Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Redirect Virus, and Trojan Virus [Closed]

Started by om20 , Oct 25 2011 12:14 AM

  • This topic is locked This topic is locked

#61
om20
Posted 18 December 2011 - 05:37 PM

om20

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
ok, I did it, and reseting it worked.
  • 0

Advertisements

#62
Render
Posted 18 December 2011 - 05:39 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
So you can browse with Internet Explorer normally?

What other problems are still evident?
  • 0

#63
om20
Posted 18 December 2011 - 05:48 PM

om20

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
yea, i seem to browse internet explorer normally. As for other problems.

Im not sure, sometimes it seems like eeverything is ok, then this window with apyware would come up out of no where..

but as of the last 5 minutes. everything seeeemmmssss ok.
  • 0

#64
Render
Posted 18 December 2011 - 05:55 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Apyware? Can you take a screen-shot of that window and post it here?

Please read here how to take it.
  • 0

#65
om20
Posted 18 December 2011 - 05:58 PM

om20

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
I meant "spyware". or what i believe to be as spyware.


I will get you a screenshot when it pops up again
  • 0

#66
Render
Posted 18 December 2011 - 06:00 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
OK.
  • 0

#67
om20
Posted 18 December 2011 - 06:27 PM

om20

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
it happened again. here is a screenshot.
  • 0

#68
om20
Posted 18 December 2011 - 06:29 PM

om20

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
not sure is the other attatched. but here is the attatchmentSS.jpg
  • 0

#69
Render
Posted 18 December 2011 - 06:41 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
OK. Please do the following:

Posted Image OTL Custom Scan

  • Double click on the Posted Image icon to run it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top, make sure Stadard output is selected.
  • Select Scan all users
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Custom Scans/Fixes box copy and paste this in:

    msconfig
safebootminimal
safebootnetwork
activex
netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%PROGRAMFILES%\*.*
%APPDATA%\*.*
%systemroot%\Tasks\*.job
C:\ProgramData\*.*
C:\Windows\System32\*.tmp
C:\Users\Enrique\AppData\Local\*.*
  • Click the Posted Image button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt in Notepad window.
  • Please copy (Edit->Select All, Edit->Copy) the content of this file and post it with your next reply.

  • 0

#70
om20
Posted 18 December 2011 - 07:08 PM

om20

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
I run the scan, but no new txt file opens
  • 0

Advertisements

#71
om20
Posted 18 December 2011 - 07:28 PM

om20

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
yeah, i ran the scan several times. but no new txt file opens. what can i do
  • 0

#72
Render
Posted 18 December 2011 - 07:33 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
File OTL.txt should be in same location as OTL.exe. So if you have OTL.exe on your desktop OTL.txt is also on desktop. Open it in Notepad select all and copy and paste in your next reply please.
  • 0

#73
om20
Posted 18 December 2011 - 07:49 PM

om20

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
no, nothing else opens up, there is an older one from the 14th on there, but I deleted it before.

But no new window pops up.

i dont know what to do
  • 0

#74
om20
Posted 18 December 2011 - 08:26 PM

om20

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
I tried restarting and running again, a few times. but still, nothing pops up at completion
  • 0

#75
om20
Posted 18 December 2011 - 08:51 PM

om20

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
wait, I got it!!!


OTL logfile created on: 12/18/2011 6:47:08 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Enrique\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.75 Gb Total Physical Memory | 5.21 Gb Available Physical Memory | 67.23% Memory free
15.50 Gb Paging File | 12.60 Gb Available in Paging File | 81.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 912.93 Gb Total Space | 779.55 Gb Free Space | 85.39% Space Free | Partition Type: NTFS
Drive D: | 4.09 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: ENRIQUE-PC | User Name: Enrique | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/18 16:21:20 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\Users\Enrique\AppData\Local\kqt.exe
PRC - [2011/12/13 16:13:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Enrique\Desktop\OTL.exe
PRC - [2011/05/10 04:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/05/10 04:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/02/14 17:32:52 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/07/27 01:47:14 | 000,315,392 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\McciServiceHost.exe
PRC - [2010/07/27 01:47:12 | 000,207,872 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
PRC - [2010/04/07 04:01:40 | 035,444,688 | ---- | M] (Adobe Systems, Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\Photoshop.exe
PRC - [2010/01/15 04:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/23 12:59:42 | 000,232,064 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
PRC - [2009/12/23 12:59:22 | 000,203,392 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\AsHookDevice.exe
PRC - [2009/08/31 11:06:22 | 000,144,672 | ---- | M] () -- C:\Program Files (x86)\Nova Development\Print Artist Gold\ReminderApp.exe
PRC - [2009/06/04 14:10:56 | 005,777,408 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2007/06/27 18:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/06/27 18:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2006/11/03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\Pac207\Monitor.exe
PRC - [2006/03/21 13:19:40 | 000,069,632 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/12 02:26:01 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5672e6b9d976feca51deb06d8dd1df0e\PresentationFramework.Aero.ni.dll
MOD - [2011/10/12 02:25:47 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\fd6d00c3c7d56a2e3651769081e8f412\System.EnterpriseServices.ni.dll
MOD - [2011/10/12 02:25:47 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\834be57d8ab824b4ebcbf01161791d70\System.Transactions.ni.dll
MOD - [2011/10/12 02:25:46 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\45a20172acfdcc160ecb6bd358179c31\System.Data.ni.dll
MOD - [2011/10/12 02:25:38 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\09e39322b47f9b4e8dd2199ff03acb2e\PresentationFramework.ni.dll
MOD - [2011/10/12 02:25:23 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll
MOD - [2011/10/12 02:25:16 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll
MOD - [2011/10/12 02:25:13 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\d2dc021a8311197516e4fa325b292f21\PresentationCore.ni.dll
MOD - [2011/10/12 02:25:03 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3136e12cfb8809d39813e76c766c782c\WindowsBase.ni.dll
MOD - [2011/10/12 02:24:58 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\275680f2b9db0501d53c50ea7d7a43f0\System.Xml.ni.dll
MOD - [2011/10/12 02:24:55 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll
MOD - [2011/10/12 02:24:54 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll
MOD - [2011/10/12 02:24:32 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/02/14 17:33:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/02/14 17:32:52 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/11/17 13:16:56 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010/04/07 02:34:46 | 000,033,280 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\QuickTimeGlue.dll
MOD - [2009/08/31 11:06:24 | 000,152,864 | ---- | M] () -- C:\Program Files (x86)\Nova Development\Print Artist Gold\en-US\ReminderApp.resources.dll
MOD - [2009/08/31 11:06:22 | 000,144,672 | ---- | M] () -- C:\Program Files (x86)\Nova Development\Print Artist Gold\ReminderApp.exe
MOD - [2009/08/31 11:06:22 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Nova Development\Print Artist Gold\AddressBookCore.dll
MOD - [2009/06/10 13:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/06/10 13:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/06/04 14:10:56 | 005,777,408 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
MOD - [2009/03/25 15:53:14 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
MOD - [2009/01/15 13:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
MOD - [2006/01/10 08:50:20 | 000,024,576 | ---- | M] () -- C:\Windows\SysWOW64\AsIO.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/05/10 04:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/01/24 18:57:23 | 001,315,592 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/11/15 10:08:10 | 005,716,848 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV:64bit: - [2010/08/04 01:51:22 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010/07/27 01:47:14 | 000,315,392 | ---- | M] (Alcatel-Lucent) [Auto | Running] -- C:\Program Files (x86)\Common Files\Motive\McciServiceHost.exe -- (McciServiceHost)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/01/15 04:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/12/23 12:59:22 | 000,203,392 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\AsHookDevice.exe -- (Device Handle Service)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 12:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/10/01 15:45:23 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/10 04:04:08 | 000,600,920 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/05/10 04:04:07 | 000,287,576 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/05/10 04:02:41 | 000,053,592 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/05/10 03:59:59 | 000,031,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/05/10 03:59:48 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/05/10 03:59:37 | 000,022,360 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/03/10 22:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/14 18:51:20 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/11/02 15:07:54 | 000,013,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2010/10/25 09:59:32 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2010/10/25 09:59:28 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/08/04 02:22:38 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/08/04 02:22:38 | 007,451,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/08/04 01:15:46 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/27 01:47:46 | 000,040,960 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Motive\MRESP50a64.sys -- (MRESP50a64)
DRV:64bit: - [2010/07/27 01:47:36 | 000,043,008 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50a64.sys -- (MREMP50a64)
DRV:64bit: - [2010/04/08 04:12:00 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009/12/22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/15 19:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/10 11:07:02 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/06/10 12:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 12:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/23 06:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/04 17:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2006/12/05 11:34:26 | 000,572,416 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PFC027.SYS -- (PAC207)
DRV - [2010/07/27 01:47:30 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/07/27 01:47:10 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/01/04 13:34:48 | 000,011,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys -- (ASInsHelp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9C DC 36 01 F3 D8 25 4E 8D D0 4C 4C CF AB 4F BA [binary data]

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 9C DC 36 01 F3 D8 25 4E 8D D0 4C 4C CF AB 4F BA [binary data]

IE - HKU\S-1-5-21-3354869186-130629379-3507963822-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com/
IE - HKU\S-1-5-21-3354869186-130629379-3507963822-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-3354869186-130629379-3507963822-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com/
IE - HKU\S-1-5-21-3354869186-130629379-3507963822-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3354869186-130629379-3507963822-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"


FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Enrique\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/03/05 15:20:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/03/05 15:20:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/05/29 23:18:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/12/17 10:31:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/15 18:36:51 | 000,000,000 | ---D | M]

[2010/12/28 20:06:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Enrique\AppData\Roaming\Mozilla\Extensions
[2011/12/13 16:58:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\p2uphuw6.default\extensions
[2011/12/12 09:02:14 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\p2uphuw6.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/02/03 13:57:43 | 000,000,903 | ---- | M] () -- C:\Users\Enrique\AppData\Roaming\Mozilla\Firefox\Profiles\p2uphuw6.default\searchplugins\conduit.xml
[2011/05/15 18:36:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\ENRIQUE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\P2UPHUW6.DEFAULT\EXTENSIONS\[email protected]
[2011/12/17 10:31:06 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/12/17 10:31:04 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/12/17 10:31:04 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - Extension: No name found = C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: No name found = C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1125_0\
CHR - Extension: No name found = C:\Users\Enrique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\

O1 HOSTS File: ([2011/12/18 14:38:26 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files (x86)\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files (x86)\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3354869186-130629379-3507963822-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3354869186-130629379-3507963822-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ATT-SST_McciTrayApp] C:\Program Files\ATT-SST\McciTrayApp.exe (Alcatel-Lucent)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [AddressBookReminderApp] C:\Program Files (x86)\Nova Development\Print Artist Gold\ReminderApp.exe ()
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-3354869186-130629379-3507963822-1001..\Run: [AdobeUpdater6] C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-3354869186-130629379-3507963822-1001..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-3354869186-130629379-3507963822-1001..\Run: [Facebook Update] C:\Users\Enrique\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\__aswSnx private storage\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3354869186-130629379-3507963822-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3354869186-130629379-3507963822-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-3354869186-130629379-3507963822-1001\..Trusted Domains: $talisma_url$ ([]https in Trusted sites)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zon...S.cab109791.cab ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC411A11-3342-46A9-9EF4-906B6B494DDB}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-3354869186-130629379-3507963822-1001..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-3354869186-130629379-3507963822-1001\...exe [@ = 8y] -- "C:\Users\Enrique\AppData\Local\kqt.exe" -a "%1" %* (Microsoft Corporation)


SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: BFE - Service
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MPSSvc - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {096815BD-C44A-68EF-3F39-0628F60D30BE} - Browser Customizations
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2666CE20-59C3-0BCB-73AD-8BCC1DB3ED71} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {55545703-EA70-7F90-8591-0725C0FA6DB3} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {998369A5-7E4B-71B7-AAFF-AF6F9805245F} - Internet Explorer
ActiveX:64bit: {BB2D55C5-F009-1CAC-0AE5-31D9FCBBD5F0} - Internet Explorer
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4717ECA4-3E89-41C1-07B3-91BC1B236945} - Microsoft Windows Media Player 12.0
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - Reg Error: Value error.
ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} - Reg Error: Value error.
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

========== Files/Folders - Created Within 30 Days ==========

[2011/12/18 16:21:30 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\Users\Enrique\Documents\sP4O1Dk5G.exe
[2011/12/18 16:21:20 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\Users\Enrique\AppData\Local\kqt.exe
[2011/12/18 14:38:30 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011/12/18 14:28:29 | 004,343,835 | R--- | C] (Swearware) -- C:\Users\Enrique\Desktop\Combo-Fix.exe
[2011/12/16 14:56:15 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Enrique\Desktop\dds.scr
[2011/12/14 21:55:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/12/14 21:55:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/12/14 21:55:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/12/14 19:54:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/14 19:54:25 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/14 19:54:25 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/14 19:54:24 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/12/14 19:54:24 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/12/14 19:54:24 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/12/14 19:54:24 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/12/14 19:54:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/14 19:54:24 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/14 19:54:24 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/14 19:54:24 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/14 19:54:24 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/14 19:54:24 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/12/14 19:54:24 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/12/14 19:54:24 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/12/14 19:54:24 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/12/14 19:54:15 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/14 19:54:15 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/14 09:20:05 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/12/13 16:13:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Enrique\Desktop\OTL.exe
[2011/12/13 08:05:39 | 001,577,264 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Enrique\Desktop\tdsskiller.exe
[2011/12/13 07:51:50 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{8ED9C195-311B-437E-AA85-0BB046F352AC}
[2011/12/13 07:51:38 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{9D1EE98A-C69D-4ED2-AA81-33588B64F136}
[2011/12/12 14:48:12 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{3160580E-E4A6-40AA-85F1-D4C9758DB65F}
[2011/12/12 14:47:59 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{B16CE6D1-DA6D-4A08-B8E8-042800392BE6}
[2011/12/12 08:19:40 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{32F10E2E-41FA-4E77-AF4C-4A701811EFC8}
[2011/12/12 08:19:27 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{C2407592-3EA6-4E7B-9044-647DCF682CD0}
[2011/12/11 17:43:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011/12/11 13:12:53 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{D4E8C539-65E0-4C7D-A4D9-B8F54C198A63}
[2011/12/11 13:12:31 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{051B2991-AABE-452A-9634-50DE1A668D4F}
[2011/12/11 09:06:26 | 000,080,896 | ---- | C] (maliprog) -- C:\Users\Enrique\Desktop\getpartitions.exe
[2011/12/11 08:17:20 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{DCDAFF2D-DE03-45A0-A063-A6433CAA122B}
[2011/12/11 08:17:05 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{1E366661-E865-4716-ABEE-5804E9DD3D6E}
[2011/12/11 01:00:05 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{56E0CAA8-1081-45AD-84B0-2B1F7EE6442A}
[2011/12/11 00:59:43 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{AA523640-6424-448A-A99B-7D0CFDCFD57A}
[2011/12/10 08:32:09 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{84D142E9-FAC3-4942-81DD-6145675D6D0A}
[2011/12/10 08:31:53 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{D67981F3-C854-43E2-9E7E-CB7F6A482B42}
[2011/12/10 00:47:53 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Users\Enrique\Desktop\aswMBR.exe
[2011/12/09 06:06:19 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{5F25FD9B-1330-4006-883A-A9BAA4840687}
[2011/12/09 06:05:56 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{E61B8A0A-B382-478B-92B8-A01730697BAB}
[2011/12/08 05:22:30 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{87723472-7B75-44C5-B525-6B4AA742A882}
[2011/12/08 05:22:07 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{738FFA6C-8CF9-4302-BAE8-DDAC25722459}
[2011/12/08 04:54:01 | 003,552,208 | ---- | C] (Piriform Ltd) -- C:\Users\Enrique\Desktop\ccsetup313.exe
[2011/12/05 15:38:33 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{228D960C-4877-4E83-BE77-7E9AF61D0560}
[2011/12/05 15:38:20 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{244C1C39-E1F3-49FD-8694-871462D54F62}
[2011/12/04 22:03:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2011/12/04 22:03:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2011/12/04 22:03:03 | 000,134,144 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l083.dll
[2011/12/04 22:02:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2011/12/04 22:02:47 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2011/12/04 22:02:06 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2011/12/04 22:02:04 | 001,411,584 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpost_p02b.dll
[2011/12/04 22:02:04 | 000,966,656 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hposwia_p02b.dll
[2011/12/04 22:02:04 | 000,512,512 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hposc_p02a.dll
[2011/12/04 22:02:04 | 000,362,328 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\HPZIDS40.dll
[2011/12/03 13:50:52 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{0C9321DE-84E1-4422-B9C6-1C60E3AEDBE3}
[2011/12/03 13:50:39 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{2B00978A-71E6-4420-84FA-1938B38C9782}
[2011/11/30 18:10:13 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{1C39BB25-F156-4BB0-9755-27CEA325221D}
[2011/11/30 18:09:59 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{2C92D726-1B87-472E-88A5-FBBCB952F3E3}
[2011/11/27 22:18:12 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{EE265590-8213-4598-BC67-C003E7A92809}
[2011/11/27 22:17:56 | 000,000,000 | ---D | C] -- C:\Users\Enrique\AppData\Local\{1E2865E7-CD72-40A4-83EB-799D824F43A4}
[2009/05/14 22:15:24 | 005,719,400 | ---- | C] (Acresso Software Inc.) -- C:\Program Files\Common Files\adlmint_libFNP.dll
[2009/05/14 22:15:24 | 004,397,928 | ---- | C] (Autodesk) -- C:\Program Files\Common Files\adlmint.dll
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/18 18:40:51 | 000,012,286 | -HS- | M] () -- C:\Users\Enrique\AppData\Local\b0mk65x7vc5mcf
[2011/12/18 18:40:51 | 000,012,286 | -HS- | M] () -- C:\ProgramData\b0mk65x7vc5mcf
[2011/12/18 18:27:00 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/18 17:52:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3354869186-130629379-3507963822-1001UA.job
[2011/12/18 17:47:08 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/18 17:47:08 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/18 17:39:34 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/18 17:39:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/18 17:39:18 | 1945,505,791 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/18 16:46:02 | 084,015,707 | ---- | M] () -- C:\Users\Enrique\Desktop\gremlin.psd
[2011/12/18 16:26:07 | 000,001,456 | ---- | M] () -- C:\Users\Enrique\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/12/18 16:26:06 | 000,908,518 | ---- | M] () -- C:\Users\Enrique\Desktop\SS.jpg
[2011/12/18 16:21:30 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\Users\Enrique\Documents\sP4O1Dk5G.exe
[2011/12/18 16:21:20 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\Users\Enrique\AppData\Local\kqt.exe
[2011/12/18 15:18:30 | 000,879,649 | ---- | M] () -- C:\Users\Enrique\Desktop\SecurityCheck.exe
[2011/12/18 14:38:26 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/12/18 14:28:32 | 004,343,835 | R--- | M] (Swearware) -- C:\Users\Enrique\Desktop\Combo-Fix.exe
[2011/12/18 14:11:51 | 000,139,264 | ---- | M] () -- C:\Users\Enrique\Desktop\SystemLook.exe
[2011/12/18 14:06:21 | 000,011,262 | -HS- | M] () -- C:\Users\Enrique\AppData\Local\7c57mo6h56m738
[2011/12/18 14:06:21 | 000,011,262 | -HS- | M] () -- C:\ProgramData\7c57mo6h56m738
[2011/12/18 13:10:38 | 000,002,948 | ---- | M] () -- C:\Users\Enrique\Desktop\Scanner Management - Shortcut.lnk
[2011/12/18 11:52:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3354869186-130629379-3507963822-1001Core.job
[2011/12/18 00:35:04 | 000,054,283 | ---- | M] () -- C:\Users\Enrique\Desktop\169007_10150092421799521_507844520_5849466_6160007_n.jpg
[2011/12/17 10:47:53 | 000,003,687 | ---- | M] () -- C:\Users\Enrique\Desktop\Attach.zip
[2011/12/17 10:31:18 | 000,002,056 | ---- | M] () -- C:\Users\Enrique\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/17 10:28:06 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Enrique\Desktop\dds.scr
[2011/12/16 14:29:43 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/16 14:29:43 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/16 14:29:43 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/15 22:56:31 | 000,027,221 | ---- | M] () -- C:\Users\Enrique\Desktop\leon2.jpg
[2011/12/15 22:55:58 | 000,039,941 | ---- | M] () -- C:\Users\Enrique\Desktop\leon1.jpg
[2011/12/15 22:55:01 | 000,009,473 | ---- | M] () -- C:\Users\Enrique\Desktop\leo.gif
[2011/12/15 20:45:36 | 000,000,946 | ---- | M] () -- C:\FixitRegBackup.reg
[2011/12/15 18:09:19 | 000,342,990 | ---- | M] () -- C:\Users\Enrique\Desktop\leo.ai
[2011/12/15 18:09:14 | 000,037,115 | ---- | M] () -- C:\Users\Enrique\Desktop\leo.jpg
[2011/12/15 17:25:59 | 000,806,400 | ---- | M] () -- C:\Users\Enrique\Desktop\MicrosoftFixit50692.msi
[2011/12/15 08:53:06 | 005,294,648 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/12/14 20:42:15 | 000,126,392 | ---- | M] () -- C:\Users\Enrique\Desktop\leo.svgz
[2011/12/14 20:30:07 | 000,340,221 | ---- | M] () -- C:\Users\Enrique\Desktop\l.psd
[2011/12/14 19:28:20 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/12/14 19:18:33 | 100,713,023 | ---- | M] () -- C:\Users\Enrique\Desktop\tig-1.psd
[2011/12/14 14:07:22 | 002,098,534 | ---- | M] () -- C:\Users\Enrique\Desktop\bgs.psd
[2011/12/13 23:32:36 | 002,255,617 | ---- | M] () -- C:\Users\Enrique\Desktop\b1.psd
[2011/12/13 23:30:45 | 000,566,502 | ---- | M] () -- C:\Users\Enrique\Desktop\b1.jpg
[2011/12/13 23:18:19 | 000,014,906 | -HS- | M] () -- C:\Users\Enrique\AppData\Local\b8gu32o8te3ibj
[2011/12/13 23:18:19 | 000,014,906 | -HS- | M] () -- C:\ProgramData\b8gu32o8te3ibj
[2011/12/13 16:13:27 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Enrique\Desktop\OTL.exe
[2011/12/13 13:37:22 | 000,336,796 | ---- | M] () -- C:\Users\Enrique\Desktop\spillpic.jpg
[2011/12/13 08:05:47 | 001,577,264 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Enrique\Desktop\tdsskiller.exe
[2011/12/12 15:46:08 | 001,053,098 | ---- | M] () -- C:\Users\Enrique\Desktop\Chase_by_samburley.png
[2011/12/11 19:22:44 | 000,006,196 | -HS- | M] () -- C:\Windows\5113895drv.spi
[2011/12/11 18:01:48 | 000,136,280 | ---- | M] () -- C:\Users\Enrique\Desktop\Dune_Boogie_by_ahbiasaaja.jpg
[2011/12/11 17:41:08 | 105,515,512 | ---- | M] () -- C:\Users\Enrique\Desktop\setup_11.0.0.1245.x01_2011_12_12_04_22.exe
[2011/12/11 09:06:29 | 000,080,896 | ---- | M] (maliprog) -- C:\Users\Enrique\Desktop\getpartitions.exe
[2011/12/10 10:54:13 | 009,746,127 | ---- | M] () -- C:\Users\Enrique\Desktop\leon.psd
[2011/12/10 00:47:54 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Users\Enrique\Desktop\aswMBR.exe
[2011/12/09 22:25:16 | 000,088,827 | ---- | M] () -- C:\Users\Enrique\Desktop\316645_10150265530771652_556606651_8188422_6033131_n.jpg
[2011/12/09 22:24:56 | 000,065,892 | ---- | M] () -- C:\Users\Enrique\Desktop\250864_10150186297481652_556606651_7437903_5651744_n.jpg
[2011/12/09 22:24:40 | 000,193,223 | ---- | M] () -- C:\Users\Enrique\Desktop\301216_10150265531006652_556606651_8188425_4368654_n.jpg
[2011/12/09 22:24:17 | 000,050,670 | ---- | M] () -- C:\Users\Enrique\Desktop\150210_446738541651_556606651_5973095_2759792_n.jpg
[2011/12/09 20:32:57 | 000,673,075 | ---- | M] () -- C:\Users\Enrique\Desktop\a018de61432b6a10724c7418be9e0145-d4fqsrm.jpg
[2011/12/09 15:19:33 | 000,123,617 | ---- | M] () -- C:\Users\Enrique\Desktop\Emerging_Deva_2_by_tavari.jpg
[2011/12/08 17:43:16 | 000,240,666 | ---- | M] () -- C:\Users\Enrique\Desktop\3320514916_8fb4c53ace.jpg
[2011/12/08 15:52:55 | 008,434,071 | ---- | M] () -- C:\Users\Enrique\Desktop\conan.psd
[2011/12/08 04:58:27 | 000,004,434 | ---- | M] () -- C:\Users\Enrique\Documents\cc_20111208_045822.reg
[2011/12/08 04:54:43 | 003,552,208 | ---- | M] (Piriform Ltd) -- C:\Users\Enrique\Desktop\ccsetup313.exe
[2011/12/06 22:42:50 | 003,221,484 | ---- | M] () -- C:\Users\Enrique\Desktop\r3c.psd
[2011/12/06 01:12:59 | 008,342,118 | ---- | M] () -- C:\Users\Enrique\Desktop\r2.psd
[2011/12/05 22:51:15 | 000,189,289 | ---- | M] () -- C:\Users\Enrique\Desktop\chart.psd
[2011/12/04 22:04:22 | 000,135,236 | ---- | M] () -- C:\Windows\hpoins36.dat
[2011/12/03 19:10:37 | 000,279,896 | ---- | M] () -- C:\Users\Enrique\Desktop\DSCN1980.JPG
[2011/12/02 05:21:58 | 000,072,587 | ---- | M] () -- C:\Users\Enrique\Desktop\385231_2580895491683_1533313735_2681060_180846874_n.jpg
[2011/12/02 05:21:30 | 000,103,362 | ---- | M] () -- C:\Users\Enrique\Desktop\384091_2580893491633_1533313735_2681056_2143368044_n.jpg
[2011/12/02 04:40:01 | 000,172,789 | ---- | M] () -- C:\Users\Enrique\Desktop\382967_2580892251602_1533313735_2681054_359181174_n.jpg
[2011/12/02 01:12:26 | 018,440,246 | ---- | M] () -- C:\Users\Enrique\Desktop\r1.psd
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/18 16:26:05 | 000,908,518 | ---- | C] () -- C:\Users\Enrique\Desktop\SS.jpg
[2011/12/18 16:21:25 | 000,012,286 | -HS- | C] () -- C:\Users\Enrique\AppData\Local\b0mk65x7vc5mcf
[2011/12/18 16:21:25 | 000,012,286 | -HS- | C] () -- C:\ProgramData\b0mk65x7vc5mcf
[2011/12/18 15:18:29 | 000,879,649 | ---- | C] () -- C:\Users\Enrique\Desktop\SecurityCheck.exe
[2011/12/18 14:11:50 | 000,139,264 | ---- | C] () -- C:\Users\Enrique\Desktop\SystemLook.exe
[2011/12/18 13:10:38 | 000,002,948 | ---- | C] () -- C:\Users\Enrique\Desktop\Scanner Management - Shortcut.lnk
[2011/12/18 00:35:04 | 000,054,283 | ---- | C] () -- C:\Users\Enrique\Desktop\169007_10150092421799521_507844520_5849466_6160007_n.jpg
[2011/12/17 10:47:53 | 000,003,687 | ---- | C] () -- C:\Users\Enrique\Desktop\Attach.zip
[2011/12/17 02:32:52 | 000,011,262 | -HS- | C] () -- C:\Users\Enrique\AppData\Local\7c57mo6h56m738
[2011/12/17 02:32:52 | 000,011,262 | -HS- | C] () -- C:\ProgramData\7c57mo6h56m738
[2011/12/15 22:56:30 | 000,027,221 | ---- | C] () -- C:\Users\Enrique\Desktop\leon2.jpg
[2011/12/15 22:55:57 | 000,039,941 | ---- | C] () -- C:\Users\Enrique\Desktop\leon1.jpg
[2011/12/15 22:55:01 | 000,009,473 | ---- | C] () -- C:\Users\Enrique\Desktop\leo.gif
[2011/12/15 20:45:36 | 000,000,946 | ---- | C] () -- C:\FixitRegBackup.reg
[2011/12/15 18:09:14 | 000,037,115 | ---- | C] () -- C:\Users\Enrique\Desktop\leo.jpg
[2011/12/15 17:25:59 | 000,806,400 | ---- | C] () -- C:\Users\Enrique\Desktop\MicrosoftFixit50692.msi
[2011/12/14 21:55:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/12/14 21:55:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/12/14 21:55:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/12/14 21:55:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/12/14 21:55:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/12/14 20:42:25 | 000,342,990 | ---- | C] () -- C:\Users\Enrique\Desktop\leo.ai
[2011/12/14 20:42:10 | 000,126,392 | ---- | C] () -- C:\Users\Enrique\Desktop\leo.svgz
[2011/12/14 20:30:07 | 000,340,221 | ---- | C] () -- C:\Users\Enrique\Desktop\l.psd
[2011/12/14 14:07:22 | 002,098,534 | ---- | C] () -- C:\Users\Enrique\Desktop\bgs.psd
[2011/12/13 23:32:36 | 002,255,617 | ---- | C] () -- C:\Users\Enrique\Desktop\b1.psd
[2011/12/13 23:30:45 | 000,566,502 | ---- | C] () -- C:\Users\Enrique\Desktop\b1.jpg
[2011/12/13 23:14:02 | 000,014,906 | -HS- | C] () -- C:\Users\Enrique\AppData\Local\b8gu32o8te3ibj
[2011/12/13 23:14:02 | 000,014,906 | -HS- | C] () -- C:\ProgramData\b8gu32o8te3ibj
[2011/12/13 22:16:07 | 084,015,707 | ---- | C] () -- C:\Users\Enrique\Desktop\gremlin.psd
[2011/12/13 13:37:21 | 000,336,796 | ---- | C] () -- C:\Users\Enrique\Desktop\spillpic.jpg
[2011/12/12 15:46:07 | 001,053,098 | ---- | C] () -- C:\Users\Enrique\Desktop\Chase_by_samburley.png
[2011/12/11 18:01:47 | 000,136,280 | ---- | C] () -- C:\Users\Enrique\Desktop\Dune_Boogie_by_ahbiasaaja.jpg
[2011/12/11 18:00:50 | 000,006,196 | -HS- | C] () -- C:\Windows\5113895drv.spi
[2011/12/11 17:38:37 | 105,515,512 | ---- | C] () -- C:\Users\Enrique\Desktop\setup_11.0.0.1245.x01_2011_12_12_04_22.exe
[2011/12/09 22:25:16 | 000,088,827 | ---- | C] () -- C:\Users\Enrique\Desktop\316645_10150265530771652_556606651_8188422_6033131_n.jpg
[2011/12/09 22:24:55 | 000,065,892 | ---- | C] () -- C:\Users\Enrique\Desktop\250864_10150186297481652_556606651_7437903_5651744_n.jpg
[2011/12/09 22:24:39 | 000,193,223 | ---- | C] () -- C:\Users\Enrique\Desktop\301216_10150265531006652_556606651_8188425_4368654_n.jpg
[2011/12/09 22:24:16 | 000,050,670 | ---- | C] () -- C:\Users\Enrique\Desktop\150210_446738541651_556606651_5973095_2759792_n.jpg
[2011/12/09 21:09:02 | 100,713,023 | ---- | C] () -- C:\Users\Enrique\Desktop\tig-1.psd
[2011/12/09 20:32:56 | 000,673,075 | ---- | C] () -- C:\Users\Enrique\Desktop\a018de61432b6a10724c7418be9e0145-d4fqsrm.jpg
[2011/12/09 15:19:32 | 000,123,617 | ---- | C] () -- C:\Users\Enrique\Desktop\Emerging_Deva_2_by_tavari.jpg
[2011/12/08 17:43:15 | 000,240,666 | ---- | C] () -- C:\Users\Enrique\Desktop\3320514916_8fb4c53ace.jpg
[2011/12/08 04:58:24 | 000,004,434 | ---- | C] () -- C:\Users\Enrique\Documents\cc_20111208_045822.reg
[2011/12/07 03:15:30 | 009,746,127 | ---- | C] () -- C:\Users\Enrique\Desktop\leon.psd
[2011/12/06 22:42:49 | 003,221,484 | ---- | C] () -- C:\Users\Enrique\Desktop\r3c.psd
[2011/12/05 22:51:14 | 000,189,289 | ---- | C] () -- C:\Users\Enrique\Desktop\chart.psd
[2011/12/04 22:02:07 | 000,135,236 | ---- | C] () -- C:\Windows\hpoins36.dat
[2011/12/04 22:02:07 | 000,000,578 | ---- | C] () -- C:\Windows\hpomdl36.dat
[2011/12/03 19:08:23 | 000,279,896 | ---- | C] () -- C:\Users\Enrique\Desktop\DSCN1980.JPG
[2011/12/02 05:21:57 | 000,072,587 | ---- | C] () -- C:\Users\Enrique\Desktop\385231_2580895491683_1533313735_2681060_180846874_n.jpg
[2011/12/02 05:21:29 | 000,103,362 | ---- | C] () -- C:\Users\Enrique\Desktop\384091_2580893491633_1533313735_2681056_2143368044_n.jpg
[2011/12/02 04:40:00 | 000,172,789 | ---- | C] () -- C:\Users\Enrique\Desktop\382967_2580892251602_1533313735_2681054_359181174_n.jpg
[2011/12/02 01:22:05 | 008,342,118 | ---- | C] () -- C:\Users\Enrique\Desktop\r2.psd
[2011/12/01 08:12:36 | 018,440,246 | ---- | C] () -- C:\Users\Enrique\Desktop\r1.psd
[2011/04/23 23:54:31 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\pxhpinst.exe
[2010/12/26 19:39:17 | 000,001,456 | ---- | C] () -- C:\Users\Enrique\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/12/26 19:10:54 | 000,000,431 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2010/12/26 11:58:07 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/07/28 14:36:06 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2010/07/28 14:35:35 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\drivers\ServiceHelp.dll
[2010/07/28 14:34:23 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010/07/28 14:34:23 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010/07/28 14:34:22 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010/07/28 14:34:22 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010/07/28 14:32:49 | 000,009,987 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010/07/28 14:32:47 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/07/28 14:32:46 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2010/07/28 14:32:46 | 000,007,698 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010/07/28 14:30:51 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/06/15 22:28:54 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009/07/13 13:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009/07/13 13:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 13:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 09:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\SysWow64\SP207.INI

========== LOP Check ==========

[2011/02/09 23:52:31 | 000,000,000 | ---D | M] -- C:\Users\Enrique\AppData\Roaming\acccore
[2011/01/24 19:21:29 | 000,000,000 | ---D | M] -- C:\Users\Enrique\AppData\Roaming\Autodesk
[2011/11/10 21:41:13 | 000,000,000 | ---D | M] -- C:\Users\Enrique\AppData\Roaming\Azureus
[2011/09/05 14:05:19 | 000,000,000 | ---D | M] -- C:\Users\Enrique\AppData\Roaming\Canon
[2011/04/30 21:44:17 | 000,000,000 | ---D | M] -- C:\Users\Enrique\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/07/03 10:49:38 | 000,000,000 | ---D | M] -- C:\Users\Enrique\AppData\Roaming\Filter Forge Freepack 2 - Photo Effects
[2011/07/12 02:20:09 | 000,000,000 | ---D | M] -- C:\Users\Enrique\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1
[2011/07/07 14:57:13 | 000,000,000 | ---D | M] -- C:\Users\Enrique\AppData\Roaming\PingKaching.45C46A55E3922496F6ADD09FCC67FAC1A9B38B70.1
[2010/12/26 19:10:45 | 000,000,000 | ---D | M] -- C:\Users\Enrique\AppData\Roaming\ScanSoft
[2011/01/31 22:43:29 | 000,000,000 | ---D | M] -- C:\Users\Enrique\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/04/24 12:18:18 | 000,000,000 | ---D | M] -- C:\Users\Enrique\AppData\Roaming\Windows Live Writer
[2011/12/18 11:52:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3354869186-130629379-3507963822-1001Core.job
[2011/12/18 17:52:00 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3354869186-130629379-3507963822-1001UA.job
[2011/12/13 23:41:22 | 000,032,532 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< >

< %SYSTEMDRIVE%\*.* >
[2009/07/13 17:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009/08/05 10:13:51 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/12/26 19:12:34 | 000,000,987 | ---- | M] () -- C:\coinst.txt
[2011/12/18 14:42:41 | 000,023,386 | ---- | M] () -- C:\ComboFix.txt
[2011/12/11 09:08:15 | 000,001,001 | ---- | M] () -- C:\DiskReport.txt
[2011/12/15 20:45:36 | 000,000,946 | ---- | M] () -- C:\FixitRegBackup.reg
[2011/12/18 17:39:18 | 1945,505,791 | -HS- | M] () -- C:\hiberfil.sys
[2011/02/09 23:52:16 | 000,000,361 | -H-- | M] () -- C:\IPH.PH
[2011/12/18 17:39:23 | 4025,667,583 | -HS- | M] () -- C:\pagefile.sys
[2011/12/13 08:25:43 | 000,158,292 | ---- | M] () -- C:\TDSSKiller.2.6.23.0_13.12.2011_08.06.16_log.txt
[2011/12/14 21:53:10 | 000,001,906 | ---- | M] () -- C:\TDSSKiller.2.6.23.0_14.12.2011_21.53.01_log.txt

< %PROGRAMFILES%\*.* >
[2009/07/13 20:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

< %APPDATA%\*.* >

< %systemroot%\Tasks\*.job >
[2011/12/18 11:52:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3354869186-130629379-3507963822-1001Core.job
[2011/12/18 17:52:00 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3354869186-130629379-3507963822-1001UA.job
[2011/12/18 17:39:34 | 000,000,896 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011/12/18 18:27:00 | 000,000,900 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< C:\ProgramData\*.* >
[2011/12/18 14:06:21 | 000,011,262 | -HS- | M] () -- C:\ProgramData\7c57mo6h56m738
[2011/12/18 18:40:51 | 000,012,286 | -HS- | M] () -- C:\ProgramData\b0mk65x7vc5mcf
[2011/12/13 23:18:19 | 000,014,906 | -HS- | M] () -- C:\ProgramData\b8gu32o8te3ibj
[2010/12/26 11:58:07 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2011/12/04 22:04:23 | 000,000,360 | ---- | M] () -- C:\ProgramData\hpzinstall.log

< C:\Windows\System32\*.tmp >

< C:\Users\Enrique\AppData\Local\*.* >
[2011/12/18 14:06:21 | 000,011,262 | -HS- | M] () -- C:\Users\Enrique\AppData\Local\7c57mo6h56m738
[2011/12/18 16:26:07 | 000,001,456 | ---- | M] () -- C:\Users\Enrique\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/12/18 18:40:51 | 000,012,286 | -HS- | M] () -- C:\Users\Enrique\AppData\Local\b0mk65x7vc5mcf
[2011/12/13 23:18:19 | 000,014,906 | -HS- | M] () -- C:\Users\Enrique\AppData\Local\b8gu32o8te3ibj
[2011/08/14 17:20:41 | 000,144,928 | ---- | M] () -- C:\Users\Enrique\AppData\Local\GDIPFONTCACHEV1.DAT
[2011/12/18 17:38:33 | 009,740,841 | -H-- | M] () -- C:\Users\Enrique\AppData\Local\IconCache.db
[2011/12/18 16:21:20 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\Users\Enrique\AppData\Local\kqt.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8CE646EE

< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

2 user(s) are reading this topic

0 members, 2 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP