Ok, here's the OTL.Txt report, (I couldn't find the Extras.Txt):
OTL logfile created on: 8/26/2011 9:56:55 AM - Run 2
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1013.88 Mb Total Physical Memory | 473.22 Mb Available Physical Memory | 46.67% Memory free
2.38 Gb Paging File | 1.82 Gb Available in Paging File | 76.51% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 143.04 Gb Total Space | 126.74 Gb Free Space | 88.61% Space Free | Partition Type: NTFS
Computer Name: ACER-36D0BD61CF | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/08/26 09:53:35 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/04/28 02:49:40 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/18 16:04:31 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/12/20 13:03:50 | 000,697,856 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
PRC - [2010/12/08 15:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010/11/23 18:49:24 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010/11/16 15:48:32 | 000,152,576 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010/11/15 14:41:18 | 000,367,496 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
PRC - [2010/11/02 13:04:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/10/06 16:08:53 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2010/05/14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/05/11 11:11:58 | 000,134,144 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
PRC - [2010/01/14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/10/27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/01/16 17:41:00 | 000,212,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Owner\Local Settings\Temp\RtkBtMnt.exe
PRC - [2009/01/10 20:24:38 | 000,565,248 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
PRC - [2008/12/30 00:09:52 | 000,875,016 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2008/11/27 12:00:58 | 000,237,568 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer VCM\RS_Service.exe
PRC - [2008/10/02 20:18:36 | 000,294,544 | ---- | M] (Carbonite, Inc.) -- C:\Program Files\Carbonite\CarbonitePreinstaller.exe
PRC - [2008/10/01 00:00:00 | 000,199,680 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIFCA.EXE
PRC - [2008/04/15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 18:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ========== MOD - [2010/12/20 13:17:18 | 010,837,504 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtWebKit4.dll
MOD - [2010/12/20 13:17:18 | 002,551,808 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll
MOD - [2010/12/20 13:17:18 | 002,277,888 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtCore4.dll
MOD - [2010/12/20 13:17:18 | 000,912,384 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtNetwork4.dll
MOD - [2010/12/20 13:17:18 | 000,196,608 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\Imageformats\qjpeg4.dll
MOD - [2010/12/20 13:17:18 | 000,026,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\Imageformats\qgif4.dll
MOD - [2010/12/20 13:17:16 | 008,151,040 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtGui4.dll
MOD - [2010/12/20 13:17:16 | 002,186,752 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtDeclarative4.dll
MOD - [2010/12/20 13:17:16 | 001,283,584 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtScript4.dll
MOD - [2010/12/20 13:17:16 | 000,675,840 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtOpenGL4.dll
MOD - [2010/12/20 13:17:16 | 000,339,456 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtXml4.dll
MOD - [2010/12/20 13:17:16 | 000,266,752 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\phonon4.dll
MOD - [2010/12/20 13:17:16 | 000,190,464 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\QtSql4.dll
MOD - [2010/12/20 13:17:16 | 000,120,832 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\Plugins\nps.dll
MOD - [2010/12/20 12:57:12 | 000,790,016 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\Maps Service API.dll
MOD - [2010/12/20 12:55:12 | 000,345,088 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\OviShareLib.dll
MOD - [2010/12/20 12:55:12 | 000,180,104 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\noaipcclient.dll
MOD - [2010/12/20 12:55:12 | 000,028,040 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\wrtserviceipcclient.dll
MOD - [2010/12/20 12:54:14 | 000,680,448 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll
MOD - [2010/11/15 14:41:18 | 000,367,496 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
MOD - [2010/11/15 14:41:18 | 000,034,184 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\wrtserviceipcserver.dll
MOD - [2010/11/15 10:13:00 | 000,016,384 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\qtsecurestorage.dll
MOD - [2010/11/15 10:12:46 | 000,015,360 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\cryptodll.dll
MOD - [2010/11/15 10:12:46 | 000,013,824 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\qtsecurestorageserver.dll
MOD - [2010/09/23 18:34:40 | 008,151,040 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\QtGui4.dll
MOD - [2010/09/23 18:25:08 | 000,912,384 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\QtNetwork4.dll
MOD - [2010/09/23 18:24:02 | 000,339,456 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\QtXml4.dll
MOD - [2010/09/23 18:23:50 | 002,277,888 | ---- | M] () -- C:\Program Files\Common Files\Nokia\NoA\QtCore4.dll
MOD - [2010/02/05 11:27:45 | 001,291,776 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2010/01/28 13:57:58 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008/04/14 05:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/14 05:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2005/07/20 11:48:10 | 000,059,904 | ---- | M] () -- C:\Program Files\Nokia\Nokia Ovi Suite\zlib1.dll
MOD - [2003/06/06 22:30:08 | 000,057,344 | ---- | M] () -- C:\Program Files\Launch Manager\PowerUtl.dll
========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
SRV - [2011/04/28 02:49:40 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/18 16:04:31 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/12/08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/11/27 12:00:58 | 000,237,568 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2008/04/15 18:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
========== Driver Services (SafeList) ========== DRV - [2011/08/24 15:26:24 | 000,101,720 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SBREDrv.sys -- (SBRE)
DRV - [2011/07/22 09:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Documents and Settings\Owner\Local Settings\Temp\SAS_SelfExtract\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 14:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Documents and Settings\Owner\Local Settings\Temp\SAS_SelfExtract\saskutil.sys -- (SASKUTIL)
DRV - [2011/03/18 16:04:33 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/11/23 13:18:17 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/07/30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/07/12 01:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/09/16 10:22:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/09/16 10:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 10:22:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/09/16 10:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/05/11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/12/26 02:27:26 | 004,968,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/09/23 10:15:00 | 000,038,400 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l1e51x86.sys -- (L1e)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/14 18:54:18 | 001,318,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2006/11/02 06:27:34 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2003/10/01 12:29:50 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- c:\Acernb\int15.sys -- (int15.sys)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4283021946-3646181656-3495054330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.google.com/ [binary data]
IE - HKU\S-1-5-21-4283021946-3646181656-3495054330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/IE - HKU\S-1-5-21-4283021946-3646181656-3495054330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Owner\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Owner\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/10/06 16:10:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/01/06 15:15:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/01/06 15:15:12 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2008/04/14 05:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-4283021946-3646181656-3495054330-1003\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NotificationCenterLauncher] C:\Program Files\Acer\Acer eRecovery Management\NotificationLauncher.exe (Acer)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-4283021946-3646181656-3495054330-1003..\Run: [] File not found
O4 - HKU\S-1-5-21-4283021946-3646181656-3495054330-1003..\Run: [EPSON NX410 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFCA.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-4283021946-3646181656-3495054330-1003..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk = C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4283021946-3646181656-3495054330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O15 - HKU\S-1-5-21-4283021946-3646181656-3495054330-1003\..Trusted Domains: //@install.mar@/ ([]msni in My Computer)
O15 - HKU\S-1-5-21-4283021946-3646181656-3495054330-1003\..Trusted Domains: //@mail.mar@/ ([]msni in Local intranet)
O15 - HKU\S-1-5-21-4283021946-3646181656-3495054330-1003\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-4283021946-3646181656-3495054330-1003\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-4283021946-3646181656-3495054330-1003\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821}
http://www.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874}
http://www.worldwinn...0/tpir/tpir.cab (TPIR Control)
O16 - DPF: {4AB16005-E995-4A60-89DE-8B8A3E6EB5B0}
http://www.worldwinn...vialpursuit.cab (TrivialPursuit Control)
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7}
http://www.worldwinn...ll/freecell.cab (FreeCell Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB}
http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280}
http://www.worldwinn....0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F}
http://www.worldwinn...v57/wof/wof.cab (WoF Control)
O16 - DPF: {BB637307-92FA-47EC-B3F7-6969078673CC}
http://www.worldwinn...royal/royal.cab (Royal Control)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe ()
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/16 16:34:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{695140c2-c623-11de-b35d-00235a625d57}\Shell - "" = AutoRun
O33 - MountPoints2\{695140c2-c623-11de-b35d-00235a625d57}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{695140c2-c623-11de-b35d-00235a625d57}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O33 - MountPoints2\{695140c3-c623-11de-b35d-00235a625d57}\Shell\AutoRun\command - "" = E:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2011/08/26 09:52:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/08/26 09:21:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop\RK_Quarantine
[2011/08/26 09:19:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2011/08/26 09:19:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/26 09:19:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
[2011/08/26 05:03:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2011/08/26 01:40:37 | 000,027,984 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\sbbd.exe
[2011/08/26 01:40:14 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2011/08/26 01:21:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Recent
[2011/08/26 01:18:09 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\firefox.exe
[2011/08/26 01:02:14 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup-1.51.1.1800.exe
[2011/08/26 00:51:09 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\jugsrz3tur.exe
[2011/08/25 23:59:53 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.com
[2011/08/25 23:56:22 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
[2011/08/25 14:56:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/08/25 14:56:43 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/08/25 14:56:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/08/25 14:56:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/25 14:36:39 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/08/25 14:32:24 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\OTL.exe
[2011/08/24 15:30:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Mozilla
[2011/08/24 15:28:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
[2011/08/24 15:26:27 | 012,500,752 | ---- | C] (SUPERAntiSpyware.com) -- C:\Documents and Settings\Owner\My Documents\SUPERAntiSpyware.exe
[2009/01/16 16:19:00 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\Interop.IWshRuntimeLibrary.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/08/26 09:54:37 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-4283021946-3646181656-3495054330-1003.job
[2011/08/26 09:54:37 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-4283021946-3646181656-3495054330-1003.job
[2011/08/26 09:53:35 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/08/26 09:44:45 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-4283021946-3646181656-3495054330-1005.job
[2011/08/26 09:44:45 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-4283021946-3646181656-3495054330-1004.job
[2011/08/26 09:44:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/08/26 09:44:05 | 1063,202,816 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/26 09:26:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4283021946-3646181656-3495054330-1003UA.job
[2011/08/26 09:18:25 | 000,569,856 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\RogueKiller.exe
[2011/08/26 05:02:49 | 017,010,152 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\SAS_901056.COM
[2011/08/26 04:57:22 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\mbam-setup-1.51.1.1800.exe
[2011/08/26 01:39:08 | 097,226,752 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\VIPRERescue10263.exe
[2011/08/26 01:23:27 | 001,008,092 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\WiNlOgOn.exe
[2011/08/26 01:18:09 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\firefox.exe
[2011/08/26 00:56:53 | 000,130,968 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\yj4cwarve.exe
[2011/08/26 00:51:09 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Owner\Desktop\jugsrz3tur.exe
[2011/08/26 00:40:23 | 001,008,092 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\uSeRiNiT.exe
[2011/08/26 00:31:39 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\exeHelper.scr
[2011/08/26 00:24:16 | 000,294,400 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\explorer.exe
[2011/08/26 00:14:37 | 001,008,092 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\rkill.exe
[2011/08/25 23:59:58 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.com
[2011/08/25 23:56:28 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.scr
[2011/08/25 14:56:43 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/25 14:32:27 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\My Documents\OTL.exe
[2011/08/24 15:27:15 | 000,001,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/08/24 15:26:27 | 012,500,752 | ---- | M] (SUPERAntiSpyware.com) -- C:\Documents and Settings\Owner\My Documents\SUPERAntiSpyware.exe
[2011/08/24 15:26:24 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/08/24 15:26:06 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-4283021946-3646181656-3495054330-1003Core.job
[2011/08/24 15:13:46 | 000,001,158 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/08/26 09:19:02 | 000,002,341 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\eSobi v2.lnk
[2011/08/26 09:19:02 | 000,001,861 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MSN Installer.lnk
[2011/08/26 09:19:02 | 000,001,812 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Epson Easy Photo Print.lnk
[2011/08/26 09:19:02 | 000,001,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Office 60 Day Trial - Online.lnk
[2011/08/26 09:19:02 | 000,001,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nokia Ovi Suite.lnk
[2011/08/26 09:19:02 | 000,001,767 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nokia PC Suite.lnk
[2011/08/26 09:19:02 | 000,001,738 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2011/08/26 09:19:02 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Virtual Technician.lnk
[2011/08/26 09:19:02 | 000,001,732 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Carbonite Online Backup Setup.lnk
[2011/08/26 09:19:02 | 000,001,711 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011/08/26 09:19:02 | 000,001,682 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011/08/26 09:19:02 | 000,001,457 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acer VCM.lnk
[2011/08/26 09:19:02 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\RealPlayer SP.lnk
[2011/08/26 09:19:02 | 000,000,889 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2011/08/26 09:19:02 | 000,000,886 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Works.lnk
[2011/08/26 09:19:02 | 000,000,871 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2011/08/26 09:19:02 | 000,000,821 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Epson NX410 Series Info Center.lnk
[2011/08/26 09:19:02 | 000,000,819 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/08/26 09:19:02 | 000,000,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MAGIX FunPix Maker.lnk
[2011/08/26 09:19:02 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/08/26 09:19:02 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/26 09:19:02 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Movie Maker.lnk
[2011/08/26 09:19:02 | 000,000,669 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EPSON Scan.lnk
[2011/08/26 09:19:02 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/08/26 09:19:02 | 000,000,179 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Epson CreativeZone.url
[2011/08/26 09:19:02 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/08/26 09:19:01 | 000,002,391 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2011/08/26 09:19:01 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Works Task Launcher.lnk
[2011/08/26 09:18:59 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2011/08/26 09:18:59 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Acrobat.com.lnk
[2011/08/26 09:18:20 | 000,569,856 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\RogueKiller.exe
[2011/08/26 05:02:49 | 017,010,152 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\SAS_901056.COM
[2011/08/26 01:39:08 | 097,226,752 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\VIPRERescue10263.exe
[2011/08/26 01:25:50 | 001,008,092 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\uSeRiNiT.exe
[2011/08/26 01:23:21 | 001,008,092 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\WiNlOgOn.exe
[2011/08/26 01:07:56 | 1063,202,816 | -HS- | C] () -- C:\hiberfil.sys
[2011/08/26 00:56:53 | 000,130,968 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\yj4cwarve.exe
[2011/08/26 00:31:38 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\exeHelper.scr
[2011/08/26 00:24:15 | 000,294,400 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\explorer.exe
[2011/08/26 00:14:32 | 001,008,092 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\rkill.exe
[2011/06/18 14:14:53 | 000,000,208 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~25681700
[2011/06/18 14:14:53 | 000,000,152 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~25681700r
[2011/06/18 14:13:48 | 000,000,336 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\25681700
[2011/05/01 17:01:14 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/05/01 17:01:14 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2010/09/25 09:00:12 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/02/26 17:03:35 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2010/02/26 17:02:35 | 000,006,211 | -H-- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/11/12 02:50:04 | 000,000,097 | -H-- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/11/12 02:50:03 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2009/11/12 02:50:03 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2009/11/12 02:50:03 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2009/11/12 02:50:03 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2009/11/12 02:50:03 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2009/11/12 02:50:03 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2009/11/12 02:50:03 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2009/11/12 02:50:03 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2009/11/12 02:50:03 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2009/11/12 02:50:03 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2009/11/12 02:50:03 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2009/11/12 02:50:03 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2009/11/12 02:50:03 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2009/11/12 02:50:03 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2009/11/12 02:50:03 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2009/11/12 02:46:55 | 000,000,044 | -H-- | C] () -- C:\WINDOWS\EPNX410.ini
[2009/10/25 20:21:49 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\CNMVS5u.DLL
[2009/10/21 16:08:21 | 000,017,478 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\wklnhst.dat
[2009/10/21 15:51:37 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\Desktop_.ini
[2009/02/24 04:37:32 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LauncheRyDiscCalc.exe
[2009/01/16 18:24:45 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2009/01/16 17:27:38 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2009/01/16 17:24:55 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\rtkhdaud.dat
[2009/01/16 16:37:00 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2009/01/16 16:37:00 | 000,006,782 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009/01/16 16:36:07 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/01/16 16:32:20 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/01/16 16:31:35 | 000,001,793 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009/01/16 16:18:51 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2009/01/16 16:18:50 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2009/01/16 16:18:50 | 000,434,712 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2009/01/16 16:18:50 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2009/01/16 16:18:50 | 000,068,832 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2009/01/16 16:18:50 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2009/01/16 16:18:50 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2009/01/16 16:18:49 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2009/01/16 16:18:48 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2009/01/16 16:18:48 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2009/01/16 16:18:45 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2009/01/16 16:18:43 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2009/01/16 08:29:22 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/01/16 08:28:39 | 000,248,696 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
========== LOP Check ========== [2010/07/28 07:40:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/07/28 07:47:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/10/21 15:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Broadcom
[2009/10/20 22:39:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Carbonite
[2009/11/12 02:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2009/01/16 18:01:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eSobi
[2010/10/28 04:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FunGames
[2010/12/23 15:01:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2010/02/26 17:04:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2011/01/06 15:09:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2010/12/23 15:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/11/12 02:57:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2010/10/28 04:39:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WorldWinner
[2009/11/21 20:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Acer
[2011/01/16 20:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\PC Suite
[2010/09/29 19:47:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\David\Application Data\Template
[2009/11/01 01:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2009/01/16 18:02:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Acer
[2010/03/04 19:25:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\AVG9
[2010/09/29 09:46:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/12/23 11:52:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Dropbox
[2010/02/05 23:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\EPSON
[2009/10/20 20:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\eSobi
[2009/11/12 02:59:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Leadertech
[2010/02/26 17:04:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\MAGIX
[2010/12/23 15:06:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Nokia
[2010/12/23 15:05:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\PC Suite
[2011/04/12 21:18:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\Template
[2009/11/21 20:07:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\Acer
[2010/03/05 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\AVG9
[2011/01/11 11:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Shane\Application Data\PC Suite
[2011/06/18 14:08:27 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 05:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2011/01/16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX1\procs\explorer.exe
[2011/01/16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX2\procs\explorer.exe
[2011/01/16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX3\procs\explorer.exe
[2011/01/16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX4\procs\explorer.exe
[2011/01/16 16:55:21 | 000,255,488 | ---- | M] () MD5=3C33B26F2F7FA61D882515F2D6078691 -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX5\procs\explorer.exe
[2005/08/16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX1\h\explorer.exe
[2005/08/16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX2\h\explorer.exe
[2005/08/16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX3\h\explorer.exe
[2005/08/16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX4\h\explorer.exe
[2005/08/16 02:54:58 | 000,001,536 | ---- | M] () MD5=ABC6379205DE2618851C4FCBF72112EB -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX5\h\explorer.exe
[2011/08/26 00:24:16 | 000,294,400 | ---- | M] () MD5=BCA8A954D37665FB19391C9A573AB283 -- C:\Documents and Settings\Owner\Desktop\explorer.exe
< MD5 for: SVCHOST.EXE >[2008/04/14 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008/04/14 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=27C6D03BCDB8CFEB96B716F3D8BE3E18 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: USERINIT.EXE >[2011/08/26 00:40:23 | 001,008,092 | ---- | M] () MD5=645A8F39A10306D50382EB49A6C49AAB -- C:\Documents and Settings\Owner\Desktop\uSeRiNiT.exe
[2008/04/14 05:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 05:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX1\userinit.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX2\userinit.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX3\userinit.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX4\userinit.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX5\userinit.exe
< MD5 for: WINLOGON.EXE >[2011/08/26 01:23:27 | 001,008,092 | ---- | M] () MD5=645A8F39A10306D50382EB49A6C49AAB -- C:\Documents and Settings\Owner\Desktop\WiNlOgOn.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX1\winlogon.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX2\winlogon.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX3\winlogon.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX4\winlogon.exe
[2009/05/26 19:47:22 | 000,031,232 | ---- | M] (NirSoft) MD5=AC6094297CD882B8626466CDEB64F19F -- C:\Documents and Settings\Owner\Local Settings\Temp\RarSFX5\winlogon.exe
[2008/04/14 05:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008/04/14 05:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< >< End of report >
Gotta go to work. I'll be back about 3pm and hopefully can get the other report then.
Edited by tamarac, 26 August 2011 - 11:37 AM.