Some of the steps done throughout most of this last 16hrs were:
1. Used for over a period of 5hrs the Symantec Antivirus/Spyware full scan, Spybot Search & Destroy & Adware
2. Finally found the Geeks2Go website with invaluable info on how-to-remove malware (worms/Trojans)
3. Ran first the TFC which cleaned about 630MB
4. Ran the OTL and got the following txt:
3:12 AM 11/30/2009 OTL logfile created on: 11/30/2009 3:02:27 AM - Run 1
OTL by OldTimer - Version 3.1.11.3 Folder = C:\Documents and Settings\lilia\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 48.04% Memory free
3.85 Gb Paging File | 2.78 Gb Available in Paging File | 72.37% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.79 Gb Total Space | 93.34 Gb Free Space | 83.50% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: LNG
Current User Name: lilia
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2009/11/30 02:32:17 | 00,536,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lilia\Desktop\OTL.exe
PRC - [2009/07/25 04:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/07/25 04:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/04/17 02:35:18 | 00,408,424 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
PRC - [2009/03/08 13:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/05 15:07:20 | 02,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/02/11 15:36:45 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/01/20 14:01:41 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2008/10/14 20:38:56 | 00,623,992 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PRC - [2008/09/11 17:50:46 | 02,436,536 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/09/04 15:44:20 | 01,439,040 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2008/09/04 15:44:18 | 01,787,200 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2008/08/20 16:38:30 | 00,860,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/08/20 16:28:34 | 00,348,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
PRC - [2008/08/20 16:27:36 | 01,368,064 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
PRC - [2008/08/20 16:18:34 | 00,905,216 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PRC - [2008/08/20 16:09:12 | 01,191,936 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2008/08/20 16:08:02 | 00,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/08/14 14:45:52 | 00,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2008/08/14 14:45:28 | 00,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2008/04/13 16:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/22 05:46:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2007/07/31 22:10:04 | 00,065,536 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2007/07/30 22:54:38 | 02,158,592 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2007/07/20 16:48:00 | 02,170,880 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
PRC - [2007/07/20 16:30:28 | 00,311,296 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
PRC - [2007/07/02 13:29:22 | 00,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/06/06 16:44:44 | 00,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/05/22 14:18:56 | 00,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/05/10 10:23:50 | 00,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\stacsv.exe
PRC - [2007/05/10 10:22:32 | 00,405,504 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
PRC - [2006/12/18 15:22:14 | 00,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2006/11/03 18:02:14 | 00,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2006/11/02 14:05:50 | 00,282,624 | ---- | M] (Knowles Acoustics) -- C:\WINDOWS\system32\KADxMain.exe
PRC - [2006/10/27 20:13:48 | 00,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2006/09/28 21:08:46 | 00,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2006/09/08 15:10:22 | 00,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2006/01/23 23:14:10 | 00,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2005/09/08 05:20:00 | 00,122,940 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLACTRLW.EXE
PRC - [2004/08/04 02:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe
PRC - [2004/07/27 16:50:18 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
========== Modules (SafeList) ==========
MOD - [2009/11/30 02:32:17 | 00,536,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lilia\Desktop\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - File not found -- -- (gusvc)
SRV - [2009/07/25 04:23:10 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/01/20 14:01:41 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/09/11 17:50:46 | 02,436,536 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008/09/04 15:44:18 | 01,787,200 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2008/09/04 15:19:46 | 00,312,720 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2008/08/20 16:38:30 | 00,860,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/08/20 16:28:34 | 00,348,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2008/08/20 16:18:34 | 00,905,216 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2008/08/20 16:08:02 | 00,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/08/14 14:45:28 | 00,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/08/14 14:45:28 | 00,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/06/30 16:36:35 | 03,093,872 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2008/02/22 05:46:00 | 00,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2007/05/10 10:23:50 | 00,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\stacsv.exe -- (STacSV)
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - [2009/09/17 00:00:00 | 01,323,568 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20091129.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2009/09/17 00:00:00 | 00,084,912 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20091129.002\NAVENG.SYS -- (NAVENG)
DRV - [2009/08/28 00:00:00 | 00,371,248 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/08/28 00:00:00 | 00,102,448 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/04/20 22:12:14 | 00,149,768 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\WpsHelper.sys -- (WpsHelper)
DRV - [2009/04/19 21:39:57 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2009/01/19 16:46:44 | 00,123,952 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/12/22 10:06:02 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2008/12/22 10:05:58 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/09/04 15:47:26 | 00,091,968 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys -- (SysPlant)
DRV - [2008/09/04 15:45:36 | 00,041,792 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2008/08/28 23:34:30 | 03,632,384 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2008/08/21 11:13:56 | 00,191,536 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2008/08/21 11:13:56 | 00,027,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2008/08/15 10:41:08 | 00,317,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2008/08/15 10:41:08 | 00,043,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2008/08/15 10:41:06 | 00,279,600 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2008/08/04 11:32:26 | 00,011,904 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2008/07/30 17:42:12 | 00,023,888 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2008/07/10 03:57:56 | 00,049,536 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2008/06/20 03:08:27 | 00,225,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008/06/16 16:53:14 | 00,420,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2008/04/13 08:39:15 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/04/13 08:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/22 05:46:00 | 06,658,592 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/12/23 17:18:48 | 00,068,696 | ---- | M] (O2Micro) -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007/08/02 17:35:12 | 00,989,952 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007/08/02 17:34:30 | 00,211,200 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/08/02 17:34:26 | 00,731,136 | R--- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007/06/25 18:53:10 | 00,155,136 | ---- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/06/11 14:25:00 | 00,041,856 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/05/24 14:27:00 | 00,064,000 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/05/10 10:24:34 | 01,222,840 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/04/24 13:20:00 | 00,113,920 | ---- | M] (TOSHIBA CORPORATION) -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007/04/03 08:32:38 | 00,046,992 | ---- | M] (UPEK Inc.) -- C:\WINDOWS\system32\drivers\tcusb.sys -- (TcUsb)
DRV - [2007/03/01 16:53:00 | 00,073,728 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007/02/16 15:46:00 | 00,160,256 | R--- | M] (Broadcom Corporation) -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/11/20 17:55:00 | 00,036,480 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006/11/02 12:32:32 | 00,097,536 | ---- | M] (Knowles Acoustics) -- C:\WINDOWS\system32\drivers\dxec01.sys -- (DXEC01)
DRV - [2006/10/10 19:33:00 | 00,041,600 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/06/19 14:26:58 | 00,012,672 | R--- | M] (Conexant) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2006/06/14 11:53:00 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2005/09/12 03:30:00 | 00,089,264 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/09/08 05:20:00 | 00,094,332 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/09/08 05:20:00 | 00,087,036 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/09/08 05:20:00 | 00,086,524 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/09/08 05:20:00 | 00,025,628 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/09/08 05:20:00 | 00,014,684 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/09/08 05:20:00 | 00,006,364 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/09/08 05:20:00 | 00,002,496 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/08/25 12:16:52 | 00,005,628 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 12:16:16 | 00,022,684 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/12 05:20:00 | 00,040,544 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2005/01/26 02:03:00 | 00,020,576 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2005/01/06 13:42:00 | 00,018,612 | ---- | M] (TOSHIBA Corporation.) -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/12/13 13:14:00 | 00,039,904 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\drivers\cercsr6.sys -- (cercsr6)
DRV - [2004/08/04 02:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.flashcatch.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..network.proxy.type: 2
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/11/11 10:24:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/11 10:24:57 | 00,000,000 | ---D | M]
[2009/07/11 21:05:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\lilia\Application Data\Mozilla\Extensions
[2009/07/11 21:05:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\lilia\Application Data\Mozilla\Extensions\[email protected]
[2009/11/29 19:05:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\lilia\Application Data\Mozilla\Firefox\Profiles\w6gx50fq.default\extensions
[2009/11/29 19:15:45 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\DLA\DLASHX_W.DLL (Sonic Solutions)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {10CECF4F-A96E-4803-8AC2-F565FB29FF47} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DLA] C:\WINDOWS\system32\DLA\DLACTRLW.EXE (Sonic Solutions)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe (Intel® Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe (Knowles Acoustics)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetActiveDesktop = 1
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1232415141156 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/19 16:20:31 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/02/28 13:58:46 | 00,000,000 | ---D | M] - C:\AUTOTECH -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/11/30 02:32:14 | 00,536,064 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\lilia\Desktop\OTL.exe
[2009/11/30 02:31:33 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\lilia\Desktop\RootRepeal.exe
[2009/11/30 02:30:49 | 04,045,536 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\lilia\Desktop\mbam-setup.exe
[2009/11/30 02:24:02 | 00,341,504 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\lilia\Desktop\TFC.exe
[2009/11/29 22:05:29 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/11/29 22:04:58 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2009/11/12 17:03:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\lilia\Televisa HD para U.S.A y sus Territorios
[2009/04/19 20:32:27 | 03,796,127 | ---- | C] (Robert Amlung ) -- C:\Program Files\what_watch_setup.exe
[2009/04/19 20:28:38 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\Program Files\cleanmgr.exe
[3 C:\Documents and Settings\lilia\Desktop\*.tmp files -> C:\Documents and Settings\lilia\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\lilia\My Documents\*.tmp files -> C:\Documents and Settings\lilia\My Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2009/11/30 02:52:30 | 00,883,847 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\WormMalawareProb.docx
[2009/11/30 02:51:14 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\lilia\My Documents\~$rmMalawareProb.docx
[2009/11/30 02:50:53 | 00,000,589 | ---- | M] () -- C:\Documents and Settings\lilia\Desktop\WormMalawareProb.lnk
[2009/11/30 02:49:28 | 00,027,839 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2009/11/30 02:47:33 | 00,512,960 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/30 02:47:33 | 00,435,828 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/30 02:47:33 | 00,068,558 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/30 02:44:01 | 00,169,472 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2009/11/30 02:43:48 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/11/30 02:43:04 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/30 02:42:55 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/30 02:42:52 | 21,453,49632 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/30 02:42:21 | 03,407,872 | -H-- | M] () -- C:\Documents and Settings\lilia\NTUSER.DAT
[2009/11/30 02:42:13 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\lilia\ntuser.ini
[2009/11/30 02:32:17 | 00,536,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lilia\Desktop\OTL.exe
[2009/11/30 02:31:37 | 00,472,064 | ---- | M] ( ) -- C:\Documents and Settings\lilia\Desktop\RootRepeal.exe
[2009/11/30 02:30:49 | 04,045,536 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\lilia\Desktop\mbam-setup.exe
[2009/11/30 02:24:05 | 00,341,504 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\lilia\Desktop\TFC.exe
[2009/11/30 01:50:15 | 05,890,030 | -H-- | M] () -- C:\Documents and Settings\lilia\Local Settings\Application Data\IconCache.db
[2009/11/29 23:11:09 | 02,970,670 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\Split Screen 1Error aftr new screen Reinstalled on 40709 --4.8.09.docx
[2009/11/29 23:09:45 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\24464.exe
[2009/11/29 22:49:44 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26962.exe
[2009/11/29 22:40:56 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\lilia\Desktop\~$rmMalawareProb.docx
[2009/11/29 22:31:27 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\lilia\Desktop\~$lit Screen 1Error aftr new screen Reinstalled on 40709 --4.8.09.docx
[2009/11/29 22:29:44 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\29358.exe
[2009/11/29 22:22:50 | 00,501,736 | ---- | M] () -- C:\Documents and Settings\lilia\Desktop\LopSD.exe
[2009/11/29 22:13:51 | 03,571,933 | ---- | M] () -- C:\Documents and Settings\lilia\Desktop\ComboFix.exe
[2009/11/29 22:09:43 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\11478.exe
[2009/11/29 21:54:01 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\lilia\Desktop\~$lit Screen Error aftr new screen Reinstalled on 40709 --4.8.09.docx
[2009/11/29 21:49:42 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\15724.exe
[2009/11/29 21:29:40 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\19169.exe
[2009/11/29 21:09:39 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\26500.exe
[2009/11/29 20:49:38 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\6334.exe
[2009/11/29 20:35:16 | 00,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0098EB33-132A-4486-8FE4-0AB53432851A}.job
[2009/11/29 20:29:37 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\18467.exe
[2009/11/29 20:25:19 | 00,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/11/29 20:09:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\winhelper86.dll
[2009/11/29 20:09:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\AVR10.exe
[2009/11/29 20:09:35 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\41.exe
[2009/11/29 20:04:07 | 02,381,336 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\Split Screen Error aftr new screen Reinstalled on 40709 --4.8.09.docx
[2009/11/29 17:47:38 | 00,013,216 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\Spybot Nov29.09sun scan report.pdf
[2009/11/29 15:48:00 | 00,000,001 | ---- | M] () -- C:\s
[2009/11/29 15:47:48 | 00,018,944 | ---- | M] () -- C:\WINDOWS\System32\winlogon86.exe
[2009/11/29 14:00:20 | 00,027,839 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2009/11/28 10:47:07 | 00,018,469 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\BLACKBERRYS.docx
[2009/11/28 10:21:14 | 00,190,244 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\2009 EYE OPENERS.docx
[2009/11/24 22:45:05 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/11/23 17:16:00 | 00,045,671 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\VOCABULARY LEXICON.docx
[2009/11/19 18:56:46 | 00,448,792 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\Reserv HIexpComf GP-LXN07244.docx
[2009/11/19 18:38:09 | 00,397,824 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\CL.JobsJune2009.doc
[2009/11/19 18:37:04 | 00,865,800 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\Rooms2Share 2009.docx
[2009/11/16 14:33:35 | 00,055,110 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\TRUFFLES.docx
[2009/11/15 13:46:15 | 00,013,909 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\Teeth Cleaning.docx
[2009/11/15 12:24:41 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\lilia\My Documents\~$09 EYE OPENERS.docx
[2009/11/15 02:41:18 | 00,017,344 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\LYRICS - Time to say Good.docx
[2009/11/12 16:31:32 | 00,049,371 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\15 Tricky Interview Questions.docx
[2009/11/11 10:22:45 | 00,268,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/11/09 17:02:37 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\lilia\Desktop\~$.JobsJune2009.doc
[2009/11/09 15:40:10 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\lilia\My Documents\~$ Tricky Interview Questions.docx
[2009/11/09 14:41:45 | 00,011,755 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\Staffing Agencies.docx
[2009/11/09 12:27:50 | 00,017,037 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\Vanished Persian army said found in desert.docx
[2009/11/09 10:46:42 | 00,000,721 | ---- | M] () -- C:\Documents and Settings\lilia\Desktop\Melissa Camille.lnk
[2009/11/08 16:11:51 | 00,056,138 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\2009 Oct Staying Renting Tenant tips.pdf
[2009/11/05 07:58:30 | 00,088,064 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\Reserv CI-HIExp 2009.docx
[2009/11/04 18:02:13 | 00,635,558 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\2008-2009 HOUSING BUST.docx
[2009/11/04 18:01:50 | 00,137,884 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\Silicon Valley LuxHomes Sales UP Jul2009.docx
[2009/11/02 17:13:06 | 00,411,397 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\SteveJobs ICON Revealed - March 5 2008.docx
[2009/11/02 16:51:56 | 00,051,726 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\ChronicleNews - 100 Servers Tips.docx
[2009/11/01 19:01:58 | 00,000,162 | -H-- | M] () -- C:\Documents and Settings\lilia\My Documents\~$ronicleNews - 100 Servers Tips.docx
[2009/10/31 18:54:43 | 00,000,619 | ---- | M] () -- C:\Documents and Settings\lilia\Desktop\JOURNAL 10.31.2009 SAT.lnk
[2009/10/31 18:05:58 | 00,011,346 | ---- | M] () -- C:\Documents and Settings\lilia\My Documents\JOURNAL 10.31.2009 SAT.docx
[3 C:\Documents and Settings\lilia\Desktop\*.tmp files -> C:\Documents and Settings\lilia\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\lilia\My Documents\*.tmp files -> C:\Documents and Settings\lilia\My Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2009/11/30 02:51:14 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\lilia\My Documents\~$rmMalawareProb.docx
[2009/11/30 02:49:33 | 00,000,589 | ---- | C] () -- C:\Documents and Settings\lilia\Desktop\WormMalawareProb.lnk
[2009/11/29 23:09:45 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\24464.exe
[2009/11/29 22:49:44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26962.exe
[2009/11/29 22:40:56 | 00,883,847 | ---- | C] () -- C:\Documents and Settings\lilia\My Documents\WormMalawareProb.docx
[2009/11/29 22:40:56 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\lilia\Desktop\~$rmMalawareProb.docx
[2009/11/29 22:31:27 | 02,970,670 | ---- | C] () -- C:\Documents and Settings\lilia\My Documents\Split Screen 1Error aftr new screen Reinstalled on 40709 --4.8.09.docx
[2009/11/29 22:31:27 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\lilia\Desktop\~$lit Screen 1Error aftr new screen Reinstalled on 40709 --4.8.09.docx
[2009/11/29 22:29:44 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\29358.exe
[2009/11/29 22:22:45 | 00,501,736 | ---- | C] () -- C:\Documents and Settings\lilia\Desktop\LopSD.exe
[2009/11/29 22:13:51 | 03,571,933 | ---- | C] () -- C:\Documents and Settings\lilia\Desktop\ComboFix.exe
[2009/11/29 21:54:01 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\lilia\Desktop\~$lit Screen Error aftr new screen Reinstalled on 40709 --4.8.09.docx
[2009/11/29 17:54:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\winhelper86.dll
[2009/11/29 17:54:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\AVR10.exe
[2009/11/29 17:49:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\11478.exe
[2009/11/29 17:47:38 | 00,013,216 | ---- | C] () -- C:\Documents and Settings\lilia\My Documents\Spybot Nov29.09sun scan report.pdf
[2009/11/29 17:29:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\15724.exe
[2009/11/29 17:09:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\19169.exe
[2009/11/29 16:49:07 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\26500.exe
[2009/11/29 16:29:06 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\6334.exe
[2009/11/29 16:09:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\18467.exe
[2009/11/29 15:49:03 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\41.exe
[2009/11/29 15:48:00 | 00,000,001 | ---- | C] () -- C:\s
[2009/11/29 15:47:53 | 00,018,944 | ---- | C] () -- C:\WINDOWS\System32\winlogon86.exe
[2009/11/28 10:38:57 | 00,018,469 | ---- | C] () -- C:\Documents and Settings\lilia\My Documents\BLACKBERRYS.docx
[2009/11/16 14:33:35 | 00,055,110 | ---- | C] () -- C:\Documents and Settings\lilia\My Documents\TRUFFLES.docx
[2009/11/16 09:21:49 | 00,045,671 | ---- | C] () -- C:\Documents and Settings\lilia\My Documents\VOCABULARY LEXICON.docx
[2009/11/15 13:30:47 | 00,013,909 | ---- | C] () -- C:\Documents and Settings\lilia\My Documents\Teeth Cleaning.docx
[2009/11/15 12:24:41 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\lilia\My Documents\~$09 EYE OPENERS.docx
[2009/11/09 17:02:37 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\lilia\Desktop\~$.JobsJune2009.doc
[2009/11/09 15:40:10 | 00,049,371 | ---- | C] () -- C:\Documents and Settings\lilia\My Documents\15 Tricky Interview Questions.docx
[2009/11/09 15:40:10 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\lilia\My Documents\~$ Tricky Interview Questions.docx
[2009/11/09 14:41:44 | 00,011,755 | ---- | C] () -- C:\Documents and Settings\lilia\My Documents\Staffing Agencies.docx
[2009/11/09 12:27:49 | 00,017,037 | ---- | C] () -- C:\Documents and Settings\lilia\My Documents\Vanished Persian army said found in desert.docx
[2009/11/09 10:46:21 | 00,000,721 | ---- | C] () -- C:\Documents and Settings\lilia\Desktop\Melissa Camille.lnk
[2009/11/08 16:11:51 | 00,056,138 | ---- | C] () -- C:\Documents and Settings\lilia\My Documents\2009 Oct Staying Renting Tenant tips.pdf
[2009/11/01 19:01:58 | 00,000,162 | -H-- | C] () -- C:\Documents and Settings\lilia\My Documents\~$ronicleNews - 100 Servers Tips.docx
[2009/11/01 19:01:57 | 00,051,726 | ---- | C] () -- C:\Documents and Settings\lilia\My Documents\ChronicleNews - 100 Servers Tips.docx
[2009/10/31 18:54:17 | 00,000,619 | ---- | C] () -- C:\Documents and Settings\lilia\Desktop\JOURNAL 10.31.2009 SAT.lnk
[2009/10/31 18:01:15 | 00,011,346 | ---- | C] () -- C:\Documents and Settings\lilia\My Documents\JOURNAL 10.31.2009 SAT.docx
[2009/08/03 14:07:42 | 00,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/04/19 20:45:44 | 00,000,111 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2009/04/19 20:45:44 | 00,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2009/04/19 20:45:44 | 00,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2009/04/19 20:28:44 | 17,073,673 | ---- | C] () -- C:\Program Files\plr2hq.exe
[2009/02/28 13:58:43 | 00,000,035 | ---- | C] () -- C:\WINDOWS\atechloc.ini
[2009/02/28 13:58:33 | 00,000,083 | ---- | C] () -- C:\WINDOWS\atech.ini
[2009/01/21 07:54:04 | 00,012,288 | ---- | C] () -- C:\Documents and Settings\lilia\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/20 18:58:08 | 00,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2009/01/20 14:09:34 | 00,000,172 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009/01/19 16:50:20 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2009/01/19 16:50:20 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2009/01/19 16:50:19 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2009/01/19 16:50:18 | 01,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2005/11/18 10:47:26 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/09/02 14:44:08 | 00,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/22 21:30:20 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/07/20 17:04:02 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 14:43:28 | 00,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
< End of report >
5. Ran the RootRepeal and got a report txt
6. Ran the mbam-setup.exe and readied to run the app
7. After the requested reboot by the mbam app, I was wonderfully delighted that the windows came up speedily, with my original background screen, BUT THERE WAS NO VOLUME/SOUND ( tested by rebooting several times now while trying to check out the sound going to youtube clips of the Xfactor 2009.
PLEASE PLEASE PLEASE HELPME OUT
li669/WorriedRookie