
[2011/03/25 10:27:35 | 000,013,956 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\1572846173
[2011/03/25 09:49:32 | 000,014,064 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\qs62j7j7kokb3sl16ks3i788j2j0dsfvb310pwniewq2jv2
[2011/03/25 09:49:32 | 000,013,952 | -HS- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\qs62j7j7kokb3sl16ks3i788j2j0dsfvb310pwniewq2jv2
[2011/03/04 17:11:52 | 000,011,428 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2466758584
[2010/12/09 22:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010/12/05 13:08:14 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010/12/05 13:08:14 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/12/05 13:08:13 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010/12/05 13:08:13 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010/12/05 13:08:13 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010/12/05 13:08:13 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010/12/05 13:08:13 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010/12/05 13:08:13 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010/12/05 13:08:13 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010/12/05 13:08:13 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010/12/05 13:08:13 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010/12/05 13:08:13 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010/12/05 13:08:13 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010/12/05 13:08:13 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010/12/05 13:08:13 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010/12/05 13:08:13 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010/12/01 20:14:07 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/11/15 20:53:03 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 16:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2007/12/07 02:32:36 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\fusioncache.dat
[2007/12/07 00:12:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/04/13 15:19:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2006/08/14 14:52:26 | 000,000,680 | ---- | C] () -- C:\WINDOWS\lrun32.ini
[2006/08/14 14:50:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\AutoRun.INI
[2006/05/11 08:32:22 | 000,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/05/11 08:29:32 | 000,045,929 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.EXE
[2006/05/11 08:29:32 | 000,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/05/11 08:09:32 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/05/11 08:06:06 | 000,028,836 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/03/27 12:54:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/03/27 12:54:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/03/27 12:23:14 | 000,087,268 | ---- | C] () -- C:\WINDOWS\hpqins69.dat
[2006/03/27 12:18:52 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/03/27 12:15:14 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/03/27 12:05:02 | 000,391,638 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/03/27 12:05:02 | 000,056,124 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/03/27 12:01:16 | 000,253,472 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/03/27 11:57:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/03/27 11:54:34 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/12/02 14:09:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/26 16:28:34 | 000,143,360 | ---- | C] () -- C:\WINDOWS\unzip.exe
[2005/08/26 16:27:58 | 000,045,056 | ---- | C] () -- C:\WINDOWS\devenum.exe
[2004/08/04 17:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 17:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 17:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 17:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 17:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 17:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 17:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 17:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 18:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/28 17:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/05/28 17:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

========== LOP Check ==========

[2010/12/05 13:08:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2011/03/27 09:42:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2010/12/06 19:52:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/03/26 15:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\DriverCure
[2010/12/06 18:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Epson
[2009/03/16 20:03:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\FUJIFILM
[2011/05/17 20:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\IObit
[2011/03/26 15:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\ParetoLogic
[2011/05/17 21:41:42 | 000,000,270 | ---- | M] () -- C:\WINDOWS\Tasks\ASC4_PerformanceMonitor.job
[2011/05/17 21:46:26 | 000,000,424 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2011/03/26 15:18:57 | 000,000,376 | ---- | M] () -- C:\WINDOWS\Tasks\PC Health Advisor Defrag.job

========== Purity Check ==========

< End of report >

Edited by ChrisPittts, 18 May 2011 - 06:54 AM.

#1
ChrisPittts

Posted 17 May 2011 - 03:54 PM

Advertisements

#2
ldtate

Posted 20 May 2011 - 08:00 AM

#3
ChrisPittts

Posted 20 May 2011 - 08:07 AM

#4
ldtate

Posted 20 May 2011 - 08:10 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us