OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\15102013\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
495.48 Mb Total Physical Memory | 126.71 Mb Available Physical Memory | 25.57% Memory free
1.13 Gb Paging File | 0.81 Gb Available in Paging File | 71.85% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.02 Gb Total Space | 289.44 Gb Free Space | 97.12% Space Free | Partition Type: FAT32
Computer Name: ACER-5322778D58 | User Name: 15102013 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/10/16 15:39:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\15102013\My Documents\Downloads\OTL.exe
PRC - [2013/10/03 14:03:08 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/12/21 12:41:16 | 000,176,128 | ---- | M] (Acer Inc) -- C:\Acer\ePM\EPM-DM.exe
PRC - [2004/10/01 16:46:02 | 000,262,144 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.EXE
PRC - [2004/08/16 15:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) -- C:\Acer\eManager\anbmServ.exe
PRC - [2004/08/12 15:13:16 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004/07/27 17:01:36 | 000,068,096 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2003/03/19 00:39:48 | 000,184,320 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
========== Modules (No Company Name) ==========
MOD - [2013/10/15 23:10:08 | 013,584,776 | ---- | M] () -- C:\Documents and Settings\15102013\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.9.900.117\pepflashplayer.dll
MOD - [2013/10/03 14:03:06 | 000,415,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppgooglenaclpluginchrome.dll
MOD - [2013/10/03 14:03:04 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll
MOD - [2013/10/03 14:02:10 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2004/08/16 15:17:20 | 001,287,168 | ---- | M] (OSA Technologies Inc.) [Auto | Running] -- C:\Acer\eManager\anbmServ.exe -- (anbmService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2004/10/29 18:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51)
DRV - [2004/09/02 17:27:00 | 000,078,208 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-shd.sys -- (EpmShd)
DRV - [2004/08/09 14:27:18 | 000,070,144 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/08/02 21:09:18 | 000,635,281 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2004/07/22 14:50:16 | 001,268,234 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/07/19 13:10:00 | 000,004,096 | ---- | M] (Acer Value Labs, USA) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epm-psd.sys -- (EpmPsd)
DRV - [2004/06/16 11:19:58 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2004/02/24 11:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/10/08 11:11:26 | 000,033,847 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wA301a.sys -- ({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...vMMONrgeMzYCYDg
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Google Docs = C:\Documents and Settings\15102013\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Documents and Settings\15102013\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\15102013\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Documents and Settings\15102013\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\15102013\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Documents and Settings\15102013\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2004/08/04 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [EPM-DM] c:\Acer\ePM\EPM-DM.exe (Acer Inc)
O4 - HKLM..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe (Acer Value Labs, Taiwan)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DABC7B46-4960-4FD6-A14C-C552C2F0228F}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\ACER.BMP
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\ACER.BMP
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/10/06 16:27:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/10/16 15:34:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013/10/16 15:28:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2013/10/16 15:28:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2013/10/16 15:28:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2013/10/16 15:28:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013/10/16 15:27:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/10/16 15:25:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2013/10/16 15:21:57 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013/10/16 15:14:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2013/10/16 15:14:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2013/10/16 15:13:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2013/10/16 15:13:13 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2013/10/16 15:12:51 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
[2013/10/16 15:12:20 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013/10/16 12:42:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\15102013\Start Menu\Programs\Games
[2013/10/16 12:41:15 | 000,000,000 | ---D | C] -- C:\Program Files\Bejeweled 3
[2013/10/16 12:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Launch Manager
[2013/10/16 12:26:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Launch Manager
[2013/10/16 12:26:39 | 000,131,072 | ---- | C] (Dritek System Inc.) -- C:\WINDOWS\UNINST32.EXE
[2013/10/16 12:25:42 | 000,221,258 | ---- | C] (Acer Labs USA) -- C:\WINDOWS\System32\Epm-Po.dll
[2013/10/16 12:25:42 | 000,078,208 | ---- | C] (Acer Value Labs, USA) -- C:\WINDOWS\System32\drivers\epm-shd.sys
[2013/10/16 12:25:42 | 000,004,096 | ---- | C] (Acer Value Labs, USA) -- C:\WINDOWS\System32\drivers\epm-psd.sys
[2013/10/16 12:25:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Acer ePM
[2013/10/16 12:24:47 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2013/10/16 12:24:03 | 000,000,000 | --SD | C] -- C:\Documents and Settings\15102013\Application Data\Microsoft
[2013/10/16 12:24:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\15102013\SendTo
[2013/10/16 12:24:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\15102013\Recent
[2013/10/16 12:24:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\15102013\Application Data
[2013/10/16 12:24:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\15102013\Start Menu\Programs\Startup
[2013/10/16 12:24:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\15102013\Start Menu
[2013/10/16 12:24:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\15102013\My Documents\My Pictures
[2013/10/16 12:24:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\15102013\My Documents\My Music
[2013/10/16 12:24:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\15102013\My Documents
[2013/10/16 12:24:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\15102013\Favorites
[2013/10/16 12:24:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\15102013\Start Menu\Programs\Accessories
[2013/10/16 12:24:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\15102013\Cookies
[2013/10/16 12:24:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\15102013\Templates
[2013/10/16 12:24:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\15102013\PrintHood
[2013/10/16 12:24:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\15102013\NetHood
[2013/10/16 12:24:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\15102013\Local Settings
[2013/10/16 12:24:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\15102013\Local Settings\Application Data\Microsoft
[2013/10/16 12:24:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\15102013\Application Data\Identities
[2013/10/16 12:24:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\15102013\Desktop
[2013/10/15 22:59:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\15102013\Application Data\Macromedia
[2013/10/15 22:09:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\15102013\My Documents\Downloads
[2013/10/15 22:05:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2013/10/15 22:05:25 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/10/15 22:02:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\15102013\Application Data\AdobeUM
[2013/10/15 22:02:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\15102013\Local Settings\Application Data\Adobe
[2013/10/15 22:02:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\15102013\My Documents\My eBooks
[2013/10/15 22:02:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/10/15 22:02:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\15102013\Application Data\Adobe
[2013/10/15 21:57:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
[2013/10/15 21:55:56 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013/10/15 21:55:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\15102013\Local Settings\Application Data\Google
[2013/10/15 21:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2013/10/15 21:50:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Panda Security
[2013/10/15 21:47:06 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\15102013\UserData
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/10/16 15:35:52 | 000,313,514 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/10/16 15:35:52 | 000,041,066 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/10/16 15:34:56 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013/10/16 15:34:38 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\15102013\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2013/10/16 15:34:38 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\15102013\Desktop\Windows Media Player.lnk
[2013/10/16 15:34:30 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/16 15:34:26 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/10/16 15:34:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/10/16 15:34:10 | 000,157,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/10/16 15:34:08 | 519,622,656 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/16 15:25:32 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2013/10/16 15:17:32 | 000,000,723 | ---- | M] () -- C:\Documents and Settings\15102013\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/10/16 15:15:18 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/10/16 15:00:02 | 000,000,890 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/16 14:33:42 | 000,000,843 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Panda Cloud Cleaner.lnk
[2013/10/16 12:42:02 | 000,001,537 | ---- | M] () -- C:\Documents and Settings\15102013\Desktop\Bejeweled 3.lnk
[2013/10/16 12:28:10 | 000,000,095 | ---- | M] () -- C:\WINDOWS\ALaunch.ini
[2013/10/16 12:26:42 | 000,000,083 | ---- | M] () -- C:\WINDOWS\CPLBCL53.UNI
[2013/10/16 12:25:12 | 000,001,509 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Acer eManager.lnk
[2013/10/16 12:23:10 | 000,000,781 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/10/16 12:23:10 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2013/10/15 22:05:34 | 000,001,665 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2013/10/15 22:05:34 | 000,001,648 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 7.0.lnk
[2013/10/15 22:00:44 | 000,001,739 | ---- | M] () -- C:\Documents and Settings\15102013\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/10/15 21:57:52 | 000,001,721 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/10/15 21:20:06 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2013/10/15 21:18:42 | 000,004,239 | ---- | M] () -- C:\WINDOWS\CLEANUP.CMD
[2013/10/15 21:18:36 | 000,000,225 | ---- | M] () -- C:\WINDOWS\HOTFIX.BAT
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/10/16 15:28:55 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2013/10/16 15:28:55 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2013/10/16 15:28:55 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2013/10/16 15:28:55 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2013/10/16 15:28:55 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2013/10/16 15:28:55 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2013/10/16 15:28:55 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2013/10/16 15:28:55 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2013/10/16 15:28:55 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2013/10/16 15:28:55 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2013/10/16 15:28:55 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2013/10/16 15:28:55 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2013/10/16 15:28:55 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2013/10/16 15:28:55 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2013/10/16 15:28:55 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2013/10/16 15:28:55 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2013/10/16 15:28:55 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2013/10/16 15:28:54 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2013/10/16 15:28:54 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2013/10/16 15:28:54 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2013/10/16 15:28:54 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2013/10/16 15:28:54 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2013/10/16 15:28:54 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2013/10/16 15:28:54 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2013/10/16 15:28:54 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2013/10/16 15:28:54 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2013/10/16 15:28:54 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2013/10/16 15:28:54 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2013/10/16 15:28:54 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2013/10/16 15:28:54 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2013/10/16 15:28:54 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2013/10/16 15:28:54 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2013/10/16 15:28:54 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2013/10/16 15:28:54 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2013/10/16 15:28:54 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2013/10/16 15:28:54 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2013/10/16 15:28:54 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2013/10/16 15:28:54 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2013/10/16 15:28:54 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2013/10/16 15:28:54 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2013/10/16 15:28:54 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2013/10/16 15:28:54 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2013/10/16 15:28:54 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2013/10/16 15:28:54 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2013/10/16 15:28:54 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2013/10/16 15:28:54 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2013/10/16 15:28:54 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2013/10/16 15:28:54 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2013/10/16 15:28:54 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2013/10/16 15:28:54 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2013/10/16 15:28:54 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2013/10/16 15:28:54 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2013/10/16 15:28:54 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2013/10/16 15:28:54 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2013/10/16 15:28:54 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2013/10/16 15:28:54 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2013/10/16 15:28:54 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2013/10/16 15:28:54 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2013/10/16 15:28:54 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2013/10/16 15:28:54 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2013/10/16 15:28:54 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2013/10/16 15:28:54 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2013/10/16 15:28:54 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2013/10/16 15:28:54 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2013/10/16 15:28:53 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2013/10/16 15:28:53 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2013/10/16 15:28:53 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2013/10/16 15:28:53 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2013/10/16 15:28:53 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2013/10/16 15:28:53 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2013/10/16 15:28:53 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2013/10/16 15:28:53 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2013/10/16 15:28:53 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2013/10/16 15:28:53 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2013/10/16 15:28:53 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2013/10/16 15:28:53 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2013/10/16 15:28:53 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2013/10/16 15:28:53 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2013/10/16 15:28:53 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2013/10/16 15:28:53 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2013/10/16 15:25:41 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013/10/16 15:25:41 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/10/16 15:25:40 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013/10/16 12:42:00 | 000,001,537 | ---- | C] () -- C:\Documents and Settings\15102013\Desktop\Bejeweled 3.lnk
[2013/10/16 12:26:40 | 000,000,083 | ---- | C] () -- C:\WINDOWS\CPLBCL53.UNI
[2013/10/16 12:26:39 | 000,004,500 | ---- | C] () -- C:\WINDOWS\System32\FILTRCOI.DLL
[2013/10/16 12:24:50 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\15102013\Desktop\Windows Media Player.lnk
[2013/10/16 12:24:04 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\15102013\Start Menu\Programs\Remote Assistance.lnk
[2013/10/16 12:24:04 | 000,000,723 | ---- | C] () -- C:\Documents and Settings\15102013\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/10/16 12:24:04 | 000,000,711 | ---- | C] () -- C:\Documents and Settings\15102013\Start Menu\Programs\Internet Explorer.lnk
[2013/10/16 12:24:04 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\15102013\Start Menu\Programs\Windows Media Player.lnk
[2013/10/16 12:24:04 | 000,000,646 | ---- | C] () -- C:\Documents and Settings\15102013\Start Menu\Programs\Outlook Express.lnk
[2013/10/16 12:24:04 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\15102013\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2013/10/15 22:05:32 | 000,001,810 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader 7.0.lnk
[2013/10/15 22:05:32 | 000,001,665 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2013/10/15 22:05:32 | 000,001,648 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 7.0.lnk
[2013/10/15 22:02:40 | 000,000,712 | ---- | C] () -- C:\Documents and Settings\15102013\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2013/10/15 21:57:50 | 000,001,739 | ---- | C] () -- C:\Documents and Settings\15102013\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/10/15 21:57:50 | 000,001,721 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2013/10/15 21:55:58 | 000,000,890 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/15 21:55:57 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/15 21:50:14 | 000,000,843 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Panda Cloud Cleaner.lnk
[2013/10/15 21:20:05 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2013/10/15 21:19:22 | 519,622,656 | -HS- | C] () -- C:\hiberfil.sys
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/14 05:42:06 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008/04/14 05:41:54 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 05:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
========== Purity Check ==========
< End of report >
Had to reformat due to missing file from windows based on recovery discs issued by manufacturer. Does April 8, 2014 windows support by chance related to this issue? Currently running SP3 and IE7 (manually installed) [Error number: 0x8024D001]
Acer Travelmate 4050
Edited by xxmaxixx, 16 October 2013 - 02:03 AM.