Cannot Access the Internet With Any Browser

I cannot access the internet with any of my browsers from my desktop. I primarily use Google Chrome v.4, But I also have IE and FireFox. I called my ISP last night they tested the connection and everything was fine on their end. I also have a wireless laptop that I can use with no problem. My desktop shows that it is connected but when I open my browser I cannot load any websites. I ran my Anti-virus avast! and I also used Malwarebytes and SuperAntiSpyware they found some viruses and trojans, but after I cleaned up everything I still was not able to connect. I am running on XP OS. This is the result of my scan using HijackThis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:44:48 PM, on 28/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Margarita\Desktop\winlogon (1).scr

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {528C14CD-CF9E-489C-A365-5999F17B69B9} (LightSurfUploadCtl Class) - http://pictures.sprintpcs.com/activex/LightSurfUploadControl.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} (ZPA_SHVL Object) - http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {C487F60B-59B9-47D9-BFDF-AB26786F8823} - http://zone.msn.com/bingame/zpagames/zpa_stoo.cab62201.cab
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab57176.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/popcaploader_v10.cab
O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} (CUpdateCtl Object) - http://update.hpphoto.com/download/HPSWUpdate.ocx
O16 - DPF: {EF6E7E56-9229-4C73-AAD0-15316405DB95} (Easy Photo Uploader) - http://preview.mmasouris.photosite.com/~site/UploadBox/UploadBox_live.cab
O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} (CheckersZPA Object) - http://zone.msn.com/bingame/zpagames/CheckersZPA.cab55579.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - (no file)

Download OTL by OldTimer to your Desktop.

• Close all windows and double click OTL.exe
  
• Click Run Scan and let the program run uninterrupted
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.
  

OTL logfile created on: 29/01/2010 8:26:21 AM - Run 2

OTL by OldTimer - Version 3.1.27.0 Folder = C:\Documents and Settings\Margarita\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy



447.00 Mb Total Physical Memory | 47.00 Mb Available Physical Memory | 11.00% Memory free

1.00 Gb Paging File | 0.00 Gb Available in Paging File | 30.00% Paging File free

Paging file location(s): C:\pagefile.sys 672 1344 [binary data]



%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 149.04 Gb Total Space | 105.00 Gb Free Space | 70.45% Space Free | Partition Type: NTFS

Drive D: | 702.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded



Computer Name: MARGARITA

Current User Name: Margarita

Logged in as Administrator.



Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard



========== Processes (SafeList) ==========



PRC - [2010/01/29 08:10:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Margarita\Desktop\OTL.exe

PRC - [2010/01/07 16:07:10 | 00,236,368 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2010/01/05 07:56:02 | 02,002,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

PRC - [2009/11/24 15:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe

PRC - [2009/11/24 15:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe

PRC - [2009/11/24 15:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

PRC - [2009/11/24 15:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

PRC - [2009/11/24 15:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

PRC - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe

PRC - [2008/04/13 16:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/03/09 10:09:58 | 00,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe





========== Modules (SafeList) ==========



MOD - [2010/01/29 08:10:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Margarita\Desktop\OTL.exe

MOD - [2003/02/26 22:27:44 | 00,036,864 | ---- | M] (Stardock.Net, Inc) -- C:\WINDOWS\system32\wbsys.dll





========== Win32 Services (SafeList) ==========



SRV - File not found [Disabled | Stopped] -- -- (usnjsvc)

SRV - File not found [Auto | Stopped] -- -- (NVSvc)

SRV - File not found [Disabled | Stopped] -- -- (NMSAccess)

SRV - File not found [Disabled | Stopped] -- -- (En1207CI)

SRV - [2010/01/07 16:07:10 | 00,236,368 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2009/11/24 15:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)

SRV - [2009/11/24 15:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)

SRV - [2009/11/24 15:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)

SRV - [2009/11/24 15:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)

SRV - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)

SRV - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Disabled | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2009/09/28 08:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2009/08/28 18:42:54 | 00,144,672 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2009/07/08 12:31:36 | 00,313,840 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)

SRV - [2009/07/08 12:31:32 | 00,170,480 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)

SRV - [2009/07/08 12:31:12 | 01,108,464 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)

SRV - [2009/05/20 13:18:28 | 00,297,472 | ---- | M] (Amazon.com) [Disabled | Stopped] -- C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)

SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)

SRV - [2007/12/06 23:20:56 | 00,088,560 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe -- (Roxio UPnP Renderer 9)

SRV - [2007/12/06 23:20:52 | 00,362,992 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe -- (Roxio Upnp Server 9)

SRV - [2007/10/18 15:32:42 | 00,079,136 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)

SRV - [2007/05/15 14:55:46 | 01,550,896 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)

SRV - [2007/05/08 18:47:22 | 00,271,920 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)

SRV - [2007/04/13 20:09:56 | 00,792,112 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)

SRV - [2007/04/02 14:15:40 | 00,061,440 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)

SRV - [2007/03/14 16:03:40 | 00,975,400 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)

SRV - [2007/03/11 22:02:52 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)

SRV - [2007/03/11 21:24:50 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)

SRV - [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) [Disabled | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

SRV - [2006/11/08 16:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)

SRV - [2006/11/08 16:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)

SRV - [2005/08/07 20:54:00 | 00,167,936 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)

SRV - [2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)

SRV - [2003/01/16 09:02:00 | 00,045,056 | ---- | M] ( ) [Disabled | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService)

SRV - [1999/12/13 09:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access)





========== Driver Services (SafeList) ==========



DRV - [2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - [2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2010/01/05 07:56:06 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)

DRV - [2010/01/05 07:56:04 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2010/01/05 07:56:02 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2009/11/24 15:50:59 | 00,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2009/11/24 15:50:12 | 00,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)

DRV - [2009/11/24 15:50:00 | 00,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2009/11/24 15:49:07 | 00,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2009/11/24 15:48:57 | 00,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2009/11/24 15:47:54 | 00,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)

DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV - [2009/05/09 00:14:20 | 00,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)

DRV - [2009/01/09 16:18:02 | 00,027,136 | R--- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort)

DRV - [2008/05/20 19:33:50 | 00,022,784 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RimUsb.sys -- (RimUsb)

DRV - [2007/11/13 02:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)

DRV - [2007/08/01 21:47:26 | 00,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)

DRV - [2007/05/15 14:55:36 | 00,118,576 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)

DRV - [2007/05/15 14:55:36 | 00,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)

DRV - [2007/05/15 14:55:36 | 00,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)

DRV - [2007/05/01 03:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)

DRV - [2007/03/07 20:20:50 | 00,021,568 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)

DRV - [2007/03/07 20:20:49 | 00,016,496 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)

DRV - [2007/03/07 20:20:48 | 00,049,920 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)

DRV - [2007/02/08 05:45:00 | 00,029,184 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ActionReplayDS.sys -- (ActionReplayDS)

DRV - [2004/08/04 04:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)

DRV - [2004/08/04 04:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)

DRV - [2004/08/03 21:41:40 | 00,013,776 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\recagent.sys -- (RecAgent)

DRV - [2004/05/25 14:58:04 | 00,396,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)

DRV - [2004/05/25 14:58:02 | 00,048,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)

DRV - [2004/05/04 17:25:00 | 00,239,488 | R--- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (WUSB54GPV4SRV)

DRV - [2003/10/09 02:52:08 | 00,475,788 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)

DRV - [2003/10/06 12:16:00 | 01,550,043 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)

DRV - [2003/10/03 20:25:26 | 00,391,552 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)

DRV - [2003/08/15 17:22:16 | 00,072,771 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)

DRV - [2003/05/02 17:52:00 | 00,033,920 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sunkfilt.sys -- (SunkFilt)

DRV - [2003/03/19 13:51:00 | 00,018,688 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)

DRV - [2003/02/16 00:33:00 | 01,293,192 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)

DRV - [2003/02/15 23:12:00 | 00,085,520 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)

DRV - [2003/02/15 23:11:00 | 00,516,616 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)

DRV - [2003/02/15 23:08:00 | 00,210,128 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)

DRV - [2003/02/05 00:25:00 | 00,162,136 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)

DRV - [2003/01/16 08:19:00 | 00,039,348 | ---- | M] (Vireo Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)

DRV - [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)

DRV - [2001/08/17 12:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)





========== Standard Registry (SafeList) ==========





========== Internet Explorer ==========



IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank



IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



========== FireFox ==========



FF - prefs.js..browser.search.defaultenginename: "Yahoo"

FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="

FF - prefs.js..browser.search.selectedEngine: "Yahoo!"

FF - prefs.js..browser.startup.homepage: "http://myspace.com/"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0

FF - prefs.js..extensions.enabledItems: toolbar@shopathome.com:5.0.3.0

FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=ffds1&p="

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 7900

FF - prefs.js..network.proxy.no_proxies_on: "64.136.29.30,64.136.21.30,64.136.29.34,searchap.untd.com,127.0.0.1,localhost,*microsoft.com,*windowsupdate.com,*wustat.windows.com,*.pogo.com,*.worldwinner.com,*test-speed.com,liveupdate.symantecliveupdate.com,*symantec.com,*.nai.com,*.networkassociates.com,*photosite.com,*.dir.untd.com,*.prod.untd.com,localhost,127.0.0.1"





FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/21 00:43:41 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/19 07:04:58 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/21 00:43:41 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/19 07:04:58 | 00,000,000 | ---D | M]



[2009/09/04 14:55:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Margarita\Application Data\Mozilla\Extensions

[2009/09/04 14:55:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Margarita\Application Data\Mozilla\Extensions\mozswing@mozswing.org

[2010/01/22 20:50:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Margarita\Application Data\Mozilla\Firefox\Profiles\4td009hv.default\extensions

[2007/10/25 12:23:40 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Margarita\Application Data\Mozilla\Firefox\Profiles\4td009hv.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2010/01/15 12:02:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Margarita\Application Data\Mozilla\Firefox\Profiles\4td009hv.default\extensions\toolbar@shopathome.com

[2010/01/22 20:50:25 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2007/10/06 12:46:34 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org

[2007/06/05 15:00:13 | 00,024,576 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npgcplug.dll

[2007/05/02 11:51:48 | 00,065,536 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npkimi.dll

[2008/07/04 03:31:06 | 00,214,272 | ---- | M] (Midasplayer Ltd) -- C:\Program Files\Mozilla Firefox\plugins\npmidas.dll

[2005/04/27 12:10:49 | 00,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll

[2007/04/16 09:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

[2007/03/09 15:16:44 | 00,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll



O1 HOSTS File: ([2010/01/28 16:03:24 | 00,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4} - No CLSID value found.

O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 227

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideShutdownscripts = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonscripts = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffscripts = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonscriptSync = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupscriptSync = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupscripts = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonscripts = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffscripts = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupscripts = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonscriptSync = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupscriptSync = 0

O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)

O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O15 - HKCU\..Trusted Domains: //@mail.mar@ ([]msn in Local intranet)

O15 - HKCU\..Trusted Domains: //@signup.mar@ ([]msn in My Computer)

O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab (QuickTime Object)

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} http://housecall60.trendmicro.com/housecall/xscan60.cab (HouseCall Control)

O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab (StagingUI Object)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab (MSN Games – Buddy Invite)

O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab (MSN Photo Upload Tool)

O16 - DPF: {528C14CD-CF9E-489C-A365-5999F17B69B9} http://pictures.sprintpcs.com/activex/LightSurfUploadControl.cab (LightSurfUploadCtl Class)

O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://www.slide.com/uploader/SlideImageUploader.cab (Slide Image Uploader Control)

O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab (ZonePAChat Object)

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab (Groove Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab (ZPA_SHVL Object)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {C487F60B-59B9-47D9-BFDF-AB26786F8823} http://zone.msn.com/bingame/zpagames/zpa_stoo.cab62201.cab ()

O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03)

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)

O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09)

O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10)

O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)

O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)

O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)

O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} http://imikimi.com/download/imikimi_plugin.cab (Imikimi_activex_plugin Control)

O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/binframework/v10/StProxy.cab55579.cab (MSN Games – Game Communicator)

O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} http://messenger.zone.msn.com/binary/WoF.cab57176.cab (WheelofFortune Object)

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://zone.msn.com/bingame/popcaploader_v10.cab (Reg Error: Key error.)

O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} http://update.hpphoto.com/download/HPSWUpdate.ocx (CUpdateCtl Object)

O16 - DPF: {EF6E7E56-9229-4C73-AAD0-15316405DB95} http://preview.mmasouris.photosite.com/~site/UploadBox/UploadBox_live.cab (Easy Photo Uploader)

O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} http://zone.msn.com/bingame/zpagames/CheckersZPA.cab55579.cab (CheckersZPA Object)

O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found

O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/04/29 16:03:50 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{ad125689-c217-11dc-932c-0040ca6e68b9}\Shell - "" = AutoRun

O33 - MountPoints2\{ad125689-c217-11dc-932c-0040ca6e68b9}\Shell\AutoRun - "" = Auto&Play

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] -- "%1" %*

O35 - exefile [open] -- "%1" %*



========== Files/Folders - Created Within 30 Days ==========



[2010/01/29 08:23:06 | 00,548,864 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Margarita\Desktop\OTL.exe

[2010/01/28 16:39:05 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Margarita\Desktop\winlogon (1).scr

[2010/01/28 09:15:51 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Margarita\Recent

[2010/01/27 18:08:53 | 00,000,000 | -HSD | C] -- C:\RECYCLER

[2010/01/27 17:09:08 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2010/01/27 17:09:08 | 00,028,672 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2010/01/27 17:09:07 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2010/01/27 17:09:07 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2010/01/27 17:09:07 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe

[2010/01/27 17:06:52 | 00,000,000 | ---D | C] -- C:\Qoobox

[2010/01/27 17:06:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2010/01/27 07:28:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Margarita\Application Data\HPAppData

[2010/01/27 00:05:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

[2010/01/27 00:05:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Margarita\Application Data\SUPERAntiSpyware.com

[2010/01/27 00:05:06 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2010/01/26 23:37:33 | 00,000,000 | ---D | C] -- C:\Program Files\Marcos Velasco Security

[2010/01/26 23:36:52 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2010/01/26 23:35:15 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard

[2010/01/16 13:52:47 | 00,000,000 | ---D | C] -- C:\WEIRD_SCIENCE

[2010/01/16 13:49:54 | 00,000,000 | ---D | C] -- C:\Program Files\DVD Shrink

[2010/01/16 13:38:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Margarita\Application Data\AVS4YOU

[2010/01/16 13:38:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU

[2010/01/16 13:33:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia

[2010/01/16 13:33:32 | 00,000,000 | ---D | C] -- C:\Program Files\AVS4YOU

[2010/01/16 10:08:12 | 00,053,760 | ---- | C] (Tolunay Orkun) -- C:\Documents and Settings\Margarita\Desktop\DRTCP.exe

[2010/01/08 20:26:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Margarita\Application Data\Oberon Media

[2010/01/07 14:29:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games

[2010/01/07 14:21:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WildTangent

[2009/12/31 14:08:40 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2009/12/31 14:08:40 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2009/12/31 14:08:40 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2008/10/16 19:05:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Roxio

[2008/06/01 19:04:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\HP

[2007/08/21 19:04:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft

[2007/06/05 15:00:19 | 00,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

[2007/05/10 15:11:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft

[2007/05/10 15:11:43 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft

[2007/05/10 15:11:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google

[2007/05/10 15:11:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Google

[2007/03/29 17:01:14 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft

[2007/01/25 20:19:57 | 00,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys

[2006/08/24 19:37:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia

[2003/02/16 00:33:00 | 01,293,192 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys

[2003/02/15 23:12:00 | 00,085,520 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys

[2003/02/15 23:11:00 | 00,516,616 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys

[2003/02/15 23:08:00 | 00,210,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys

[2003/02/05 00:25:00 | 00,162,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Documents and Settings\Margarita\My Documents\*.tmp files -> C:\Documents and Settings\Margarita\My Documents\*.tmp -> ]



========== Files - Modified Within 30 Days ==========



[2010/01/29 08:10:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Margarita\Desktop\OTL.exe

[2010/01/28 20:25:52 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\Margarita\Desktop\iTunes.lnk

[2010/01/28 19:17:33 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/01/28 19:17:32 | 46,929,1008 | -HS- | M] () -- C:\hiberfil.sys

[2010/01/28 18:15:10 | 07,340,032 | ---- | M] () -- C:\Documents and Settings\Margarita\ntuser.dat

[2010/01/28 18:15:10 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Margarita\ntuser.ini

[2010/01/28 16:28:24 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Margarita\Desktop\winlogon (1).scr

[2010/01/28 16:03:24 | 00,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2010/01/28 10:13:04 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/01/28 10:12:48 | 00,000,697 | ---- | M] () -- C:\WINDOWS\win.ini

[2010/01/27 22:30:48 | 00,521,344 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010/01/27 22:30:48 | 00,441,432 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/01/27 22:30:48 | 00,071,176 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/01/27 19:05:28 | 00,000,516 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Margarita.job

[2010/01/27 17:15:48 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010/01/27 17:05:52 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Margarita\Desktop\CCleaner.lnk

[2010/01/27 00:05:16 | 00,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk

[2010/01/26 23:37:34 | 00,001,015 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MV RegClean 5.0 English.lnk

[2010/01/26 23:23:48 | 00,000,211 | -HS- | M] () -- C:\boot.ini

[2010/01/26 23:17:36 | 00,000,390 | ---- | M] () -- C:\WINDOWS\lgfwup.ini

[2010/01/26 23:03:15 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/01/26 22:27:10 | 00,000,915 | ---- | M] () -- C:\Documents and Settings\Margarita\My Documents\My Sharing Folders.lnk

[2010/01/26 21:55:06 | 06,373,442 | -H-- | M] () -- C:\Documents and Settings\Margarita\Local Settings\Application Data\IconCache.db

[2010/01/26 21:31:26 | 00,030,720 | ---- | M] () -- C:\Documents and Settings\Margarita\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/01/26 21:10:13 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2010/01/22 19:34:47 | 00,019,521 | ---- | M] () -- C:\WINDOWS\hpqins13.dat

[2010/01/22 19:31:34 | 00,000,118 | ---- | M] () -- C:\WINDOWS\WININIT.INI

[2010/01/22 19:30:30 | 00,001,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 3.5.lnk

[2010/01/22 19:25:49 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010/01/21 00:42:48 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\Margarita\My Documents\interview.doc

[2010/01/19 07:04:59 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk

[2010/01/16 13:49:55 | 00,000,670 | ---- | M] () -- C:\Documents and Settings\Margarita\Desktop\DVD Shrink 3.2.lnk

[2010/01/15 22:14:14 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2010/01/12 21:05:07 | 00,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1085031214-839522115-1004UA.job

[2010/01/12 20:46:08 | 29,942,838 | ---- | M] () -- C:\WINDOWS\wallpaper.bmp

[2010/01/12 20:38:16 | 00,001,578 | ---- | M] () -- C:\Documents and Settings\Margarita\Desktop\LimeWire 5.4.6.lnk

[2010/01/12 20:27:52 | 00,016,384 | ---- | M] (BitLeader) -- C:\WINDOWS\System32\lgfwunis.exe

[2010/01/12 19:57:22 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SolSuite.lnk

[2010/01/12 04:05:01 | 00,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1085031214-839522115-1004Core.job

[2010/01/11 00:37:50 | 00,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin

[2010/01/08 20:26:20 | 00,001,106 | ---- | M] () -- C:\Documents and Settings\Margarita\Desktop\Oberon Media Game Center.lnk

[2010/01/08 20:26:19 | 00,001,940 | ---- | M] () -- C:\Documents and Settings\Margarita\Desktop\Mystery Solitaire - Secret Island.lnk

[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/01/06 11:32:06 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010/01/03 17:16:59 | 00,053,584 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat

[2010/01/03 01:59:10 | 00,123,606 | ---- | M] () -- C:\Documents and Settings\Margarita\My Documents\DSC00098.jpg

[2010/01/03 01:23:10 | 05,798,317 | ---- | M] () -- C:\Documents and Settings\Margarita\My Documents\DSC00098.psd

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Documents and Settings\Margarita\My Documents\*.tmp files -> C:\Documents and Settings\Margarita\My Documents\*.tmp -> ]



========== Files Created - No Company Name ==========



[2010/01/28 15:57:50 | 46,929,1008 | -HS- | C] () -- C:\hiberfil.sys

[2010/01/27 21:24:11 | 00,089,756 | ---- | C] () -- C:\Documents and Settings\Margarita\Local Settings\Application Data\FASTWiz.log

[2010/01/27 17:09:08 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2010/01/27 17:09:08 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2010/01/27 17:09:08 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2010/01/27 17:09:07 | 00,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe

[2010/01/27 17:05:52 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Margarita\Desktop\CCleaner.lnk

[2010/01/27 00:05:16 | 00,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk

[2010/01/26 23:37:34 | 00,001,015 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MV RegClean 5.0 English.lnk

[2010/01/22 19:30:30 | 00,001,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 3.5.lnk

[2010/01/22 19:29:34 | 00,019,521 | ---- | C] () -- C:\WINDOWS\hpqins13.dat

[2010/01/22 19:29:34 | 00,000,695 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log

[2010/01/21 00:42:46 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\interview.doc

[2010/01/19 07:04:59 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk

[2010/01/16 13:49:55 | 00,000,670 | ---- | C] () -- C:\Documents and Settings\Margarita\Desktop\DVD Shrink 3.2.lnk

[2010/01/15 22:14:14 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2010/01/12 20:46:08 | 29,942,838 | ---- | C] () -- C:\WINDOWS\wallpaper.bmp

[2010/01/12 20:38:16 | 00,001,578 | ---- | C] () -- C:\Documents and Settings\Margarita\Desktop\LimeWire 5.4.6.lnk

[2010/01/11 00:35:42 | 00,000,967 | ---- | C] () -- C:\Documents and Settings\Margarita\Application Data\BBMS_EXCEPTION.txt

[2010/01/08 20:26:20 | 00,001,106 | ---- | C] () -- C:\Documents and Settings\Margarita\Desktop\Oberon Media Game Center.lnk

[2010/01/08 20:26:19 | 00,001,940 | ---- | C] () -- C:\Documents and Settings\Margarita\Desktop\Mystery Solitaire - Secret Island.lnk

[2010/01/03 01:59:10 | 00,123,606 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00098.jpg

[2010/01/03 00:26:44 | 00,772,229 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00099.JPG

[2010/01/03 00:26:44 | 00,502,864 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00100.JPG

[2010/01/03 00:26:43 | 05,798,317 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00098.psd

[2010/01/03 00:26:43 | 00,878,577 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00097.JPG

[2010/01/03 00:26:43 | 00,762,526 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00030.JPG

[2010/01/03 00:26:43 | 00,497,421 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00081.JPG

[2010/01/03 00:26:43 | 00,478,928 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\bnv khfvk

[2010/01/03 00:26:43 | 00,474,816 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00092.JPG

[2010/01/03 00:26:43 | 00,455,156 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00095.JPG

[2009/10/14 09:50:15 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\FoxImager.dll

[2009/09/10 10:22:40 | 00,000,118 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2009/02/16 20:20:19 | 00,000,075 | ---- | C] () -- C:\WINDOWS\iPlayer.INI

[2009/02/12 20:49:09 | 00,000,075 | ---- | C] () -- C:\WINDOWS\TaxACT08.ini

[2008/10/12 21:58:44 | 00,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini

[2008/07/29 18:00:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\AudioDVD.INI

[2008/05/22 20:12:37 | 00,000,000 | ---- | C] () -- C:\Program Files\temp01

[2008/01/31 18:19:39 | 00,000,056 | ---- | C] () -- C:\WINDOWS\TaxACT07.ini

[2007/12/07 14:39:20 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2007/10/31 19:28:24 | 00,000,390 | ---- | C] () -- C:\WINDOWS\lgfwup.ini

[2007/09/24 17:22:59 | 00,000,008 | ---- | C] () -- C:\Documents and Settings\Margarita\Local Settings\Application Data\.mpid

[2007/07/18 18:13:03 | 00,000,183 | ---- | C] () -- C:\WINDOWS\CDPlayer.ini

[2007/06/07 20:15:29 | 00,000,022 | ---- | C] () -- C:\WINDOWS\iexplore.ini

[2007/04/11 17:37:07 | 00,000,082 | ---- | C] () -- C:\WINDOWS\Madding.INI

[2007/01/25 20:19:57 | 00,151,552 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll

[2007/01/25 20:19:56 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll

[2007/01/22 09:32:44 | 00,081,920 | ---- | C] () -- C:\WINDOWS\xmltok.dll

[2007/01/22 09:32:44 | 00,053,248 | ---- | C] () -- C:\WINDOWS\xmlparse.dll

[2007/01/17 23:04:11 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll

[2007/01/14 23:22:53 | 00,030,720 | ---- | C] () -- C:\Documents and Settings\Margarita\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006/11/29 18:38:24 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini

[2006/11/13 16:35:48 | 00,003,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2006/10/08 18:43:04 | 00,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini

[2006/10/08 18:29:42 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini

[2006/06/21 22:38:39 | 00,000,132 | ---- | C] () -- C:\Documents and Settings\Margarita\Local Settings\Application Data\fusioncache.dat

[2006/05/26 16:59:01 | 00,000,022 | ---- | C] () -- C:\WINDOWS\lotus.ini

[2006/05/08 18:20:13 | 00,000,585 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2005/05/03 11:44:44 | 00,025,157 | ---- | C] () -- C:\WINDOWS\RMAgentOutput.dll

[2005/05/03 11:43:44 | 00,126,976 | ---- | C] () -- C:\WINDOWS\dllTSCLIBMT.dll

[2005/03/03 16:16:42 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini

[2004/10/01 17:33:46 | 00,000,679 | ---- | C] () -- C:\WINDOWS\TSC.ini

[2004/08/04 04:00:00 | 01,288,192 | ---- | C] () -- C:\WINDOWS\System32\quartz(2).dll

[2003/10/06 12:16:00 | 00,225,280 | ---- | C] () -- C:\WINDOWS\System32\nvwrsda.dll

[2003/10/06 12:16:00 | 00,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll

[2003/01/21 12:08:36 | 00,147,515 | ---- | C] () -- C:\WINDOWS\System32\playsound.dll

[2003/01/16 09:10:00 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll

[2003/01/16 09:09:00 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll

[2003/01/16 09:01:00 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll

[2002/08/22 17:12:00 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\USBRESET.DLL

[2002/07/04 15:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini

[2001/12/14 13:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll

[1999/07/23 12:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini

[1999/07/23 09:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll



========== Alternate Data Streams ==========



@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0AC32449

@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E1D6C864

@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:08677BDD

@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:090FB735

@Alternate Data Stream - 190 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC36F550

@Alternate Data Stream - 183 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2CFBE2D1

@Alternate Data Stream - 181 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:793F316E

@Alternate Data Stream - 179 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4BB26BE9

@Alternate Data Stream - 175 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:94213A87

@Alternate Data Stream - 173 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B85C37B

@Alternate Data Stream - 171 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C841C093

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AC6124CA

@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1F9C3D08

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:813B8EB6

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:815D61C4

@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C46995DA

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:131C0EE9

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:067BF339

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38020A20

@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9E3E060F

@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8591AF9

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CBAC4FD8

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89C6F032

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0E4DF3FE

@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B203B914

@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2FC7B9E4

< End of report >

I cannot find the second log Extras.txt. The Document that was saved to my computer is the same name as the first log OTL.txt..I posted this here, I am not sure if it's the same or not?

OTL logfile created on: 29/01/2010 8:26:21 AM - Run 2

OTL by OldTimer - Version 3.1.27.0 Folder = C:\Documents and Settings\Margarita\Desktop

Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: dd/MM/yyyy



447.00 Mb Total Physical Memory | 47.00 Mb Available Physical Memory | 11.00% Memory free

1.00 Gb Paging File | 0.00 Gb Available in Paging File | 30.00% Paging File free

Paging file location(s): C:\pagefile.sys 672 1344 [binary data]



%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 149.04 Gb Total Space | 105.00 Gb Free Space | 70.45% Space Free | Partition Type: NTFS

Drive D: | 702.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded



Computer Name: MARGARITA

Current User Name: Margarita

Logged in as Administrator.



Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard



========== Processes (SafeList) ==========



PRC - [2010/01/29 08:10:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Margarita\Desktop\OTL.exe

PRC - [2010/01/07 16:07:10 | 00,236,368 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2010/01/05 07:56:02 | 02,002,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

PRC - [2009/11/24 15:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe

PRC - [2009/11/24 15:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe

PRC - [2009/11/24 15:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

PRC - [2009/11/24 15:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

PRC - [2009/11/24 15:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

PRC - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe

PRC - [2008/04/13 16:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2007/03/09 10:09:58 | 00,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe





========== Modules (SafeList) ==========



MOD - [2010/01/29 08:10:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Margarita\Desktop\OTL.exe

MOD - [2003/02/26 22:27:44 | 00,036,864 | ---- | M] (Stardock.Net, Inc) -- C:\WINDOWS\system32\wbsys.dll





========== Win32 Services (SafeList) ==========



SRV - File not found [Disabled | Stopped] -- -- (usnjsvc)

SRV - File not found [Auto | Stopped] -- -- (NVSvc)

SRV - File not found [Disabled | Stopped] -- -- (NMSAccess)

SRV - File not found [Disabled | Stopped] -- -- (En1207CI)

SRV - [2010/01/07 16:07:10 | 00,236,368 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2009/11/24 15:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)

SRV - [2009/11/24 15:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)

SRV - [2009/11/24 15:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)

SRV - [2009/11/24 15:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)

SRV - [2009/11/12 16:33:00 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)

SRV - [2009/10/11 04:17:35 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) [Disabled | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)

SRV - [2009/09/28 08:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2009/08/28 18:42:54 | 00,144,672 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)

SRV - [2009/07/08 12:31:36 | 00,313,840 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)

SRV - [2009/07/08 12:31:32 | 00,170,480 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)

SRV - [2009/07/08 12:31:12 | 01,108,464 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)

SRV - [2009/05/20 13:18:28 | 00,297,472 | ---- | M] (Amazon.com) [Disabled | Stopped] -- C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)

SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)

SRV - [2007/12/06 23:20:56 | 00,088,560 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe -- (Roxio UPnP Renderer 9)

SRV - [2007/12/06 23:20:52 | 00,362,992 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe -- (Roxio Upnp Server 9)

SRV - [2007/10/18 15:32:42 | 00,079,136 | ---- | M] (Hewlett-Packard Company) [Disabled | Stopped] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)

SRV - [2007/05/15 14:55:46 | 01,550,896 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)

SRV - [2007/05/08 18:47:22 | 00,271,920 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)

SRV - [2007/04/13 20:09:56 | 00,792,112 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService)

SRV - [2007/04/02 14:15:40 | 00,061,440 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)

SRV - [2007/03/14 16:03:40 | 00,975,400 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)

SRV - [2007/03/11 22:02:52 | 00,131,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)

SRV - [2007/03/11 21:24:50 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)

SRV - [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) [Disabled | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

SRV - [2006/11/08 16:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.dll -- (Pml Driver HPZ12)

SRV - [2006/11/08 16:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\system32\HPZinw12.dll -- (Net Driver HPZ12)

SRV - [2005/08/07 20:54:00 | 00,167,936 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)

SRV - [2004/10/22 02:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)

SRV - [2003/01/16 09:02:00 | 00,045,056 | ---- | M] ( ) [Disabled | Stopped] -- C:\WINDOWS\System32\slserv.exe -- (SLService)

SRV - [1999/12/13 09:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access)





========== Driver Services (SafeList) ==========



DRV - [2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - [2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2010/01/05 07:56:06 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Running] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)

DRV - [2010/01/05 07:56:04 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2010/01/05 07:56:02 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2009/11/24 15:50:59 | 00,094,160 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2009/11/24 15:50:12 | 00,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)

DRV - [2009/11/24 15:50:00 | 00,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2009/11/24 15:49:07 | 00,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2009/11/24 15:48:57 | 00,023,120 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2009/11/24 15:47:54 | 00,027,408 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbaapl.sys -- (USBAAPL)

DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV - [2009/05/09 00:14:20 | 00,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)

DRV - [2009/01/09 16:18:02 | 00,027,136 | R--- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RimSerial.sys -- (RimVSerPort)

DRV - [2008/05/20 19:33:50 | 00,022,784 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RimUsb.sys -- (RimUsb)

DRV - [2007/11/13 02:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)

DRV - [2007/08/01 21:47:26 | 00,102,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)

DRV - [2007/05/15 14:55:36 | 00,118,576 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)

DRV - [2007/05/15 14:55:36 | 00,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)

DRV - [2007/05/15 14:55:36 | 00,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)

DRV - [2007/05/01 03:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)

DRV - [2007/03/07 20:20:50 | 00,021,568 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12)

DRV - [2007/03/07 20:20:49 | 00,016,496 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12)

DRV - [2007/03/07 20:20:48 | 00,049,920 | R--- | M] (HP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412)

DRV - [2007/02/08 05:45:00 | 00,029,184 | R--- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ActionReplayDS.sys -- (ActionReplayDS)

DRV - [2004/08/04 04:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)

DRV - [2004/08/04 04:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)

DRV - [2004/08/03 21:41:40 | 00,013,776 | ---- | M] (Smart Link) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\recagent.sys -- (RecAgent)

DRV - [2004/05/25 14:58:04 | 00,396,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)

DRV - [2004/05/25 14:58:02 | 00,048,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)

DRV - [2004/05/04 17:25:00 | 00,239,488 | R--- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (WUSB54GPV4SRV)

DRV - [2003/10/09 02:52:08 | 00,475,788 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)

DRV - [2003/10/06 12:16:00 | 01,550,043 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)

DRV - [2003/10/03 20:25:26 | 00,391,552 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)

DRV - [2003/08/15 17:22:16 | 00,072,771 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)

DRV - [2003/05/02 17:52:00 | 00,033,920 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sunkfilt.sys -- (SunkFilt)

DRV - [2003/03/19 13:51:00 | 00,018,688 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nv_agp.sys -- (nv_agp)

DRV - [2003/02/16 00:33:00 | 01,293,192 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)

DRV - [2003/02/15 23:12:00 | 00,085,520 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)

DRV - [2003/02/15 23:11:00 | 00,516,616 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)

DRV - [2003/02/15 23:08:00 | 00,210,128 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)

DRV - [2003/02/05 00:25:00 | 00,162,136 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)

DRV - [2003/01/16 08:19:00 | 00,039,348 | ---- | M] (Vireo Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)

DRV - [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)

DRV - [2001/08/17 12:57:38 | 00,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)





========== Standard Registry (SafeList) ==========





========== Internet Explorer ==========



IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank



IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



========== FireFox ==========



FF - prefs.js..browser.search.defaultenginename: "Yahoo"

FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=ffsp1&p="

FF - prefs.js..browser.search.selectedEngine: "Yahoo!"

FF - prefs.js..browser.startup.homepage: "http://myspace.com/"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0

FF - prefs.js..extensions.enabledItems: toolbar@shopathome.com:5.0.3.0

FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=ffds1&p="

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 7900

FF - prefs.js..network.proxy.no_proxies_on: "64.136.29.30,64.136.21.30,64.136.29.34,searchap.untd.com,127.0.0.1,localhost,*microsoft.com,*windowsupdate.com,*wustat.windows.com,*.pogo.com,*.worldwinner.com,*test-speed.com,liveupdate.symantecliveupdate.com,*symantec.com,*.nai.com,*.networkassociates.com,*photosite.com,*.dir.untd.com,*.prod.untd.com,localhost,127.0.0.1"





FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/21 00:43:41 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/19 07:04:58 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/21 00:43:41 | 00,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/19 07:04:58 | 00,000,000 | ---D | M]



[2009/09/04 14:55:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Margarita\Application Data\Mozilla\Extensions

[2009/09/04 14:55:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Margarita\Application Data\Mozilla\Extensions\mozswing@mozswing.org

[2010/01/22 20:50:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Margarita\Application Data\Mozilla\Firefox\Profiles\4td009hv.default\extensions

[2007/10/25 12:23:40 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Margarita\Application Data\Mozilla\Firefox\Profiles\4td009hv.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2010/01/15 12:02:31 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Margarita\Application Data\Mozilla\Firefox\Profiles\4td009hv.default\extensions\toolbar@shopathome.com

[2010/01/22 20:50:25 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

[2007/10/06 12:46:34 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla(2).org

[2007/06/05 15:00:13 | 00,024,576 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npgcplug.dll

[2007/05/02 11:51:48 | 00,065,536 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npkimi.dll

[2008/07/04 03:31:06 | 00,214,272 | ---- | M] (Midasplayer Ltd) -- C:\Program Files\Mozilla Firefox\plugins\npmidas.dll

[2005/04/27 12:10:49 | 00,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\Mozilla Firefox\plugins\npracplug.dll

[2007/04/16 09:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

[2007/03/09 15:16:44 | 00,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll



O1 HOSTS File: ([2010/01/28 16:03:24 | 00,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4} - No CLSID value found.

O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 227

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideShutdownscripts = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonscripts = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffscripts = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonscriptSync = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupscriptSync = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupscripts = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonscripts = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffscripts = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupscripts = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonscriptSync = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupscriptSync = 0

O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)

O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)

O15 - HKCU\..Trusted Domains: //@mail.mar@ ([]msn in Local intranet)

O15 - HKCU\..Trusted Domains: //@signup.mar@ ([]msn in My Computer)

O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/templates/ieawsdc.cab (Microsoft Office Template and Media Control)

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab (QuickTime Object)

O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} http://housecall60.trendmicro.com/housecall/xscan60.cab (HouseCall Control)

O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab (StagingUI Object)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)

O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab (Trend Micro ActiveX Scan Agent 6.6)

O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab (MSN Games – Buddy Invite)

O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab (Reg Error: Key error.)

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab (MSN Photo Upload Tool)

O16 - DPF: {528C14CD-CF9E-489C-A365-5999F17B69B9} http://pictures.sprintpcs.com/activex/LightSurfUploadControl.cab (LightSurfUploadCtl Class)

O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://www.slide.com/uploader/SlideImageUploader.cab (Slide Image Uploader Control)

O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab (ZonePAChat Object)

O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab (Groove Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab (ZPA_SHVL Object)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)

O16 - DPF: {C487F60B-59B9-47D9-BFDF-AB26786F8823} http://zone.msn.com/bingame/zpagames/zpa_stoo.cab62201.cab ()

O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03)

O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)

O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09)

O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10)

O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)

O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)

O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)

O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)

O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)

O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} http://imikimi.com/download/imikimi_plugin.cab (Imikimi_activex_plugin Control)

O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/binframework/v10/StProxy.cab55579.cab (MSN Games – Game Communicator)

O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} http://messenger.zone.msn.com/binary/WoF.cab57176.cab (WheelofFortune Object)

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://zone.msn.com/bingame/popcaploader_v10.cab (Reg Error: Key error.)

O16 - DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} http://update.hpphoto.com/download/HPSWUpdate.ocx (CUpdateCtl Object)

O16 - DPF: {EF6E7E56-9229-4C73-AAD0-15316405DB95} http://preview.mmasouris.photosite.com/~site/UploadBox/UploadBox_live.cab (Easy Photo Uploader)

O16 - DPF: {FF3C5A9F-5A91-4930-80E8-4709194C2AD3} http://zone.msn.com/bingame/zpagames/CheckersZPA.cab55579.cab (CheckersZPA Object)

O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)

O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found

O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/04/29 16:03:50 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{ad125689-c217-11dc-932c-0040ca6e68b9}\Shell - "" = AutoRun

O33 - MountPoints2\{ad125689-c217-11dc-932c-0040ca6e68b9}\Shell\AutoRun - "" = Auto&Play

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] -- "%1" %*

O35 - exefile [open] -- "%1" %*



========== Files/Folders - Created Within 30 Days ==========



[2010/01/29 08:23:06 | 00,548,864 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Margarita\Desktop\OTL.exe

[2010/01/28 16:39:05 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Margarita\Desktop\winlogon (1).scr

[2010/01/28 09:15:51 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Margarita\Recent

[2010/01/27 18:08:53 | 00,000,000 | -HSD | C] -- C:\RECYCLER

[2010/01/27 17:09:08 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2010/01/27 17:09:08 | 00,028,672 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2010/01/27 17:09:07 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2010/01/27 17:09:07 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2010/01/27 17:09:07 | 00,089,504 | ---- | C] (Smallfrogs Studio) -- C:\WINDOWS\fdsv.exe

[2010/01/27 17:06:52 | 00,000,000 | ---D | C] -- C:\Qoobox

[2010/01/27 17:06:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2010/01/27 07:28:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Margarita\Application Data\HPAppData

[2010/01/27 00:05:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

[2010/01/27 00:05:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Margarita\Application Data\SUPERAntiSpyware.com

[2010/01/27 00:05:06 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2010/01/26 23:37:33 | 00,000,000 | ---D | C] -- C:\Program Files\Marcos Velasco Security

[2010/01/26 23:36:52 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2010/01/26 23:35:15 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard

[2010/01/16 13:52:47 | 00,000,000 | ---D | C] -- C:\WEIRD_SCIENCE

[2010/01/16 13:49:54 | 00,000,000 | ---D | C] -- C:\Program Files\DVD Shrink

[2010/01/16 13:38:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Margarita\Application Data\AVS4YOU

[2010/01/16 13:38:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU

[2010/01/16 13:33:33 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia

[2010/01/16 13:33:32 | 00,000,000 | ---D | C] -- C:\Program Files\AVS4YOU

[2010/01/16 10:08:12 | 00,053,760 | ---- | C] (Tolunay Orkun) -- C:\Documents and Settings\Margarita\Desktop\DRTCP.exe

[2010/01/08 20:26:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Margarita\Application Data\Oberon Media

[2010/01/07 14:29:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SpinTop Games

[2010/01/07 14:21:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WildTangent

[2009/12/31 14:08:40 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2009/12/31 14:08:40 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2009/12/31 14:08:40 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2008/10/16 19:05:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Roxio

[2008/06/01 19:04:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\HP

[2007/08/21 19:04:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft

[2007/06/05 15:00:19 | 00,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

[2007/05/10 15:11:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft

[2007/05/10 15:11:43 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft

[2007/05/10 15:11:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google

[2007/05/10 15:11:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Google

[2007/03/29 17:01:14 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft

[2007/01/25 20:19:57 | 00,014,976 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\winddx.sys

[2006/08/24 19:37:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia

[2003/02/16 00:33:00 | 01,293,192 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys

[2003/02/15 23:12:00 | 00,085,520 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys

[2003/02/15 23:11:00 | 00,516,616 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys

[2003/02/15 23:08:00 | 00,210,128 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys

[2003/02/05 00:25:00 | 00,162,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Documents and Settings\Margarita\My Documents\*.tmp files -> C:\Documents and Settings\Margarita\My Documents\*.tmp -> ]



========== Files - Modified Within 30 Days ==========



[2010/01/29 08:10:37 | 00,548,864 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Margarita\Desktop\OTL.exe

[2010/01/28 20:25:52 | 00,002,137 | ---- | M] () -- C:\Documents and Settings\Margarita\Desktop\iTunes.lnk

[2010/01/28 19:17:33 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/01/28 19:17:32 | 46,929,1008 | -HS- | M] () -- C:\hiberfil.sys

[2010/01/28 18:15:10 | 07,340,032 | ---- | M] () -- C:\Documents and Settings\Margarita\ntuser.dat

[2010/01/28 18:15:10 | 00,000,278 | -HS- | M] () -- C:\Documents and Settings\Margarita\ntuser.ini

[2010/01/28 16:28:24 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Margarita\Desktop\winlogon (1).scr

[2010/01/28 16:03:24 | 00,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

[2010/01/28 10:13:04 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/01/28 10:12:48 | 00,000,697 | ---- | M] () -- C:\WINDOWS\win.ini

[2010/01/27 22:30:48 | 00,521,344 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI

[2010/01/27 22:30:48 | 00,441,432 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/01/27 22:30:48 | 00,071,176 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/01/27 19:05:28 | 00,000,516 | ---- | M] () -- C:\WINDOWS\tasks\Malwarebytes' Scheduled Update for Margarita.job

[2010/01/27 17:15:48 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2010/01/27 17:05:52 | 00,001,548 | ---- | M] () -- C:\Documents and Settings\Margarita\Desktop\CCleaner.lnk

[2010/01/27 00:05:16 | 00,000,780 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk

[2010/01/26 23:37:34 | 00,001,015 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MV RegClean 5.0 English.lnk

[2010/01/26 23:23:48 | 00,000,211 | -HS- | M] () -- C:\boot.ini

[2010/01/26 23:17:36 | 00,000,390 | ---- | M] () -- C:\WINDOWS\lgfwup.ini

[2010/01/26 23:03:15 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010/01/26 22:27:10 | 00,000,915 | ---- | M] () -- C:\Documents and Settings\Margarita\My Documents\My Sharing Folders.lnk

[2010/01/26 21:55:06 | 06,373,442 | -H-- | M] () -- C:\Documents and Settings\Margarita\Local Settings\Application Data\IconCache.db

[2010/01/26 21:31:26 | 00,030,720 | ---- | M] () -- C:\Documents and Settings\Margarita\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/01/26 21:10:13 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2010/01/22 19:34:47 | 00,019,521 | ---- | M] () -- C:\WINDOWS\hpqins13.dat

[2010/01/22 19:31:34 | 00,000,118 | ---- | M] () -- C:\WINDOWS\WININIT.INI

[2010/01/22 19:30:30 | 00,001,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 3.5.lnk

[2010/01/22 19:25:49 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010/01/21 00:42:48 | 00,024,064 | ---- | M] () -- C:\Documents and Settings\Margarita\My Documents\interview.doc

[2010/01/19 07:04:59 | 00,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk

[2010/01/16 13:49:55 | 00,000,670 | ---- | M] () -- C:\Documents and Settings\Margarita\Desktop\DVD Shrink 3.2.lnk

[2010/01/15 22:14:14 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2010/01/12 21:05:07 | 00,000,994 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1085031214-839522115-1004UA.job

[2010/01/12 20:46:08 | 29,942,838 | ---- | M] () -- C:\WINDOWS\wallpaper.bmp

[2010/01/12 20:38:16 | 00,001,578 | ---- | M] () -- C:\Documents and Settings\Margarita\Desktop\LimeWire 5.4.6.lnk

[2010/01/12 20:27:52 | 00,016,384 | ---- | M] (BitLeader) -- C:\WINDOWS\System32\lgfwunis.exe

[2010/01/12 19:57:22 | 00,000,630 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SolSuite.lnk

[2010/01/12 04:05:01 | 00,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1085031214-839522115-1004Core.job

[2010/01/11 00:37:50 | 00,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin

[2010/01/08 20:26:20 | 00,001,106 | ---- | M] () -- C:\Documents and Settings\Margarita\Desktop\Oberon Media Game Center.lnk

[2010/01/08 20:26:19 | 00,001,940 | ---- | M] () -- C:\Documents and Settings\Margarita\Desktop\Mystery Solitaire - Secret Island.lnk

[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/01/06 11:32:06 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010/01/03 17:16:59 | 00,053,584 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat

[2010/01/03 01:59:10 | 00,123,606 | ---- | M] () -- C:\Documents and Settings\Margarita\My Documents\DSC00098.jpg

[2010/01/03 01:23:10 | 05,798,317 | ---- | M] () -- C:\Documents and Settings\Margarita\My Documents\DSC00098.psd

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[1 C:\Documents and Settings\Margarita\My Documents\*.tmp files -> C:\Documents and Settings\Margarita\My Documents\*.tmp -> ]



========== Files Created - No Company Name ==========



[2010/01/28 15:57:50 | 46,929,1008 | -HS- | C] () -- C:\hiberfil.sys

[2010/01/27 21:24:11 | 00,089,756 | ---- | C] () -- C:\Documents and Settings\Margarita\Local Settings\Application Data\FASTWiz.log

[2010/01/27 17:09:08 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2010/01/27 17:09:08 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2010/01/27 17:09:08 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2010/01/27 17:09:07 | 00,049,152 | ---- | C] () -- C:\WINDOWS\VFIND.exe

[2010/01/27 17:05:52 | 00,001,548 | ---- | C] () -- C:\Documents and Settings\Margarita\Desktop\CCleaner.lnk

[2010/01/27 00:05:16 | 00,000,780 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk

[2010/01/26 23:37:34 | 00,001,015 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MV RegClean 5.0 English.lnk

[2010/01/22 19:30:30 | 00,001,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\HP Photosmart Essential 3.5.lnk

[2010/01/22 19:29:34 | 00,019,521 | ---- | C] () -- C:\WINDOWS\hpqins13.dat

[2010/01/22 19:29:34 | 00,000,695 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log

[2010/01/21 00:42:46 | 00,024,064 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\interview.doc

[2010/01/19 07:04:59 | 00,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk

[2010/01/16 13:49:55 | 00,000,670 | ---- | C] () -- C:\Documents and Settings\Margarita\Desktop\DVD Shrink 3.2.lnk

[2010/01/15 22:14:14 | 00,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

[2010/01/12 20:46:08 | 29,942,838 | ---- | C] () -- C:\WINDOWS\wallpaper.bmp

[2010/01/12 20:38:16 | 00,001,578 | ---- | C] () -- C:\Documents and Settings\Margarita\Desktop\LimeWire 5.4.6.lnk

[2010/01/11 00:35:42 | 00,000,967 | ---- | C] () -- C:\Documents and Settings\Margarita\Application Data\BBMS_EXCEPTION.txt

[2010/01/08 20:26:20 | 00,001,106 | ---- | C] () -- C:\Documents and Settings\Margarita\Desktop\Oberon Media Game Center.lnk

[2010/01/08 20:26:19 | 00,001,940 | ---- | C] () -- C:\Documents and Settings\Margarita\Desktop\Mystery Solitaire - Secret Island.lnk

[2010/01/03 01:59:10 | 00,123,606 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00098.jpg

[2010/01/03 00:26:44 | 00,772,229 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00099.JPG

[2010/01/03 00:26:44 | 00,502,864 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00100.JPG

[2010/01/03 00:26:43 | 05,798,317 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00098.psd

[2010/01/03 00:26:43 | 00,878,577 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00097.JPG

[2010/01/03 00:26:43 | 00,762,526 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00030.JPG

[2010/01/03 00:26:43 | 00,497,421 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00081.JPG

[2010/01/03 00:26:43 | 00,478,928 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\bnv khfvk

[2010/01/03 00:26:43 | 00,474,816 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00092.JPG

[2010/01/03 00:26:43 | 00,455,156 | ---- | C] () -- C:\Documents and Settings\Margarita\My Documents\DSC00095.JPG

[2009/10/14 09:50:15 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\FoxImager.dll

[2009/09/10 10:22:40 | 00,000,118 | ---- | C] () -- C:\WINDOWS\WININIT.INI

[2009/02/16 20:20:19 | 00,000,075 | ---- | C] () -- C:\WINDOWS\iPlayer.INI

[2009/02/12 20:49:09 | 00,000,075 | ---- | C] () -- C:\WINDOWS\TaxACT08.ini

[2008/10/12 21:58:44 | 00,000,021 | ---- | C] () -- C:\WINDOWS\atid.ini

[2008/07/29 18:00:09 | 00,000,000 | ---- | C] () -- C:\WINDOWS\AudioDVD.INI

[2008/05/22 20:12:37 | 00,000,000 | ---- | C] () -- C:\Program Files\temp01

[2008/01/31 18:19:39 | 00,000,056 | ---- | C] () -- C:\WINDOWS\TaxACT07.ini

[2007/12/07 14:39:20 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2007/10/31 19:28:24 | 00,000,390 | ---- | C] () -- C:\WINDOWS\lgfwup.ini

[2007/09/24 17:22:59 | 00,000,008 | ---- | C] () -- C:\Documents and Settings\Margarita\Local Settings\Application Data\.mpid

[2007/07/18 18:13:03 | 00,000,183 | ---- | C] () -- C:\WINDOWS\CDPlayer.ini

[2007/06/07 20:15:29 | 00,000,022 | ---- | C] () -- C:\WINDOWS\iexplore.ini

[2007/04/11 17:37:07 | 00,000,082 | ---- | C] () -- C:\WINDOWS\Madding.INI

[2007/01/25 20:19:57 | 00,151,552 | ---- | C] () -- C:\WINDOWS\System32\amr_cpl.dll

[2007/01/25 20:19:56 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\SLLights.dll

[2007/01/22 09:32:44 | 00,081,920 | ---- | C] () -- C:\WINDOWS\xmltok.dll

[2007/01/22 09:32:44 | 00,053,248 | ---- | C] () -- C:\WINDOWS\xmlparse.dll

[2007/01/17 23:04:11 | 00,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll

[2007/01/14 23:22:53 | 00,030,720 | ---- | C] () -- C:\Documents and Settings\Margarita\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006/11/29 18:38:24 | 00,000,170 | ---- | C] () -- C:\WINDOWS\GetServer.ini

[2006/11/13 16:35:48 | 00,003,747 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache

[2006/10/08 18:43:04 | 00,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini

[2006/10/08 18:29:42 | 00,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini

[2006/06/21 22:38:39 | 00,000,132 | ---- | C] () -- C:\Documents and Settings\Margarita\Local Settings\Application Data\fusioncache.dat

[2006/05/26 16:59:01 | 00,000,022 | ---- | C] () -- C:\WINDOWS\lotus.ini

[2006/05/08 18:20:13 | 00,000,585 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2005/05/03 11:44:44 | 00,025,157 | ---- | C] () -- C:\WINDOWS\RMAgentOutput.dll

[2005/05/03 11:43:44 | 00,126,976 | ---- | C] () -- C:\WINDOWS\dllTSCLIBMT.dll

[2005/03/03 16:16:42 | 00,000,256 | ---- | C] () -- C:\WINDOWS\aucfg.ini

[2004/10/01 17:33:46 | 00,000,679 | ---- | C] () -- C:\WINDOWS\TSC.ini

[2004/08/04 04:00:00 | 01,288,192 | ---- | C] () -- C:\WINDOWS\System32\quartz(2).dll

[2003/10/06 12:16:00 | 00,225,280 | ---- | C] () -- C:\WINDOWS\System32\nvwrsda.dll

[2003/10/06 12:16:00 | 00,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll

[2003/01/21 12:08:36 | 00,147,515 | ---- | C] () -- C:\WINDOWS\System32\playsound.dll

[2003/01/16 09:10:00 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll

[2003/01/16 09:09:00 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll

[2003/01/16 09:01:00 | 00,159,744 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll

[2002/08/22 17:12:00 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\USBRESET.DLL

[2002/07/04 15:05:34 | 00,000,269 | ---- | C] () -- C:\WINDOWS\tmupdate.ini

[2001/12/14 13:34:46 | 00,164,864 | ---- | C] () -- C:\WINDOWS\patchw32.dll

[1999/07/23 12:46:48 | 00,000,116 | ---- | C] () -- C:\WINDOWS\AuHCcup1.ini

[1999/07/23 09:53:20 | 00,129,536 | ---- | C] () -- C:\WINDOWS\AuHCcup1.dll



========== Alternate Data Streams ==========



@Alternate Data Stream - 218 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0AC32449

@Alternate Data Stream - 211 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:E1D6C864

@Alternate Data Stream - 204 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:08677BDD

@Alternate Data Stream - 198 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:090FB735

@Alternate Data Stream - 190 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:EC36F550

@Alternate Data Stream - 183 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2CFBE2D1

@Alternate Data Stream - 181 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:793F316E

@Alternate Data Stream - 179 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4BB26BE9

@Alternate Data Stream - 175 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:94213A87

@Alternate Data Stream - 173 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5B85C37B

@Alternate Data Stream - 171 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C841C093

@Alternate Data Stream - 146 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AC6124CA

@Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1F9C3D08

@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:813B8EB6

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:815D61C4

@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C46995DA

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:131C0EE9

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:067BF339

@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:38020A20

@Alternate Data Stream - 117 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:9E3E060F

@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C8591AF9

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CBAC4FD8

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:89C6F032

@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0E4DF3FE

@Alternate Data Stream - 105 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B203B914

@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2FC7B9E4

< End of report >

Please run OTL.exe.

• Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :OTL
  O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - No CLSID value found.
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4} - No CLSID value found.
  O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  O33 - MountPoints2\{ad125689-c217-11dc-932c-0040ca6e68b9}\Shell - "" = AutoRun
  O33 - MountPoints2\{ad125689-c217-11dc-932c-0040ca6e68b9}\Shell\AutoRun - "" = Auto&Play
  
  
  
• Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
  
  
• Click the red Run Fix button.
  
• A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTL.exe
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!

OTL by OldTimer - Version 3.1.27.0 log created on 01292010_112152

Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!

OTL by OldTimer - Version 3.1.27.0 log created on 01292010_112152

Did you miss :OTL as the first line?