Just putting up my OTL quick scans to join in the fun. I think I have the redirect issue on my laptop. I use google search end up at some porn site or a bogus site. Any help will be greatly appreciated.
Here are my logs.
OTL logfile created on: 11/4/2010 11:57:49 AM - Run 3
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\TLP\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 60.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 79.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.37 Gb Total Space | 198.84 Gb Free Space | 69.43% Space Free | Partition Type: NTFS
Computer Name: TLP-PC | User Name: TLP | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\TLP\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files\ASUS\Net4Switch\Net4Switch.exe (ASUS)
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\TLP\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (ADSMService) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MEMSWEEP2) -- C:\Windows\SysNative\82C6.tmp File not found
DRV:64bit: - (ipswuio) -- C:\Windows\SysNative\DRIVERS\ipswuio.sys File not found
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (itecir) -- C:\Windows\SysNative\drivers\itecir.sys (ITE Tech. Inc. )
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (NETw5s64) Intel® -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\drivers\Rtlh64.sys (Realtek )
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (netw5v64) Intel® -- C:\Windows\SysNative\drivers\NETw5v64.sys (Intel Corporation)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (ASMMAP64) -- C:\Program Files\ATKGFNEX\ASMMAP64.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=ASUS&bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 5D B0 31 0E 49 C4 B8 45 97 1A F1 C8 1A 5E 88 D5 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.12.0.36949
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.10
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {54a9f0f8-343c-4d2f-bc43-033a0a526dfa}:1.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1151
FF - prefs.js..keyword.URL: "http://bing.zugotool...s&site=Bing&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2010/10/28 20:53:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/10/28 21:02:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/10/28 21:02:47 | 000,000,000 | ---D | M]
[2010/09/10 07:56:28 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\Mozilla\Extensions
[2010/09/10 07:56:28 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/11/03 13:35:29 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\Mozilla\Firefox\Profiles\tb3htspn.default\extensions
[2010/09/24 16:26:37 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Users\TLP\AppData\Roaming\Mozilla\Firefox\Profiles\tb3htspn.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010/10/10 11:01:19 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\TLP\AppData\Roaming\Mozilla\Firefox\Profiles\tb3htspn.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/04/27 00:17:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\TLP\AppData\Roaming\Mozilla\Firefox\Profiles\tb3htspn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/10 08:18:08 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\TLP\AppData\Roaming\Mozilla\Firefox\Profiles\tb3htspn.default\extensions\{54a9f0f8-343c-4d2f-bc43-033a0a526dfa}
[2010/09/10 10:27:30 | 000,000,000 | ---D | M] (WOT) -- C:\Users\TLP\AppData\Roaming\Mozilla\Firefox\Profiles\tb3htspn.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/08/26 08:29:44 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\TLP\AppData\Roaming\Mozilla\Firefox\Profiles\tb3htspn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/04/17 20:43:52 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\TLP\AppData\Roaming\Mozilla\Firefox\Profiles\tb3htspn.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/06/22 13:27:12 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\Mozilla\Firefox\Profiles\tb3htspn.default\extensions\[email protected]
[2010/10/28 21:03:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/05/12 13:35:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/05/12 13:35:10 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2010/10/28 17:10:22 | 000,424,222 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 14622 more lines...
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\hssie\HssIE_64.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O4 - HKLM..\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.220.0.10 24.220.0.11
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O24 - Desktop WallPaper: C:\Program Files\P4G\wallpaper\long_battery_life_wallpaper_1440X900.jpg
O24 - Desktop BackupWallPaper: C:\Program Files\P4G\wallpaper\long_battery_life_wallpaper_1440X900.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk /r \??\C:) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
========== Files/Folders - Created Within 30 Days ==========
[2010/11/04 11:51:13 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010/11/04 11:23:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/11/04 10:27:56 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\TLP\Desktop\OTL.exe
[2010/11/03 08:58:34 | 000,000,000 | ---D | C] -- C:\Users\TLP\Documents\My Extracted Files
[2010/11/03 08:55:51 | 000,000,000 | ---D | C] -- C:\Users\TLP\AppData\Roaming\BitZipper
[2010/11/03 08:55:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitZipper
[2010/11/03 08:31:28 | 000,000,000 | ---D | C] -- C:\Users\TLP\Documents\DAOC
[2010/10/28 20:54:22 | 000,000,000 | ---D | C] -- C:\Users\TLP\AppData\Roaming\AVG10
[2010/10/28 20:52:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/10/28 20:43:33 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/10/28 20:43:15 | 000,000,000 | ---D | C] -- C:\Users\TLP\AppData\Roaming\GlarySoft
[2010/10/28 20:40:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities
[2010/10/28 17:00:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/10/28 17:00:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010/10/28 16:55:21 | 000,000,000 | ---D | C] -- C:\Users\TLP\Desktop\backups
[2010/10/25 10:43:53 | 001,317,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\TLP\Desktop\TDSSKiller.exe
[2010/10/13 08:12:18 | 000,000,000 | ---D | C] -- C:\Users\TLP\AppData\Roaming\EurekaLog
[2010/10/13 08:09:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2010/10/13 08:09:44 | 000,000,000 | ---D | C] -- C:\Users\TLP\Documents\Anti-Malware
[2010/10/12 23:14:54 | 000,000,000 | ---D | C] -- C:\Users\TLP\DoctorWeb
[2010/10/12 22:43:05 | 000,000,000 | ---D | C] -- C:\tdss_remover_latest
[2010/10/12 19:31:09 | 000,000,000 | ---D | C] -- C:\Users\TLP\AppData\Roaming\DaocTB
[2010/10/12 19:25:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAOC-Charplan
[2010/10/12 11:57:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/10/12 11:56:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010/10/11 12:23:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2010/10/11 11:49:09 | 000,189,520 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysWow64\drivers\tmcomm.sys
[1 C:\Users\TLP\Desktop\*.tmp files -> C:\Users\TLP\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/11/04 11:50:00 | 003,902,849 | ---- | M] () -- C:\Users\TLP\Desktop\ComboFix.exe
[2010/11/04 11:38:05 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/04 11:38:05 | 000,011,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/04 11:30:48 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2010/11/04 11:30:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/04 11:30:22 | 3220,525,056 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/04 11:13:55 | 000,287,041 | ---- | M] () -- C:\Users\TLP\Desktop\gmer.zip
[2010/11/04 11:12:51 | 000,000,000 | ---- | M] () -- C:\Users\TLP\defogger_reenable
[2010/11/04 10:28:01 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\TLP\Desktop\OTL.exe
[2010/11/04 09:16:50 | 098,331,948 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/10/28 20:53:32 | 000,000,960 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010/10/28 20:53:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\avg\incavi.avm
[2010/10/28 20:53:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\avg\iavichjw.avm
[2010/10/28 20:44:51 | 000,017,201 | ---- | M] () -- C:\AVGInstLog.cab
[2010/10/28 20:40:31 | 000,000,995 | ---- | M] () -- C:\Users\TLP\Desktop\Glary Utilities.lnk
[2010/10/28 17:10:22 | 000,424,222 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/10/28 17:00:51 | 000,001,265 | ---- | M] () -- C:\Users\TLP\Desktop\Spybot - Search & Destroy.lnk
[2010/10/26 14:17:34 | 000,728,058 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/10/26 14:17:34 | 000,625,438 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/10/26 14:17:34 | 000,107,396 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/10/26 14:17:29 | 000,000,020 | ---- | M] () -- C:\Windows\D÷̣
[2010/10/25 09:50:38 | 001,317,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\TLP\Desktop\TDSSKiller.exe
[2010/10/18 12:14:52 | 000,201,980 | ---- | M] () -- C:\Windows\hpoins41.dat
[2010/10/16 21:52:45 | 000,044,544 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\agremove.exe
[2010/10/15 23:55:15 | 000,017,408 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2010/10/14 21:19:48 | 000,427,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/10/12 22:25:32 | 000,000,024 | ---- | M] () -- C:\Windows\ATKPF.ini
[2010/10/12 19:30:59 | 000,001,937 | ---- | M] () -- C:\Users\Public\Desktop\DAOC-Charplan.lnk
[2010/10/12 15:17:03 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2010/10/12 11:56:46 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/10/11 11:48:04 | 000,000,036 | ---- | M] () -- C:\Users\TLP\AppData\Local\housecall.guid.cache
[1 C:\Users\TLP\Desktop\*.tmp files -> C:\Users\TLP\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/11/04 11:28:31 | 003,902,849 | ---- | C] () -- C:\Users\TLP\Desktop\ComboFix.exe
[2010/11/04 11:13:51 | 000,287,041 | ---- | C] () -- C:\Users\TLP\Desktop\gmer.zip
[2010/11/04 11:12:51 | 000,000,000 | ---- | C] () -- C:\Users\TLP\defogger_reenable
[2010/10/28 20:53:32 | 000,000,960 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010/10/28 20:44:51 | 000,017,201 | ---- | C] () -- C:\AVGInstLog.cab
[2010/10/28 20:40:32 | 000,000,320 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2010/10/28 20:40:31 | 000,000,995 | ---- | C] () -- C:\Users\TLP\Desktop\Glary Utilities.lnk
[2010/10/28 17:00:51 | 000,001,265 | ---- | C] () -- C:\Users\TLP\Desktop\Spybot - Search & Destroy.lnk
[2010/10/26 14:17:28 | 000,000,020 | ---- | C] () -- C:\Windows\D÷̣
[2010/10/12 19:30:59 | 000,001,937 | ---- | C] () -- C:\Users\Public\Desktop\DAOC-Charplan.lnk
[2010/10/12 11:56:46 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/10/11 11:48:04 | 000,000,036 | ---- | C] () -- C:\Users\TLP\AppData\Local\housecall.guid.cache
[2010/09/10 08:20:54 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/08/20 12:14:15 | 000,000,017 | ---- | C] () -- C:\Users\TLP\AppData\Local\resmon.resmoncfg
[2010/08/09 08:57:36 | 000,009,236 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/07/08 12:29:48 | 000,000,003 | RH-- | C] () -- C:\ProgramData\LoJackNotifier.txt
[2010/05/11 21:50:06 | 000,000,032 | ---- | C] () -- C:\Windows\sctool55.INI
[2010/05/11 21:49:15 | 000,000,023 | ---- | C] () -- C:\Windows\PFW3.INI
[2010/05/11 21:49:13 | 000,000,017 | ---- | C] () -- C:\Windows\Averasell.ini
[2010/05/11 21:48:53 | 000,000,637 | ---- | C] () -- C:\Windows\retailer.ini
[2010/04/27 00:31:36 | 000,000,155 | ---- | C] () -- C:\Users\TLP\AppData\Roaming\BBMS_EXCEPTION.txt
[2010/03/15 16:47:37 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010/03/15 16:12:48 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010/03/15 16:12:48 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009/10/20 10:11:26 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/10/19 12:55:35 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2009/08/18 14:45:45 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/08/04 12:01:02 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/08/04 00:22:34 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/07/31 11:31:53 | 000,000,000 | ---- | C] () -- C:\Users\TLP\AppData\Roaming\wklnhst.dat
[2009/07/28 15:25:49 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009/07/28 03:14:04 | 000,002,039 | ---- | C] () -- C:\Users\TLP\AppData\Roaming\install.dat
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/10/08 22:38:27 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\MSRTEDIT.DLL
========== LOP Check ==========
[2010/03/15 15:08:11 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\Absolute
[2010/10/28 20:54:22 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\AVG10
[2010/11/04 09:08:35 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\BitZipper
[2009/12/24 12:59:51 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\Cogniview
[2010/10/12 19:47:34 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\DaocTB
[2010/03/15 15:08:11 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\Electronic Arts
[2010/10/13 08:12:18 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\EurekaLog
[2010/10/28 20:43:15 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\GlarySoft
[2010/03/15 15:08:14 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\IObit
[2010/03/15 15:08:14 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\KSCraft
[2010/03/15 15:08:30 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\NetMeter
[2010/03/15 15:08:30 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\Peachtree
[2010/04/27 00:31:33 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\Research In Motion
[2010/03/15 15:08:30 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\Template
[2010/03/15 15:08:30 | 000,000,000 | ---D | M] -- C:\Users\TLP\AppData\Roaming\Thunderbird
[2010/11/04 11:30:48 | 000,000,320 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2010/10/08 11:00:36 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >