I came to this site after trying other things and not getting very far. I read the faq here after already running mbam and SAS in safe mode. I can get the worst of it to go away, but the windows cp recovery console starts up everytime windows starts, so I have to run rkill to kill the process. So, starting over, here is the OTL log:
OTL logfile created on: 5/25/2011 10:42:18 AM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\user.WS-1\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
991.30 Mb Total Physical Memory | 229.82 Mb Available Physical Memory | 23.18% Memory free
1.88 Gb Paging File | 1.13 Gb Available in Paging File | 60.31% Paging File free
Paging file location(s): C:\pagefile.sys 1024 2048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 19.69 Gb Free Space | 52.86% Space Free | Partition Type: NTFS
Drive M: | 916.82 Gb Total Space | 875.48 Gb Free Space | 95.49% Space Free | Partition Type: NTFS
Computer Name: WS-1 | User Name: user | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/05/25 10:40:56 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user.WS-1\Desktop\OTL.exe
PRC - [2010/08/19 11:03:22 | 000,589,824 | ---- | M] (Medcom Information Systems, Inc.) -- C:\Medcom\Lab\winlab.exe
PRC - [2010/08/19 11:00:38 | 000,204,800 | ---- | M] () -- c:\Medcom\Lab\WinComm.exe
PRC - [2010/07/09 08:13:08 | 002,048,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/08/16 08:23:18 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/16 08:23:16 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/16 08:23:10 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/16 08:23:00 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/08/16 08:22:42 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2008/01/28 12:43:36 | 005,146,448 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/03/15 00:35:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\hpzipm12.exe
PRC - [2004/11/15 05:20:20 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2002/02/15 10:51:00 | 000,114,749 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\pcAnywhere\AWHOST32.EXE
========== Modules (SafeList) ==========
MOD - [2011/05/25 10:40:56 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user.WS-1\Desktop\OTL.exe
MOD - [2006/08/25 10:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/03/18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/11/17 11:48:58 | 000,028,766 | ---- | M] (TelevisionFanatic) [Auto | Stopped] -- C:\Program Files\TelevisionFanatic\bar\1.bin\64barsvc.exe -- (TelevisionFanaticService)
SRV - [2009/08/16 08:23:00 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/08/16 08:22:42 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2005/03/15 00:35:02 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\hpzipm12.exe -- (Pml Driver HPZ12)
SRV - [2002/02/15 10:51:00 | 000,114,749 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\pcAnywhere\AWHOST32.EXE -- (awhost32)
========== Driver Services (SafeList) ==========
DRV - [2010/05/10 13:41:30 | 000,067,656 | -H-- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Documents and Settings\user.WS-1\Local Settings\Temp\SAS_SelfExtract\saskutil.sys -- (SASKUTIL)
DRV - [2010/02/17 13:25:48 | 000,012,872 | -H-- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Documents and Settings\user.WS-1\Local Settings\Temp\SAS_SelfExtract\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/08/16 08:23:17 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/16 08:23:17 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/05/19 09:20:20 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2005/09/22 12:56:09 | 000,057,968 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2005/01/04 04:46:14 | 000,013,184 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2005/01/04 04:01:48 | 000,239,104 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/12/24 23:37:48 | 000,016,800 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hppaufd0.sys -- (dot4ufd)
DRV - [2004/11/17 06:05:38 | 002,297,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/11/05 03:43:58 | 000,032,768 | R--- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2004/08/03 17:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004/06/20 19:19:14 | 000,049,920 | R--- | M] (SIIG, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oxser.sys -- (oxser)
DRV - [2004/05/30 13:00:50 | 000,016,384 | R--- | M] (SIIG, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oxmf.sys -- (oxmf)
DRV - [2004/05/30 13:00:50 | 000,004,992 | R--- | M] (SIIG, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oxmfuf.sys -- (Oxmfuf)
DRV - [2004/05/30 13:00:50 | 000,004,224 | R--- | M] (OEM) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oxmep.sys -- (oxmep)
DRV - [2003/07/17 20:58:00 | 000,036,992 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2002/02/11 10:51:00 | 000,033,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AW_HOST5.sys -- (AW_HOST)
DRV - [2001/10/09 10:51:00 | 000,014,944 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\GERNUWA.SYS -- (Gernuwa)
DRV - [2000/09/11 10:51:00 | 000,010,816 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\awlegacy.sys -- (awlegacy)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3A EC 51 BD D1 76 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {0696f815-a3a9-490a-bb14-9ec3350b1276} - C:\Program Files\TelevisionFanatic\bar\1.bin\64SrcAs.dll (TelevisionFanatic)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2009/01/05 20:40:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\TelevisionFanatic\bar\1.bin [2011/03/18 05:32:31 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2011/05/23 12:53:01 | 000,435,362 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 14985 more lines...
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Search Assistant BHO) - {5d79f641-c168-40df-a32f-bacea7509e75} - C:\Program Files\TelevisionFanatic\bar\1.bin\64SrcAs.dll (TelevisionFanatic)
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Toolbar BHO) - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (TelevisionFanatic)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0988.2\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (TelevisionFanatic) - {c98d5b61-b0ea-4d48-9839-1079d352d880} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (TelevisionFanatic)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (TelevisionFanatic) - {C98D5B61-B0EA-4D48-9839-1079D352D880} - C:\Program Files\TelevisionFanatic\bar\1.bin\64bar.dll (TelevisionFanatic)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [NpLvkgdMCjJX] C:\Documents and Settings\All Users\Application Data\NpLvkgdMCjJX.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Reg Error: Key error.)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file://C:\Program Files\Text Twist\Images\stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file://C:\Program Files\Text Twist\Images\armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\PCANotify: DllName - PCANotify.dll - C:\WINDOWS\System32\PCANotify.dll (Symantec Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/09/13 16:50:22 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4bd91283-de60-11de-89c3-0013d44e2d22}\Shell - "" = AutoRun
O33 - MountPoints2\{4bd91283-de60-11de-89c3-0013d44e2d22}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4bd91283-de60-11de-89c3-0013d44e2d22}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/05/25 10:41:49 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\user.WS-1\Desktop\OTL.exe
[2011/05/24 16:57:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user.WS-1\Desktop\New Startup
[2011/05/24 16:35:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user.WS-1\Recent
[2011/05/24 16:06:20 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\15851300.exe
[2011/05/24 15:20:30 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user.WS-1\Application Data\SUPERAntiSpyware.com
[2011/05/24 15:20:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/05/24 14:41:12 | 000,000,000 | ---D | C] -- C:\Virus Removal
[2011/05/24 13:37:14 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\user.WS-1\Start Menu\Programs\Windows XP Recovery
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/05/25 10:40:56 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user.WS-1\Desktop\OTL.exe
[2011/05/25 10:36:02 | 000,000,402 | ---- | M] () -- C:\WINDOWS\tasks\Spybot - Search & Destroy.job
[2011/05/25 09:15:27 | 076,230,380 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2011/05/24 16:36:09 | 000,000,152 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~15851300r
[2011/05/24 16:36:09 | 000,000,120 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\~15851300
[2011/05/24 16:35:08 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/24 16:34:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/24 14:44:59 | 000,001,840 | ---- | M] () -- C:\WINDOWS\winzip32.ini
[2011/05/24 13:37:03 | 000,000,336 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\15851300
[2011/05/24 13:27:21 | 000,473,088 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NpLvkgdMCjJX.exe
[2011/05/23 21:00:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/05/23 14:35:48 | 000,000,434 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for user.job
[2011/05/23 12:53:01 | 000,435,362 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/05/20 12:38:17 | 000,435,362 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110523-125301.backup
[2011/05/18 12:36:36 | 000,435,362 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110520-123817.backup
[2011/05/16 12:40:32 | 000,434,854 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110518-123636.backup
[2011/05/13 12:27:36 | 000,434,854 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110516-124032.backup
[2011/05/11 12:40:56 | 000,434,854 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110513-122736.backup
[2011/05/09 12:35:52 | 000,434,748 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110511-124056.backup
[2011/05/06 12:30:41 | 000,434,748 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110509-123552.backup
[2011/05/04 12:35:39 | 000,434,748 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110506-123041.backup
[2011/05/02 12:43:43 | 000,434,048 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110504-123539.backup
[2011/04/29 12:35:09 | 000,434,048 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110502-124343.backup
[2011/04/25 12:34:07 | 000,433,594 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110429-123509.backup
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/05/24 14:58:41 | 000,001,857 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2011/05/24 14:58:41 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/05/24 14:58:41 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/05/24 14:58:41 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 8.5.lnk
[2011/05/24 14:58:41 | 000,000,970 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Security Scan.lnk
[2011/05/24 14:58:41 | 000,000,897 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk
[2011/05/24 14:58:41 | 000,000,841 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\VA CPRS Demo.lnk
[2011/05/24 14:58:41 | 000,000,815 | -H-- | C] () -- C:\Documents and Settings\user.WS-1\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/24 14:58:41 | 000,000,804 | -H-- | C] () -- C:\Documents and Settings\user.WS-1\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/05/24 14:58:41 | 000,000,562 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Winlab Help File.lnk
[2011/05/24 14:58:41 | 000,000,562 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Lab.lnk
[2011/05/24 13:37:23 | 000,000,152 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~15851300r
[2011/05/24 13:37:23 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\~15851300
[2011/05/24 13:37:03 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\15851300
[2011/05/24 13:27:31 | 000,473,088 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\NpLvkgdMCjJX.exe
[2010/11/26 12:13:57 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/11/26 12:13:57 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010/03/11 13:55:25 | 000,000,011 | ---- | C] () -- C:\WINDOWS\hpljp300xg.ini
[2010/03/11 13:50:49 | 000,000,011 | ---- | C] () -- C:\WINDOWS\hpljp300xm.ini
[2010/01/08 13:51:48 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\user.WS-1\Local Settings\Application Data\prvlcl.dat
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2007/09/26 12:02:57 | 000,000,286 | ---- | C] () -- C:\WINDOWS\hpbafd.ini
[2005/10/13 09:58:20 | 000,006,496 | ---- | C] () -- C:\WINDOWS\ODBCADM.EXE
[2005/10/05 15:07:11 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/22 12:44:24 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\LabOleDb.dll
[2005/09/22 12:44:24 | 000,042,552 | ---- | C] () -- C:\WINDOWS\PKZIP.EXE
[2005/09/22 12:44:24 | 000,029,992 | ---- | C] () -- C:\WINDOWS\NE.COM
[2005/09/22 12:44:24 | 000,029,321 | ---- | C] () -- C:\WINDOWS\Tty.dat
[2005/09/22 12:44:24 | 000,028,959 | ---- | C] () -- C:\WINDOWS\PKUNZIP.EXE
[2005/09/22 12:44:23 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PSIWinComm.dll
[2005/09/22 12:44:23 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LabDbc.dll
[2005/09/22 12:37:06 | 000,001,840 | ---- | C] () -- C:\WINDOWS\winzip32.ini
[2005/09/13 17:14:51 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2005/09/13 17:14:47 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/09/13 17:14:47 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2005/09/13 17:14:37 | 000,000,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2005/09/13 17:08:09 | 000,083,471 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2005/09/13 17:08:07 | 000,032,768 | R--- | C] () -- C:\WINDOWS\InstFunc.exe
[2005/09/13 17:08:03 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\sis760.bin
[2005/09/13 17:08:03 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\sis741.bin
[2005/09/13 17:08:03 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\sis660.bin
[2005/09/13 17:07:54 | 000,097,115 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2005/09/13 17:07:44 | 000,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[2005/09/13 17:07:26 | 000,003,048 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2005/09/13 17:07:25 | 000,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2005/09/13 16:53:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/09/13 16:46:58 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/09/13 11:30:17 | 000,006,563 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/09/13 11:29:04 | 000,269,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,314,838 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,041,040 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1999/01/22 13:46:56 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2010/10/26 09:05:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2009/11/24 14:40:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/08/12 13:25:59 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user.WS-1\Application Data\GetRightToGo
[2010/08/12 12:23:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user.WS-1\Application Data\MSNInstaller
[2010/04/16 16:02:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\user.WS-1\Application Data\TP
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E49FC3A5
@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E13861A5
< End of report >
Sign In
Create Account
