I was unable to pull up task mananger at first because it was blocked by "administrator" - this is supposed to be the administrator for the computer. I found some help online, by copy pasting this into "run" - "REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f"
task manager now works- I quit explorer.exe and ran it. But again nothing appears on desktop. I can use 'run' to access the internet. every couple of searches or clicks I make to pages - a random page comes up instead - sorry I did not take note on which one. I recall one of them being those fake security ones - will edit once I get another.
I downloaded OTL and have the logs, as per instructions on cleaning guide - here it is. I will be using my computer to check up, talk with anyone willing to help, while working on this one.
EDIT- Safe mode has the same problem - Also attempted to system restore the PC, but it will simply freeze one I click "next".
EDIT2- I managed to run Malwarebytes (using task manager, Run MBAM) and It found the programs messing with the desktop, and the task manager, and deleted them. I can now see the desktop icons, althought most of them appear to be grayed out but I am able to access them. I can't seem to update Malwarebytes (says it is 120 days old) it starts to download and then something interrupts it.
I still would appreciate help in removing these malwares as much as possible.
OTL.txt
OTL logfile created on: 9/11/2011 6:14:53 PM - Run 1
OTL by OldTimer - Version 3.2.27.0 Folder = C:\Documents and Settings\Miriam Nunez\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.13 Gb Available Physical Memory | 56.63% Memory free
3.85 Gb Paging File | 3.11 Gb Available in Paging File | 80.75% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 105.78 Gb Total Space | 52.69 Gb Free Space | 49.81% Space Free | Partition Type: NTFS
Computer Name: F52F2867C1364CC | User Name: Miriam Nunez | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/09/11 18:08:58 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Miriam Nunez\Desktop\OTL.exe
PRC - [2011/08/09 17:02:04 | 001,176,064 | -H-- | M] (W3i, LLC) -- C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
PRC - [2011/03/16 16:05:14 | 000,656,736 | -H-- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/02/08 05:33:20 | 000,658,784 | -H-- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/01/24 16:59:58 | 000,117,640 | RH-- | M] (Symantec Corporation) -- C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe
PRC - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/11 18:50:16 | 000,030,312 | -H-- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2006/06/13 13:22:20 | 000,217,088 | -H-- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2006/04/13 16:36:36 | 000,176,128 | -H-- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2006/04/04 17:55:18 | 000,274,432 | -H-- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2006/02/28 17:29:54 | 000,569,413 | -H-- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
PRC - [2006/02/28 17:25:48 | 000,602,182 | -H-- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2006/02/28 17:22:50 | 000,397,381 | -H-- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2006/02/14 15:11:46 | 000,176,128 | -H-- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2005/12/27 16:58:10 | 000,069,632 | -H-- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
PRC - [2005/11/28 16:39:30 | 000,131,072 | -H-- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2004/11/17 23:47:16 | 000,118,784 | -H-- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2004/08/19 12:40:08 | 000,045,056 | -H-- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
========== Modules (No Company Name) ==========
MOD - [2009/11/05 08:39:40 | 000,087,552 | -H-- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2008/03/25 00:50:40 | 000,355,112 | -H-- | M] () -- C:\WINDOWS\system32\msjetoledb40.dll
MOD - [2007/07/16 14:19:57 | 000,051,716 | -H-- | M] () -- C:\WINDOWS\system32\pdf995mon.dll
MOD - [2006/06/20 20:45:00 | 000,098,304 | -H-- | M] () -- C:\WINDOWS\system32\nvapi.dll
MOD - [2006/06/09 14:37:54 | 000,034,304 | -H-- | M] () -- C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
MOD - [2006/06/09 14:37:42 | 000,064,000 | -H-- | M] () -- C:\Program Files\Canon\Easy-WebPrint\EWPCore.dll
MOD - [2006/02/28 17:39:02 | 000,876,544 | -H-- | M] () -- C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
MOD - [2006/02/28 17:39:02 | 000,208,965 | -H-- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2006/02/28 17:39:02 | 000,053,322 | -H-- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2006/02/13 17:15:04 | 000,970,862 | -H-- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2005/11/28 19:45:50 | 000,040,960 | -H-- | M] () -- C:\Program Files\Sony\VAIO Camera Utility\VCULib.dll
MOD - [2005/05/20 20:42:20 | 000,010,752 | -H-- | M] () -- C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
MOD - [2004/07/20 20:04:00 | 000,094,208 | -H-- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/04/22 13:56:50 | 000,984,392 | -H-- | M] () [Disabled | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/04/18 17:39:42 | 007,398,752 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Disabled | Stopped] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/02/08 05:33:42 | 000,269,520 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Disabled | Stopped] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/01/24 16:59:58 | 000,117,640 | RH-- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe -- (N360)
SRV - [2009/11/13 11:28:04 | 000,110,592 | -H-- | M] (WDC) [Disabled | Stopped] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/06/16 08:58:08 | 000,020,480 | -H-- | M] (Memeo) [Disabled | Stopped] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009/01/27 14:26:42 | 000,398,336 | -H-- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares\chatServer.exe -- (AresChatServer)
SRV - [2008/11/09 16:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 20:12:22 | 000,015,360 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/01/11 18:50:16 | 000,030,312 | -H-- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2006/06/13 11:03:42 | 002,084,864 | -H-- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2006/06/07 12:51:50 | 000,155,648 | -H-- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2006/05/18 13:22:26 | 000,770,048 | -H-- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2006/05/18 13:22:26 | 000,057,344 | -H-- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2006/05/08 07:24:54 | 000,069,632 | -H-- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2006/04/27 20:35:16 | 000,053,337 | -H-- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/04/27 20:27:06 | 000,049,241 | -H-- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/04/27 20:16:28 | 000,069,718 | -H-- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/04/13 16:36:36 | 000,176,128 | -H-- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2006/04/04 17:55:18 | 000,274,432 | -H-- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2005/11/28 16:39:32 | 000,118,784 | -H-- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2005/11/28 16:39:30 | 000,131,072 | -H-- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2005/11/25 16:08:54 | 000,073,728 | -H-- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2005/07/14 22:10:16 | 000,032,768 | -H-- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 2\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
========== Driver Services (SafeList) ==========
DRV - [2011/04/14 21:28:42 | 000,134,480 | -H-- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/05 00:59:56 | 000,297,168 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 16:03:20 | 000,032,592 | -H-- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 14:25:18 | 000,034,896 | -H-- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 08:13:02 | 000,022,992 | -H-- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/02/10 07:53:54 | 000,027,216 | -H-- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 07:53:52 | 000,024,144 | -H-- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/01/07 06:41:46 | 000,248,656 | -H-- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/10/19 16:36:22 | 000,341,880 | -H-- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20101119.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2010/05/26 04:00:00 | 000,371,248 | -H-- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/01/24 17:00:22 | 000,124,976 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/01/24 17:00:04 | 000,217,136 | -H-- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/01/24 17:00:04 | 000,089,904 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMFW.SYS -- (SYMFW)
DRV - [2010/01/24 17:00:04 | 000,036,400 | RH-- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2010/01/24 17:00:04 | 000,036,400 | RH-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2010/01/24 17:00:04 | 000,036,400 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2010/01/24 17:00:04 | 000,033,072 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMIDS.SYS -- (SYMIDS)
DRV - [2010/01/24 17:00:03 | 000,482,432 | -H-- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\ccHPx86.sys -- (ccHP)
DRV - [2010/01/24 17:00:03 | 000,310,320 | -H-- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0308000.029\SYMEFA.SYS -- (SymEFA)
DRV - [2010/01/24 17:00:03 | 000,308,272 | -H-- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SRTSP.SYS -- (SRTSP)
DRV - [2010/01/24 17:00:03 | 000,259,632 | -H-- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/01/24 17:00:03 | 000,043,696 | -H-- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0308000.029\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/09/10 15:55:52 | 000,102,528 | -H-- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/08/05 22:48:42 | 000,054,752 | -H-- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/07/24 19:33:24 | 000,100,736 | -H-- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009/02/13 11:02:52 | 000,011,520 | -H-- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/07/10 02:49:14 | 000,242,712 | -H-- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2007/11/22 11:09:54 | 000,083,288 | -H-- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2007/06/18 21:18:26 | 000,023,680 | -H-- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/04/05 11:55:16 | 000,046,112 | -H-- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2006/12/20 15:31:34 | 000,049,904 | RH-- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2006/05/26 10:59:12 | 001,177,032 | -H-- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/04/13 23:00:00 | 000,108,928 | -H-- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (Tosrfbd)
DRV - [2006/03/16 13:45:00 | 000,037,632 | -H-- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2006/03/15 13:52:00 | 000,052,864 | -H-- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfsnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2006/03/06 22:39:00 | 000,030,080 | -H-- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyImgF.sys -- (SonyImgF)
DRV - [2006/02/28 18:35:56 | 000,013,568 | -H-- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2006/02/26 07:43:00 | 001,428,480 | -H-- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51) Intel®
DRV - [2006/02/24 04:37:00 | 000,040,192 | -H-- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2006/02/22 21:13:12 | 000,013,440 | -H-- | M] (UPEK Inc.) [File_System | Auto | Running] -- C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys -- (FdRedir)
DRV - [2006/02/22 21:13:04 | 000,033,024 | -H-- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys -- (FileDisk2)
DRV - [2006/02/21 22:32:32 | 000,226,304 | -H-- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2006/02/10 14:17:00 | 000,047,488 | -H-- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006/02/08 20:33:00 | 000,062,848 | -H-- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfhid.sys -- (Tosrfhid)
DRV - [2005/12/29 03:28:08 | 000,055,680 | -H-- | M] (Micro Vision Co.,Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Mvc25U870.sys -- (Mvc25U870_VID_1262&PID_25FD)
DRV - [2005/11/21 18:06:02 | 000,009,216 | -H-- | M] (Sony Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\shpf.sys -- (shpf)
DRV - [2005/10/21 15:19:34 | 000,036,352 | -H-- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2005/10/18 20:53:24 | 000,998,656 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/10/18 20:52:34 | 000,202,112 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/10/18 20:52:30 | 000,721,280 | -H-- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/10/17 12:43:00 | 000,241,408 | -H-- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/08/01 19:45:00 | 000,064,896 | -H-- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/07/11 21:58:00 | 000,003,712 | -H-- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\toshidpt.sys -- (toshidpt)
DRV - [2005/01/06 16:42:00 | 000,018,612 | -H-- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/11/22 16:31:10 | 000,108,767 | -H-- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/06/18 20:12:50 | 000,071,961 | -H-- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyPI.sys -- (SPI)
DRV - [2000/12/05 19:18:02 | 000,003,952 | -H-- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
DRV - [2000/11/09 23:15:08 | 000,048,896 | -H-- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoo...earchTerms}&f=4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 59 8D C7 AE 38 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Miriam Nunez\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Miriam Nunez\Application Data\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Miriam Nunez\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Miriam Nunez\Local Settings\Application Data\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2010/12/26 18:47:17 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\ [2011/05/14 19:20:13 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/05/14 19:23:13 | 000,000,000 | -H-D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Documents and Settings\Miriam Nunez\Application Data\Move Networks [2009/11/18 23:49:04 | 000,000,000 | -H-D | M]
[2007/07/21 19:01:43 | 000,000,000 | -H-D | M] (No name found) -- C:\Documents and Settings\Miriam Nunez\Application Data\Mozilla\Firefox\Profiles\tvaaec3n.default\extensions
[2011/04/05 00:02:24 | 000,000,000 | -H-D | M] (Facemoods) -- C:\Documents and Settings\Miriam Nunez\Application Data\Mozilla\Firefox\Profiles\tvaaec3n.default\extensions\[email protected]
[2009/08/13 09:12:11 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/04/05 00:02:28 | 000,002,049 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
O1 HOSTS File: ([2006/02/28 08:00:00 | 000,000,734 | -H-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {02c6442b-e4ca-4f3e-a2c5-6f11a97cb657} - File not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn GUI] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation)
O4 - HKLM..\Run: [VAIO Recovery] C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe (Sony Electronics Inc)
O4 - HKLM..\Run: [VAIOCameraUtility] C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe (Sony Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [InstallIQUpdater] C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe (W3i, LLC)
O4 - HKCU..\Run: [QuickPhrase] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (VaioInfo.CMClass)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo2.walgre...eensActivia.cab (Snapfish Activia)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1250185377500 (WUWebControl Class)
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} http://nunezmiriam.s...ad/MsnPUpld.cab (Windows Live Photo Upload Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {85AC0EFC-2CA1-4C1C-82AE-5C31184A13EF} http://70.155.16.76:...in/h263ctrl.cab (VAMCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FEED82A-42A6-4117-A803-7EC3EB9339E0} http://70.155.16.76:...ugin/client.cab (ClientControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://freetrial.we...bex/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{16626FDF-A52A-48B7-835B-D38EA58EEADF}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Security Suite\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\psfus: DllName - fusstub.dll - C:\WINDOWS\System32\fusstub.dll (UPEK Inc.)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/MIRIAM~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image001.jpg
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/07/22 14:47:29 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2f555b8a-4bcd-11df-8b11-0016fe9a9d68}\Shell - "" = AutoRun
O33 - MountPoints2\{2f555b8a-4bcd-11df-8b11-0016fe9a9d68}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2f555b8a-4bcd-11df-8b11-0016fe9a9d68}\Shell\AutoRun\command - "" = "G:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{3f1dabf5-3fda-11dd-87c6-0016fe9a9d68}\Shell - "" = AutoRun
O33 - MountPoints2\{3f1dabf5-3fda-11dd-87c6-0016fe9a9d68}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3f1dabf5-3fda-11dd-87c6-0016fe9a9d68}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{40160ccb-06db-11e0-8c08-0016fe9a9d68}\Shell\AutoRun\command - "" = C:\WINDOWS\System32\setup.exe -- [2008/04/13 20:12:34 | 000,023,040 | -H-- | M] (Microsoft Corporation)
O33 - MountPoints2\{5a171fb2-361d-11e0-8c52-0016fe9a9d68}\Shell\AutoRun\command - "" = F:\urDrive.exe
O33 - MountPoints2\{98ebf2ce-354d-11e0-8c4e-0016fe9a9d68}\Shell - "" = AutoRun
O33 - MountPoints2\{98ebf2ce-354d-11e0-8c4e-0016fe9a9d68}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{98ebf2ce-354d-11e0-8c4e-0016fe9a9d68}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{98ebf2d0-354d-11e0-8c4e-0016fe9a9d68}\Shell - "" = AutoRun
O33 - MountPoints2\{98ebf2d0-354d-11e0-8c4e-0016fe9a9d68}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{98ebf2d0-354d-11e0-8c4e-0016fe9a9d68}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{98ebf2d3-354d-11e0-8c4e-0016fe9a9d68}\Shell - "" = AutoRun
O33 - MountPoints2\{98ebf2d3-354d-11e0-8c4e-0016fe9a9d68}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{98ebf2d3-354d-11e0-8c4e-0016fe9a9d68}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{98ebf2d5-354d-11e0-8c4e-0016fe9a9d68}\Shell - "" = AutoRun
O33 - MountPoints2\{98ebf2d5-354d-11e0-8c4e-0016fe9a9d68}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{98ebf2d5-354d-11e0-8c4e-0016fe9a9d68}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c1b3c814-2c90-11e0-8c36-0016fe9a9d68}\Shell\AutoRun\command - "" = F:\urDrive.exe
O33 - MountPoints2\{c1b3c816-2c90-11e0-8c36-0016fe9a9d68}\Shell\AutoRun\command - "" = F:\urDrive.exe
O33 - MountPoints2\{e781f473-41c5-11e0-8c5e-0016fe9a9d68}\Shell - "" = AutoRun
O33 - MountPoints2\{e781f473-41c5-11e0-8c5e-0016fe9a9d68}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e781f473-41c5-11e0-8c5e-0016fe9a9d68}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- Reg Error: Value error. File not found
========== Files/Folders - Created Within 30 Days ==========
[2011/09/11 18:09:11 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Miriam Nunez\Desktop\OTL.exe
[2011/09/11 17:38:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Miriam Nunez\Recent
[2011/09/10 21:10:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Miriam Nunez\Start Menu\Programs\System Recovery
[2011/09/10 21:09:59 | 000,336,896 | -H-- | C] (RealVNC Ltd.) -- C:\Documents and Settings\All Users\Application Data\P1kAlMiG2Kb7Fz.exe
[2011/09/10 21:00:40 | 000,422,400 | -H-- | C] (RealVNC Ltd.) -- C:\Documents and Settings\All Users\Application Data\uJfauDLHaGxJo.exe
[2011/09/09 01:19:17 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Miriam Nunez\Start Menu\Programs\Dropbox
[2011/09/09 01:18:49 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Miriam Nunez\Application Data\Dropbox
[2011/09/05 21:17:46 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/09/05 21:16:53 | 000,000,000 | -H-D | C] -- C:\Program Files\iPod
[2011/09/05 21:16:50 | 000,000,000 | -H-D | C] -- C:\Program Files\iTunes
[2011/09/05 21:13:47 | 000,000,000 | -H-D | C] -- C:\Program Files\Bonjour
[2011/09/05 21:12:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/09/05 21:12:01 | 000,000,000 | -H-D | C] -- C:\Program Files\QuickTime
[2011/08/17 15:54:39 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Miriam Nunez\Desktop\Debora MDC
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/09/11 18:08:58 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Miriam Nunez\Desktop\OTL.exe
[2011/09/11 17:56:41 | 000,001,158 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/11 17:56:40 | 000,000,896 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/11 17:56:32 | 000,002,048 | -H-- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/11 17:56:28 | 2145,419,264 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/11 17:28:02 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{FC40E001-0D68-4346-9C53-D4918F78A902}.job
[2011/09/11 17:26:04 | 000,001,010 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-566061850-2639588935-750215043-1006UA.job
[2011/09/11 17:25:18 | 000,000,900 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/10 21:31:21 | 000,000,859 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Application Data\Microsoft\Internet Explorer\Quick Launch\System Recovery.lnk
[2011/09/10 21:18:33 | 000,050,868 | -H-- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/09/10 21:11:37 | 000,000,440 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\P1kAlMiG2Kb7Fz
[2011/09/10 21:10:47 | 000,000,224 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~P1kAlMiG2Kb7Fz
[2011/09/10 21:10:47 | 000,000,168 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~P1kAlMiG2Kb7Fzr
[2011/09/10 21:10:46 | 000,000,841 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\System Recovery.lnk
[2011/09/10 21:09:59 | 000,336,896 | -H-- | M] (RealVNC Ltd.) -- C:\Documents and Settings\All Users\Application Data\P1kAlMiG2Kb7Fz.exe
[2011/09/10 21:00:21 | 000,422,400 | -H-- | M] (RealVNC Ltd.) -- C:\Documents and Settings\All Users\Application Data\uJfauDLHaGxJo.exe
[2011/09/09 20:00:00 | 000,000,638 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Miriam Nunez.job
[2011/09/09 09:26:00 | 000,000,958 | -H-- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-566061850-2639588935-750215043-1006Core.job
[2011/09/09 02:02:35 | 000,026,357 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\PARA MOYUGBAR A LOS SANTOS.pdf
[2011/09/09 02:01:32 | 001,239,745 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\MANUAL DEL ORIARTE RELIGION LUCUMI.pdf
[2011/09/09 02:00:56 | 000,073,869 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\OYA SANTERIA CUBANA.pdf
[2011/09/09 02:00:18 | 000,087,147 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\CUANDO SHANGO LLEGO EMPEZO A CANTAR.pdf
[2011/09/09 01:57:13 | 000,054,717 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\ENSERES PARA LA CORONACION DE OGUN.pdf
[2011/09/09 01:56:51 | 000,308,123 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\ENSERES PARA INICIACION DE OSHUN.pdf
[2011/09/09 01:56:16 | 000,053,656 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\ENSERES NECESARIOS PARA LA CORONACION DE YEMANYA.pdf
[2011/09/09 01:55:51 | 000,308,126 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\ENSERES INICIACION OSHUN.pdf
[2011/09/09 01:55:15 | 000,220,229 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\Enseres Necesarios PARA LA INICIACION DE SHANGO.pdf
[2011/09/09 01:54:41 | 000,500,812 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\ENSERES OBATALA.pdf
[2011/09/09 01:01:19 | 008,484,660 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\Pomba Gira Reyna da praia.mp4
[2011/09/08 22:21:59 | 000,000,746 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\Windows Live Call.lnk
[2011/09/08 20:02:17 | 000,763,444 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\20110908172327759.pdf
[2011/09/06 22:36:10 | 000,127,140 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\3dPartyDisclosureAuthorization.pdf
[2011/09/06 14:28:26 | 000,128,454 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\Collins Av Release.pdf
[2011/09/05 20:54:01 | 000,000,284 | -H-- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/09/05 18:18:51 | 000,467,942 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\SUSPENSION DE LICENCIA 002.jpg
[2011/09/03 15:27:03 | 000,002,344 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\Google Chrome.lnk
[2011/08/27 16:21:46 | 004,156,094 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\DEBORA ROS LEASE.pdf
[2011/08/18 18:07:46 | 000,001,028 | -H-- | M] () -- C:\Documents and Settings\Miriam Nunez\Desktop\magicJack.lnk
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/09/11 17:25:12 | 2145,419,264 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/10 21:31:21 | 000,000,859 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Application Data\Microsoft\Internet Explorer\Quick Launch\System Recovery.lnk
[2011/09/10 21:10:47 | 000,000,224 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~P1kAlMiG2Kb7Fz
[2011/09/10 21:10:47 | 000,000,168 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~P1kAlMiG2Kb7Fzr
[2011/09/10 21:10:46 | 000,000,841 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\System Recovery.lnk
[2011/09/10 21:10:30 | 000,000,440 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\P1kAlMiG2Kb7Fz
[2011/09/09 02:02:35 | 000,026,357 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\PARA MOYUGBAR A LOS SANTOS.pdf
[2011/09/09 02:01:32 | 001,239,745 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\MANUAL DEL ORIARTE RELIGION LUCUMI.pdf
[2011/09/09 02:00:56 | 000,073,869 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\OYA SANTERIA CUBANA.pdf
[2011/09/09 02:00:18 | 000,087,147 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\CUANDO SHANGO LLEGO EMPEZO A CANTAR.pdf
[2011/09/09 01:57:13 | 000,054,717 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\ENSERES PARA LA CORONACION DE OGUN.pdf
[2011/09/09 01:56:51 | 000,308,123 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\ENSERES PARA INICIACION DE OSHUN.pdf
[2011/09/09 01:56:16 | 000,053,656 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\ENSERES NECESARIOS PARA LA CORONACION DE YEMANYA.pdf
[2011/09/09 01:55:51 | 000,308,126 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\ENSERES INICIACION OSHUN.pdf
[2011/09/09 01:55:15 | 000,220,229 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\Enseres Necesarios PARA LA INICIACION DE SHANGO.pdf
[2011/09/09 01:54:41 | 000,500,812 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\ENSERES OBATALA.pdf
[2011/09/09 01:01:04 | 008,484,660 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\Pomba Gira Reyna da praia.mp4
[2011/09/08 22:21:59 | 000,000,746 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\Windows Live Call.lnk
[2011/09/08 19:56:30 | 000,763,444 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\20110908172327759.pdf
[2011/09/06 14:28:26 | 000,128,454 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\Collins Av Release.pdf
[2011/09/06 14:25:09 | 000,127,140 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\3dPartyDisclosureAuthorization.pdf
[2011/09/05 18:18:27 | 000,467,942 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\SUSPENSION DE LICENCIA 002.jpg
[2011/08/27 16:21:46 | 004,156,094 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Desktop\DEBORA ROS LEASE.pdf
[2011/07/04 16:32:01 | 000,004,608 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/14 17:40:47 | 000,015,596 | -HS- | C] () -- C:\Documents and Settings\Miriam Nunez\Local Settings\Application Data\qw0j6rj2eh126b41tbg4561cs4qy0b8ai286q3u8rph5
[2011/05/14 17:40:47 | 000,015,596 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\qw0j6rj2eh126b41tbg4561cs4qy0b8ai286q3u8rph5
[2011/04/05 00:02:31 | 000,098,304 | -H-- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011/03/09 21:04:28 | 000,631,808 | -H-- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/03/09 21:04:28 | 000,243,200 | -H-- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011/01/25 23:17:52 | 000,218,456 | -H-- | C] () -- C:\WINDOWS\RM.exe
[2010/12/06 17:16:20 | 000,087,552 | -H-- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2010/08/22 19:07:58 | 000,000,600 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Application Data\winscp.rnd
[2010/08/12 12:46:10 | 000,058,468 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/04/09 17:02:37 | 000,000,024 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Application Data\MyPhrases.dta
[2009/08/03 15:07:42 | 000,403,816 | -H-- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | -H-- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/07/22 11:10:08 | 000,075,776 | -H-- | C] () -- C:\WINDOWS\cadkasdeinst01e.exe
[2008/11/26 09:24:54 | 001,590,555 | -HS- | C] () -- C:\WINDOWS\System32\ipiwomof.ini
[2008/11/25 09:20:04 | 001,601,271 | -HS- | C] () -- C:\WINDOWS\System32\edubezin.ini
[2008/11/24 09:12:45 | 001,583,637 | -HS- | C] () -- C:\WINDOWS\System32\olivebim.ini
[2008/11/22 23:06:25 | 001,583,621 | -HS- | C] () -- C:\WINDOWS\System32\oyirewof.ini
[2008/11/22 11:06:37 | 001,583,621 | -HS- | C] () -- C:\WINDOWS\System32\avagesiw.ini
[2008/11/21 09:50:09 | 001,581,272 | -HS- | C] () -- C:\WINDOWS\System32\etopitib.ini
[2008/11/20 21:50:01 | 001,576,077 | -HS- | C] () -- C:\WINDOWS\System32\onidimaf.ini
[2008/11/20 09:49:52 | 001,504,826 | -HS- | C] () -- C:\WINDOWS\System32\irahayaz.ini
[2008/11/19 21:49:36 | 001,496,331 | -HS- | C] () -- C:\WINDOWS\System32\ivuwojek.ini
[2008/11/19 09:49:53 | 001,477,511 | -HS- | C] () -- C:\WINDOWS\System32\ifuyihil.ini
[2008/11/17 18:43:58 | 000,000,028 | -H-- | C] () -- C:\WINDOWS\pdf995.ini
[2008/09/09 11:06:21 | 000,024,576 | -H-- | C] () -- C:\WINDOWS\SvcCon.exe
[2008/01/18 12:51:21 | 000,021,791 | -H-- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2008/01/18 12:51:20 | 000,001,037 | -H-- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2008/01/18 12:50:56 | 000,038,576 | -H-- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2008/01/18 12:50:55 | 000,010,225 | -H-- | C] () -- C:\WINDOWS\System32\axperf.ini
[2008/01/18 12:50:54 | 000,011,435 | -H-- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2007/12/25 14:38:27 | 000,000,096 | -H-- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2007/11/19 20:52:35 | 000,000,412 | -H-- | C] () -- C:\WINDOWS\MAXLINK.INI
[2007/10/10 10:56:18 | 000,011,776 | -H-- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2007/09/23 17:22:28 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2007/07/21 19:02:47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\nsreg.dat
[2007/07/16 14:33:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\Pro1099.INI
[2007/07/16 14:32:43 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\ProTrust.INI
[2007/07/16 14:30:40 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\ProForm.INI
[2007/07/11 15:54:42 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\pFwin.INI
[2007/07/11 15:54:04 | 000,000,092 | -H-- | C] () -- C:\WINDOWS\FORMSET.INI
[2007/07/11 15:53:06 | 000,000,105 | -H-- | C] () -- C:\WINDOWS\wpd99.drv
[2007/07/11 15:52:52 | 000,118,784 | -H-- | C] () -- C:\WINDOWS\System32\pdfmona.dll
[2007/07/11 15:52:52 | 000,051,716 | -H-- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2007/07/11 15:52:30 | 000,000,172 | -H-- | C] () -- C:\WINDOWS\SoftPro.ini
[2007/07/11 15:51:21 | 000,032,768 | -H-- | C] () -- C:\WINDOWS\System32\SpFuncsUtil.dll
[2007/07/11 15:51:10 | 000,000,790 | -H-- | C] () -- C:\WINDOWS\System32\Ssce.ini
[2007/07/11 15:46:46 | 000,413,696 | -H-- | C] () -- C:\WINDOWS\System32\PegasusImaging.Resources.ImagXpress8.dll
[2007/07/11 15:37:22 | 000,051,304 | -H-- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2007/05/13 20:48:41 | 000,003,564 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Application Data\wklnhst.dat
[2007/05/12 16:53:54 | 000,007,680 | -H-- | C] () -- C:\WINDOWS\System32\CNMVS71.DLL
[2007/05/11 14:25:37 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\tosOBEX.INI
[2007/05/11 14:21:04 | 000,000,136 | -H-- | C] () -- C:\Documents and Settings\Miriam Nunez\Local Settings\Application Data\fusioncache.dat
[2007/04/03 23:09:03 | 000,204,800 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/04/03 23:09:03 | 000,200,704 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/04/03 23:09:03 | 000,192,512 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/04/03 23:09:03 | 000,192,512 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/04/03 23:09:03 | 000,188,416 | -H-- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/04/03 23:09:03 | 000,020,480 | -H-- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/04/03 23:07:54 | 000,002,154 | -H-- | C] () -- C:\WINDOWS\System32\tmmute.ini
[2007/04/03 23:00:32 | 000,019,968 | -H-- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2007/04/03 22:59:27 | 000,000,074 | -H-- | C] () -- C:\WINDOWS\QUICKEN.INI
[2007/04/03 22:59:07 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\Pix11.dat
[2007/04/03 22:50:20 | 000,000,376 | -H-- | C] () -- C:\WINDOWS\ODBC.INI
[2007/04/03 22:43:59 | 000,520,192 | -H-- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Sony.dll
[2006/10/19 16:37:58 | 000,015,852 | -H-- | C] () -- C:\WINDOWS\System32\SETUP.INI
[2006/07/22 17:08:38 | 000,610,304 | -H-- | C] () -- C:\WINDOWS\System32\lpykrp.exe
[2006/07/22 16:51:38 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2006/07/22 16:32:31 | 000,000,059 | -H-- | C] () -- C:\WINDOWS\WININIT.INI
[2006/07/22 16:26:16 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\VAIOUpdt.INI
[2006/07/22 15:25:27 | 000,111,552 | -H-- | C] () -- C:\WINDOWS\setup.exe
[2006/07/22 15:21:32 | 000,000,031 | -H-- | C] () -- C:\WINDOWS\System32\elcric.dat
[2006/07/22 14:53:19 | 000,000,811 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2006/07/22 14:50:03 | 000,002,048 | -H-- | C] () -- C:\WINDOWS\bootstat.dat
[2006/07/22 14:45:12 | 000,021,640 | -H-- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/07/22 14:31:32 | 000,098,304 | -H-- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/07/22 14:31:22 | 000,000,760 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/07/22 14:31:17 | 000,755,200 | -H-- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2006/07/22 14:31:17 | 000,338,432 | -H-- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2006/07/22 14:31:17 | 000,200,192 | -H-- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2006/07/22 14:31:17 | 000,183,808 | -H-- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2006/07/22 14:31:17 | 000,120,320 | -H-- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2006/07/22 14:31:10 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/07/22 14:31:08 | 000,643,572 | -H-- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/07/22 14:31:08 | 000,272,128 | -H-- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/07/22 14:31:08 | 000,148,748 | -H-- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/07/22 14:31:08 | 000,028,626 | -H-- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/07/22 14:31:07 | 013,107,200 | -H-- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/07/22 14:31:07 | 000,004,569 | -H-- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/07/22 14:31:06 | 000,000,741 | -H-- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/07/22 14:31:04 | 000,673,088 | -H-- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/07/22 14:31:04 | 000,046,258 | -H-- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/07/22 14:30:59 | 000,218,003 | -H-- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/07/22 14:30:56 | 000,001,804 | -H-- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/07/22 07:38:18 | 000,004,161 | -H-- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/07/22 07:37:32 | 000,276,560 | -H-- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/01/24 10:33:16 | 000,221,184 | -H-- | C] () -- C:\WINDOWS\System32\ExpLoansFromGenesis.dll
[2005/12/21 16:57:36 | 000,139,264 | -H-- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll
[2005/12/21 16:57:04 | 000,024,576 | -H-- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll
[2005/12/21 16:54:34 | 000,040,960 | -H-- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll
[2005/11/01 21:53:38 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\px.ini
[2005/09/02 17:44:00 | 000,110,592 | -H-- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/23 00:30:00 | 000,065,536 | -H-- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2005/03/24 04:58:36 | 000,053,315 | -H-- | C] () -- C:\WINDOWS\System32\Sswiadrv.dll
[2005/02/01 21:39:32 | 000,081,920 | -H-- | C] () -- C:\WINDOWS\System32\WIAEH.dll
[2004/11/17 02:16:16 | 000,077,824 | -H-- | C] () -- C:\WINDOWS\System32\WIAIPH.dll
[2004/10/15 02:09:28 | 000,049,152 | -H-- | C] () -- C:\WINDOWS\System32\WIASTIIO.dll
[2004/07/20 20:04:00 | 000,094,208 | -H-- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 17:43:00 | 000,114,688 | -H-- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003/11/12 12:16:58 | 000,061,440 | -H-- | C] () -- C:\WINDOWS\System32\GNetParserX.dll
[2000/02/17 16:57:02 | 000,225,280 | -H-- | C] () -- C:\WINDOWS\System32\Gn32.dll
[1999/10/13 17:59:48 | 000,028,672 | -H-- | C] () -- C:\WINDOWS\System32\Gns2kzip.dll
========== LOP Check ==========
[2011/05/14 19:24:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/05/14 19:24:21 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2007/10/10 10:46:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/05/14 19:44:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2007/06/10 18:02:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
[2007/12/17 15:58:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Output
[2007/12/17 15:58:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\eFax Messenger 4.3 Setup
[2010/12/18 16:06:19 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\magicJack
[2011/05/14 19:44:10 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2007/05/12 19:46:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Napster
[2010/01/24 16:23:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2011/03/04 21:22:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\pdf995
[2007/11/19 20:52:29 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2008/01/20 10:50:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2010/08/22 19:07:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\W3i
[2010/08/15 19:16:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Walgreens
[2010/04/19 22:14:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\WD_SmartWareCommon
[2010/04/19 22:12:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Western Digital
[2011/06/17 19:57:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/08/20 18:41:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\Amazon
[2011/05/14 19:43:37 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\AVG10
[2011/04/04 23:22:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\CAD-KAS
[2008/03/23 12:53:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\Canon
[2011/09/09 08:16:06 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\Dropbox
[2007/05/14 16:19:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\eFax Messenger
[2007/05/17 12:39:39 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\Encompass
[2008/09/25 15:07:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\ePASS
[2011/04/05 00:05:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\facemoods.com
[2007/07/21 19:34:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\InterVideo
[2009/02/05 15:40:41 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\Juniper Networks
[2007/12/02 11:44:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\Leadertech
[2009/01/16 22:49:15 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\LimeWire
[2011/08/18 18:07:52 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\mjusbsp
[2007/12/23 20:55:56 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\NewSoft
[2008/11/17 18:43:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\pdf995
[2009/01/28 18:00:51 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\Photo! 3D Album
[2007/05/11 14:22:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\Protector Suite
[2007/11/19 20:52:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\ScanSoft
[2007/12/21 22:16:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\Snapfish
[2007/05/13 20:48:43 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\Template
[2010/04/08 16:32:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\TypingMaster7
[2010/07/24 18:37:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\Uniblue
[2009/02/10 18:34:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\VersionTracker Pro
[2010/08/15 19:23:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\W Photo Studio
[2010/08/15 19:23:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\W Photo Studio Viewer
[2010/08/15 19:16:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\Walgreens
[2009/07/17 11:38:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\webex
[2010/04/19 22:12:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\Western Digital
[2009/04/22 17:31:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\Windows Search
[2009/08/14 17:19:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Miriam Nunez\Application Data\WinPatrol
[2011/09/11 17:28:02 | 000,000,438 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{FC40E001-0D68-4346-9C53-D4918F78A902}.job
========== Purity Check ==========
< End of report >
Was not wether I should post extra.txt so I will wait.
Thanks in advance
-Jon
Edited by ehloco, 11 September 2011 - 09:23 PM.