cant play continiusly my videos

hi
i think i have a virus and i can not play continiusly my videos they stop and go and so on i run kasperky antivirus and no virus found
i run malwarebites and nothing found
ccleaner and found 2 and desinfected but still the same issue with my videos and the pc xp is running wired
thank you for your help

Hello.

Download OTL by OldTimer to your Desktop.

• Close all windows and double click OTL.exe
  
• Click Run Scan and let the program run uninterrupted
  
• It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  
• You may need to use two posts to get it all.
  

OTL Extras logfile created on: 9/12/2010 7:58:32 PM - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\ALONSO PAJON\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

447.00 Mb Total Physical Memory | 219.00 Mb Available Physical Memory | 49.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 153.38 Gb Total Space | 114.27 Gb Free Space | 74.50% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 63.32 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: ALONSO
Current User Name: ALONSO PAJON
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze -- (Vuze Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01F9D88C-3C86-4E82-840A-101A3221F67A}" = Microsoft Money 2003
"{02B42D23-10F2-4862-ADA4-3DF1EA0021B2}" = Microsoft Money 2003 System Pack
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{6262DC06-FC0A-4EF1-9876-AA92EDA3188C}" = IOI Multimedia Card Reader
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8D0829C-9C6F-11D3-8080-00C04FA329AA}" = Microsoft Works 6.0
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF262740-C85A-11D5-BBEC-00D0B740900A}" = Multimedia Keyboard Driver
"8461-7759-5462-8226" = Vuze
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"America Online us" = America Online (Choose which version to remove)
"AOL Instant Messenger (SM)" = AOL Instant Messenger (SM)
"AolCoach" = AOL Coach Version 1.0(Build:20030807.3)
"BigFix" = BigFix
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1" = SoftV92 Data Fax Modem with SmartCP
"CompuServe us" = CompuServe
"CopyTrans Suite" = CopyTrans Suite (remove only)
"Creative VF0060" = Creative WebCam Live! Ultra Driver (1.01.03.0127)
"Creative WebCam Center" = Creative WebCam Center
"Creative WebCam Live! Ultra User's Guide English" = Creative WebCam Live! Ultra User's Guide (English)
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"ESET Online Scanner" = ESET Online Scanner v3
"Get Yahoo! Messenger" = Get Yahoo! Messenger
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQ" = ICQ
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{6262DC06-FC0A-4EF1-9876-AA92EDA3188C}" = IOI Multimedia Card Reader
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"JRE 1.3.1" = Java 2 Runtime Environment Standard Edition v1.3.1
"JRE 1.3.1_02" = Java 2 Runtime Environment Standard Edition v1.3.1_02
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Netscape 6 (6.2.1)" = Netscape 6 (6.2.1)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Display Driver" = NVIDIA Display Driver
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA Ethernet Driver" = NVIDIA Ethernet Driver
"NVIDIA nForce Drivers" = NVIDIA nForce Drivers
"Raptr" = Raptr
"RealPlayer 6.0" = RealPlayer Basic
"StreetPlugin" = Learn2 Player (Uninstall Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Winamp" = Winamp (remove only)
"Windows Essentials Media Codec Pack" = Windows Essentials Media Codec Pack 3.0
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/25/2010 10:21:28 PM | Computer Name = ALONSO | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 8/18/2010 2:05:00 PM | Computer Name = ALONSO | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.2180, faulting
module unknown, version 0.0.0.0, fault address 0x715b9d8b.

Error - 8/29/2010 3:21:31 PM | Computer Name = ALONSO | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 192.168.0.107:5353 4 ALONSO.local.
Addr 192.168.0.107

Error - 8/29/2010 3:21:31 PM | Computer Name = ALONSO | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: ProbeCount 2; will rename 4 ALONSO.local.
Addr 192.168.0.104

Error - 8/29/2010 3:21:31 PM | Computer Name = ALONSO | Source = Bonjour Service | ID = 100
Description = Local Hostname ALONSO.local already in use; will try ALONSO-2.local
instead

Error - 8/29/2010 5:42:06 PM | Computer Name = ALONSO | Source = Bonjour Service | ID = 100
Description = 456: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 8/29/2010 5:42:06 PM | Computer Name = ALONSO | Source = Bonjour Service | ID = 100
Description = 460: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 8/29/2010 5:42:06 PM | Computer Name = ALONSO | Source = Bonjour Service | ID = 100
Description = 424: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 8/29/2010 5:42:06 PM | Computer Name = ALONSO | Source = Bonjour Service | ID = 100
Description = 428: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 8/29/2010 5:42:06 PM | Computer Name = ALONSO | Source = Bonjour Service | ID = 100
Description = 408: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

[ System Events ]
Error - 9/12/2010 4:06:50 PM | Computer Name = ALONSO | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 9/12/2010 4:06:55 PM | Computer Name = ALONSO | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 9/12/2010 4:07:00 PM | Computer Name = ALONSO | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 9/12/2010 4:07:05 PM | Computer Name = ALONSO | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 9/12/2010 4:07:10 PM | Computer Name = ALONSO | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 9/12/2010 4:07:15 PM | Computer Name = ALONSO | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 9/12/2010 4:07:20 PM | Computer Name = ALONSO | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 9/12/2010 4:34:03 PM | Computer Name = ALONSO | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126

Error - 9/12/2010 8:19:39 PM | Computer Name = ALONSO | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.

Error - 9/12/2010 8:19:39 PM | Computer Name = ALONSO | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\D, has a bad block.


< End of report >

OTL logfile created on: 9/12/2010 7:58:32 PM - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Documents and Settings\ALONSO PAJON\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

447.00 Mb Total Physical Memory | 219.00 Mb Available Physical Memory | 49.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 153.38 Gb Total Space | 114.27 Gb Free Space | 74.50% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 63.32 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: ALONSO
Current User Name: ALONSO PAJON
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/09/12 19:56:50 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ALONSO PAJON\Desktop\OTL.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/01 21:39:08 | 000,357,096 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
PRC - [2010/07/01 21:34:46 | 000,129,720 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe
PRC - [2004/08/04 03:56:49 | 001,032,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/08/06 20:58:26 | 001,376,360 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\acsd.exe
PRC - [2003/01/10 21:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe


========== Modules (SafeList) ==========

MOD - [2010/09/12 19:56:50 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ALONSO PAJON\Desktop\OTL.exe
MOD - [2004/08/04 03:57:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004/08/04 02:01:17 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/07/01 21:39:08 | 000,357,096 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)
SRV - [2003/08/06 20:58:26 | 001,376,360 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\acsd.exe -- (AOL ACS)
SRV - [2003/01/10 21:13:04 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\WPRO_40_1340.sys -- (WPRO_40_1340) WinPcap Packet Driver (WPRO_40_1340)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2010/09/10 23:40:01 | 000,482,392 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)
DRV - [2010/09/10 20:01:35 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ute0mzyy.sys -- (ute0mzyy)
DRV - [2010/06/09 17:43:52 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kl2.sys -- (kl2)
DRV - [2010/06/09 17:43:50 | 000,132,184 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\kl1.sys -- (KL1)
DRV - [2010/05/07 12:06:26 | 000,032,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klim5.sys -- (klim5)
DRV - [2009/11/02 20:27:24 | 000,019,472 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\klmouflt.sys -- (klmouflt)
DRV - [2009/10/22 12:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\30072332.sys -- (30072332)
DRV - [2009/09/25 16:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\30072331.sys -- (30072331)
DRV - [2008/09/24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006/10/22 12:22:00 | 003,994,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/04/13 11:34:02 | 000,414,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2005/04/13 11:32:42 | 000,053,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2005/02/02 04:15:14 | 000,196,409 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0060Vid.sys -- (V0060VID)
DRV - [2004/08/04 01:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2003/11/13 22:19:48 | 000,210,304 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/13 22:18:36 | 000,679,808 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/13 22:17:00 | 001,042,816 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/11/10 15:24:24 | 000,039,532 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2003/08/15 22:22:16 | 000,072,771 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2003/03/19 18:51:00 | 000,018,688 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nv_agp.sys -- (nv_agp)
DRV - [2003/01/10 21:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2003/01/04 06:01:11 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1A 3C 91 64 17 52 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\:
FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\Components: C:\Program Files\Common Files\csshare\plugins0942 [2010/09/10 15:35:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\CompuServe 7.0\Extensions\\Plugins: C:\Program Files\Common Files\csshare\plugins0942 [2010/09/10 15:35:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 6 6.2.1\Extensions\\Components: C:\Program Files\Netscape\Netscape 6\Components [2010/09/10 15:35:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 6 6.2.1\Extensions\\Plugins: C:\Program Files\Netscape\Netscape 6\Plugins [2010/09/10 15:35:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\THBExt [2010/09/10 23:41:23 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010/08/18 14:49:55 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [VF0060 STISvc] C:\WINDOWS\System32\V0060Pin.dll (Creative Technology Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\Icq.exe ()
O9 - Extra 'Tools' menuitem : ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\Icq.exe ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([free] http in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1232585551609 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1251145133163 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3.1/jinstall-131-win.cab (Java Plug-in 1.3.1)
O16 - DPF: {CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} http://java.sun.com/products/plugin/1.3.1/jinstall-131_02-win.cab (Java Plug-in 1.3.1_02)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.69.188.185 207.69.188.186 207.69.188.187
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kloehk.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Documents and Settings\ALONSO PAJON\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\ALONSO PAJON\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/02/09 21:01:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/09/12 19:56:30 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\ALONSO PAJON\Desktop\OTL.exe
[2010/09/12 19:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\Essentials Codec Pack
[2010/09/12 12:20:07 | 075,220,144 | ---- | C] ( ) -- C:\Documents and Settings\ALONSO PAJON\Desktop\kaspersky removal tool.exe
[2010/09/11 19:48:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\ALONSO PAJON\Recent
[2010/09/11 19:48:31 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/09/11 12:50:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010/09/10 23:40:32 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2010/09/10 23:40:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
[2010/09/10 23:40:01 | 000,482,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010/09/10 23:38:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
[2010/09/10 23:37:44 | 111,997,584 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\ALONSO PAJON\Desktop\kis2011_11.0.1.401en_us.exe
[2010/09/10 20:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/09/10 18:33:49 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\3007233.sys
[2010/09/10 18:33:49 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\30072331.sys
[2010/09/10 18:33:49 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\30072332.sys
[2010/09/10 15:37:31 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2010/09/10 15:36:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/10 15:36:10 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/10 15:34:47 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/09/10 15:33:15 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/09/10 15:28:58 | 074,840,872 | ---- | C] (Apple Inc.) -- C:\Documents and Settings\ALONSO PAJON\Desktop\iTunesSetup.exe
[2010/09/10 15:03:38 | 003,427,248 | ---- | C] (Piriform Ltd) -- C:\Documents and Settings\ALONSO PAJON\Desktop\ccsetup235.exe
[2010/08/29 15:28:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/08/29 15:23:24 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/08/27 13:34:00 | 007,487,104 | ---- | C] (IObit ) -- C:\Documents and Settings\ALONSO PAJON\Desktop\asc-setup370.exe
[2010/08/18 19:06:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALONSO PAJON\Local Settings\Application Data\Conduit
[2010/08/18 19:06:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\ALONSO PAJON\Application Data\Malwarebytes
[2010/08/18 19:05:58 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/08/18 19:05:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/08/18 19:05:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/18 19:05:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/08/18 19:05:20 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\ALONSO PAJON\Desktop\mbam-setup-1.46.exe
[2010/08/18 13:57:47 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/08/18 13:48:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/08/18 13:48:35 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/08/18 13:48:35 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/08/18 13:48:35 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/08/18 13:48:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/08/18 13:47:57 | 000,000,000 | ---D | C] -- C:\Qoobox

========== Files - Modified Within 30 Days ==========

[2010/09/12 20:09:01 | 000,000,362 | ---- | M] () -- C:\WINDOWS\tasks\Windows Codec Update Service.job
[2010/09/12 19:56:50 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\ALONSO PAJON\Desktop\OTL.exe
[2010/09/12 19:51:14 | 000,000,829 | ---- | M] () -- C:\Documents and Settings\ALONSO PAJON\Desktop\Media Player Classic.lnk
[2010/09/12 19:49:46 | 016,030,841 | ---- | M] () -- C:\Documents and Settings\ALONSO PAJON\Desktop\WECPSetup.exe
[2010/09/12 17:40:42 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/09/12 16:33:59 | 000,088,566 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/09/12 16:33:38 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/09/12 16:33:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/09/12 16:33:31 | 469,291,008 | -HS- | M] () -- C:\hiberfil.sys
[2010/09/12 16:32:20 | 004,718,592 | -H-- | M] () -- C:\Documents and Settings\ALONSO PAJON\NTUSER.DAT
[2010/09/12 16:32:20 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\ALONSO PAJON\ntuser.ini
[2010/09/12 16:32:06 | 006,944,202 | -H-- | M] () -- C:\Documents and Settings\ALONSO PAJON\Local Settings\Application Data\IconCache.db
[2010/09/12 12:20:44 | 075,220,144 | ---- | M] ( ) -- C:\Documents and Settings\ALONSO PAJON\Desktop\kaspersky removal tool.exe
[2010/09/11 19:49:11 | 000,007,138 | ---- | M] () -- C:\Documents and Settings\ALONSO PAJON\My Documents\cc_20100911_194903.reg
[2010/09/11 16:25:01 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/09/11 16:07:16 | 003,842,655 | R--- | M] () -- C:\Documents and Settings\ALONSO PAJON\Desktop\ComboFix.exe
[2010/09/11 00:05:33 | 000,002,415 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/09/10 23:42:32 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/09/10 23:42:32 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/09/10 23:40:01 | 000,482,392 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010/09/10 23:38:07 | 111,997,584 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\ALONSO PAJON\Desktop\kis2011_11.0.1.401en_us.exe
[2010/09/10 22:05:54 | 000,000,757 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/09/10 20:01:35 | 000,007,168 | ---- | M] () -- C:\WINDOWS\System32\drivers\ute0mzyy.sys
[2010/09/10 15:35:11 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/09/10 15:30:14 | 074,840,872 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\ALONSO PAJON\Desktop\iTunesSetup.exe
[2010/09/10 15:14:54 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/09/10 15:06:26 | 000,034,156 | ---- | M] () -- C:\Documents and Settings\ALONSO PAJON\My Documents\cc_20100910_150617.reg
[2010/09/10 15:04:22 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\ALONSO PAJON\Desktop\CCleaner.lnk
[2010/09/10 15:03:51 | 003,427,248 | ---- | M] (Piriform Ltd) -- C:\Documents and Settings\ALONSO PAJON\Desktop\ccsetup235.exe
[2010/09/03 19:34:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/09/02 14:12:23 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/08/27 13:34:13 | 007,487,104 | ---- | M] (IObit ) -- C:\Documents and Settings\ALONSO PAJON\Desktop\asc-setup370.exe
[2010/08/20 10:39:58 | 000,126,885 | ---- | M] () -- C:\Documents and Settings\ALONSO PAJON\Desktop\clamwin-update-0.96.2-0.96.2.1.exe
[2010/08/18 19:06:01 | 000,000,714 | ---- | M] () -- C:\Documents and Settings\ALONSO PAJON\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/08/18 19:06:01 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/18 19:05:30 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\ALONSO PAJON\Desktop\mbam-setup-1.46.exe
[2010/08/18 19:01:33 | 001,064,730 | ---- | M] () -- C:\Documents and Settings\ALONSO PAJON\Desktop\clamwin-update-0.96.1-0.96.2.exe
[2010/08/18 14:49:55 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts

========== Files Created - No Company Name ==========

[2010/09/12 19:51:45 | 000,000,362 | ---- | C] () -- C:\WINDOWS\tasks\Windows Codec Update Service.job
[2010/09/12 19:51:14 | 000,000,829 | ---- | C] () -- C:\Documents and Settings\ALONSO PAJON\Desktop\Media Player Classic.lnk
[2010/09/12 19:49:41 | 016,030,841 | ---- | C] () -- C:\Documents and Settings\ALONSO PAJON\Desktop\WECPSetup.exe
[2010/09/12 16:43:26 | 012,403,212 | ---- | C] () -- C:\Documents and Settings\ALONSO PAJON\Desktop\Unknown Artist - Unknown Album - Belly Dance fusion w_ Tambourine by Viktori.mp4
[2010/09/11 19:49:06 | 000,007,138 | ---- | C] () -- C:\Documents and Settings\ALONSO PAJON\My Documents\cc_20100911_194903.reg
[2010/09/10 23:42:32 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010/09/10 23:42:32 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010/09/10 20:28:50 | 469,291,008 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/10 20:01:34 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\ute0mzyy.sys
[2010/09/10 15:37:35 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/09/10 15:35:11 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/09/10 15:06:23 | 000,034,156 | ---- | C] () -- C:\Documents and Settings\ALONSO PAJON\My Documents\cc_20100910_150617.reg
[2010/08/20 10:39:55 | 000,126,885 | ---- | C] () -- C:\Documents and Settings\ALONSO PAJON\Desktop\clamwin-update-0.96.2-0.96.2.1.exe
[2010/08/18 19:06:01 | 000,000,714 | ---- | C] () -- C:\Documents and Settings\ALONSO PAJON\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/08/18 19:06:01 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/08/18 19:01:27 | 001,064,730 | ---- | C] () -- C:\Documents and Settings\ALONSO PAJON\Desktop\clamwin-update-0.96.1-0.96.2.exe
[2010/08/18 13:57:58 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/08/18 13:57:54 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/08/18 13:48:35 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/08/18 13:48:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/08/18 13:48:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/08/18 13:48:35 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/08/18 13:48:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/08/18 13:47:26 | 003,842,655 | R--- | C] () -- C:\Documents and Settings\ALONSO PAJON\Desktop\ComboFix.exe
[2010/07/11 13:11:26 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/01/21 20:30:43 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\ALONSO PAJON\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/10/22 12:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 12:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 12:22:00 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2004/08/04 03:56:42 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2004/08/04 03:56:42 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2004/08/04 03:56:42 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2003/07/27 14:05:51 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2003/07/27 14:05:51 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2003/02/09 19:46:30 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2003/02/09 19:46:29 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2003/02/09 19:46:27 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2003/02/09 19:46:26 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2003/02/09 19:46:17 | 000,001,094 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/02/09 19:46:17 | 000,000,465 | ---- | C] () -- C:\WINDOWS\System32\emver.ini
[2003/02/09 19:45:36 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2003/01/04 07:46:07 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/01/04 07:13:31 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2003/01/04 07:12:34 | 000,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2003/01/04 07:12:34 | 000,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2003/01/04 05:58:11 | 000,000,132 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2003/01/04 05:57:30 | 000,000,310 | ---- | C] () -- C:\WINDOWS\net2fone.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 2628 bytes -> C:\WINDOWS\System32\OEMLOGO.BMP:Q30lsldxJoudresxAaaqpcawXc
< End of report >

thank you so much for your help above i posted the result you ask me to from otl

Hello.

• Download combofix from here
  Link 1
  Link 2
  
  1. If you are using Firefox, make sure that your download settings are as follows:
  
  * Tools->Options->Main tab
  * Set to "Always ask me where to Save the files".
  
  2. During the download, rename Combofix to Combo-Fix as follows:
  
  
  
  
  
  3. It is important you rename Combofix during the download, but not after.
  4. Please do not rename Combofix to other names, but only to the one indicated.
  5. Close any open browsers.
  6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  
  
• We need to disable your local AV (Anti-virus) before running Combofix.
  
• See HERE for how to disable your AV.
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
  ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***
  
  **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.
  
  
  
• The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.
  
  
  
  
• Allow ComboFix to download the Recovery Console.
  
• Accept the End-User License Agreement.
  
• The Recovery Console will be installed.
  
• You will then get this next prompt that asks if you want to continue the malware scan, select yes
  
  
  
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
  

ComboFix 10-09-13.01 - ALONSO PAJON 09/13/2010 22:56:14.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.447.199 [GMT -4:00]
Running from: c:\documents and settings\ALONSO PAJON\Desktop\Combo-Fix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

((((((((((((((((((((((((( Files Created from 2010-08-14 to 2010-09-14 )))))))))))))))))))))))))))))))
.

2010-09-12 23:50 . 2010-09-12 23:51 -------- d-----w- c:\program files\Essentials Codec Pack
2010-09-11 16:50 . 2010-09-11 16:50 -------- d--h--w- c:\windows\PIF
2010-09-11 04:16 . 2010-09-11 04:16 288080 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\bases\av\kdb\i386\win\avengine.dll
2010-09-11 03:42 . 2010-09-11 03:42 97549 ----a-w- c:\windows\system32\drivers\klick.dat
2010-09-11 03:42 . 2010-09-11 03:42 113933 ----a-w- c:\windows\system32\drivers\klin.dat
2010-09-11 03:40 . 2010-09-14 03:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2010-09-11 03:40 . 2010-09-11 03:40 -------- d-----w- c:\program files\Kaspersky Lab
2010-09-11 03:38 . 2010-09-11 03:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2010-09-11 00:24 . 2010-09-11 00:24 -------- d-----w- c:\program files\ESET
2010-09-11 00:01 . 2010-09-11 00:01 7168 ----a-w- c:\windows\system32\drivers\ute0mzyy.sys
2010-09-10 22:36 . 2010-09-10 22:36 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-09-10 19:37 . 2009-05-18 17:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-09-10 19:37 . 2008-04-17 16:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-09-10 19:36 . 2010-09-10 19:36 -------- d-----w- c:\program files\iPod
2010-09-10 19:36 . 2010-09-10 19:37 -------- d-----w- c:\program files\iTunes
2010-09-10 19:34 . 2010-09-10 19:35 -------- d-----w- c:\program files\QuickTime
2010-09-10 19:33 . 2010-09-10 19:33 -------- d-----w- c:\program files\Bonjour
2010-09-01 13:12 . 2010-09-01 13:12 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.0.0.68\SetupAdmin.exe
2010-08-29 19:28 . 2010-08-29 19:29 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-08-29 19:23 . 2010-08-29 19:23 -------- d-----w- c:\program files\Apple Software Update
2010-08-27 12:02 . 2010-08-27 12:02 68256 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2011 11.0.1.400\English\setup.exe
2010-08-21 13:59 . 2010-08-21 13:59 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-08-18 23:06 . 2010-08-18 23:06 -------- d-----w- c:\documents and settings\ALONSO PAJON\Local Settings\Application Data\Conduit
2010-08-18 23:06 . 2010-08-18 23:06 -------- d-----w- c:\documents and settings\ALONSO PAJON\Application Data\Malwarebytes
2010-08-18 23:05 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-18 23:05 . 2010-08-18 23:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-18 23:05 . 2010-08-18 23:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-18 23:05 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-18 18:16 . 2010-08-18 18:16 271696 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Bases\sys_critical_obj.dll
2010-08-17 21:50 . 2010-09-11 04:29 288080 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Bases\avengine.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-14 02:44 . 2003-01-04 16:29 -------- d-----w- c:\program files\BigFix
2010-09-13 01:05 . 2010-07-26 02:15 -------- d-----r- c:\program files\Skype
2010-09-13 00:54 . 2010-07-23 04:26 -------- d-----w- c:\documents and settings\ALONSO PAJON\Application Data\Azureus
2010-09-11 16:52 . 2009-12-30 20:50 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-11 00:38 . 2003-01-04 11:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-09-10 19:36 . 2009-12-23 20:12 -------- d-----w- c:\program files\Common Files\Apple
2010-09-10 19:34 . 2009-12-23 20:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-09-10 19:04 . 2010-03-03 18:52 -------- d-----w- c:\program files\CCleaner
2010-09-07 17:27 . 2010-07-26 02:16 -------- d-----w- c:\documents and settings\ALONSO PAJON\Application Data\Skype
2010-09-07 17:27 . 2010-07-26 02:21 -------- d-----w- c:\documents and settings\ALONSO PAJON\Application Data\skypePM
2010-08-30 18:45 . 2009-12-23 20:20 -------- d-----w- c:\documents and settings\ALONSO PAJON\Application Data\Apple Computer
2010-08-19 00:23 . 2010-07-23 04:23 -------- d-----w- c:\program files\Vuze_Remote
2010-08-11 02:34 . 2009-09-03 02:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-07-27 22:44 . 2010-07-27 22:44 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-27 22:44 . 2010-07-27 22:44 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-07-27 22:44 . 2010-07-27 22:44 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-07-26 02:21 . 2010-07-26 02:21 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-07-26 02:15 . 2010-07-26 02:15 -------- d-----w- c:\program files\Common Files\Skype
2010-07-26 02:15 . 2010-07-26 02:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-07-23 04:24 . 2010-07-23 04:24 -------- d-----w- c:\program files\Conduit
2010-07-16 23:55 . 2010-07-16 23:27 -------- d-----w- c:\documents and settings\ALONSO PAJON\Application Data\CopyTrans
2010-07-16 23:27 . 2010-07-16 23:27 -------- d-----w- c:\program files\WindSolutions
2010-07-02 01:35 . 2010-07-02 01:35 228024 ----a-w- c:\windows\system32\klogon.dll
2010-06-30 22:43 . 2010-06-30 22:43 247120 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Bases\uds.dll
2010-06-30 22:43 . 2010-06-30 22:43 1037648 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Bases\klavasyswatch.dll
2010-06-30 22:42 . 2010-06-30 22:42 132432 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Bases\dns_client.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-07-02 357096]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-08-10 421888]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BigFix.lnk
backup=c:\windows\pss\BigFix.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^ALONSO PAJON^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\ALONSO PAJON\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2010-08-10 19:10 2349776 ----a-w- c:\program files\IObit\Advanced SystemCare 3\AWC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
2003-06-03 19:01 496640 ----a-w- c:\windows\zHotkey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-04 07:56 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-09-01 12:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-04 07:56 1667584 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 20:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-10-22 16:22 7700480 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-10-22 16:22 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVMixerTray]
2004-12-20 21:12 131072 ----a-w- c:\program files\NVIDIA Corporation\NvMixer\NvMixerTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-10-22 16:22 1622016 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-08-10 09:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-05-13 20:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 19:28 577536 ----a-w- c:\windows\soundman.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 15:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunkist2k]
2003-11-20 03:32 139264 ----a-w- c:\program files\Multimedia Card Reader\shwicon2k.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VF0060 STISvc]
2004-11-01 01:00 36864 ----a-r- c:\windows\system32\V0060Pin.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 30072332;30072332 Boot Guard Driver;c:\windows\system32\drivers\30072332.sys [9/10/2010 6:33 PM 37392]
R1 30072331;30072331;c:\windows\system32\drivers\30072331.sys [9/10/2010 6:33 PM 128016]
R1 kl2;kl2;c:\windows\system32\drivers\kl2.sys [6/9/2010 5:43 PM 11352]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [5/7/2010 12:06 PM 32856]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [11/2/2009 8:27 PM 19472]
R3 V0060VID;Creative WebCam Live! Ultra;c:\windows\system32\drivers\V0060Vid.sys [11/28/2009 2:48 PM 196409]
S3 ute0mzyy;AVZ Kernel Driver;c:\windows\system32\drivers\ute0mzyy.sys [9/10/2010 8:01 PM 7168]
S3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\WPRO_40_1340.sys --> c:\windows\system32\drivers\WPRO_40_1340.sys [?]
.
Contents of the 'Scheduled Tasks' folder

2010-09-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:50]

2010-09-13 c:\windows\Tasks\Windows Codec Update Service.job
- c:\program files\Essentials Codec Pack\WECPUpdate.exe [2010-05-30 13:17]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = hxxp://www.emachines.com/
uInternet Settings,ProxyOverride = *.local
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: aol.com\free
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-Raptr - c:\progra~1\Raptr\raptrstub.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-13 23:09
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3952)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\progra~1\COMMON~1\AOL\ACS\acsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\wanmpsvc.exe
.
**************************************************************************
.
Completion time: 2010-09-13 23:14:58 - machine was rebooted
ComboFix-quarantined-files.txt 2010-09-14 03:14
ComboFix2.txt 2010-09-11 20:30
ComboFix3.txt 2010-09-11 02:20
ComboFix4.txt 2010-08-18 18:55

Pre-Run: 122,213,576,704 bytes free
Post-Run: 122,928,431,104 bytes free

- - End Of File - - 0A0D5108FA32C1799346909473EBCA97

thank you so much for your promp respond above is the result of combofix results i did exactly what you told me and it was no need to download the recovery console from microsoft it may be install on my pc just downloaded from the site you indicated when downloading i change the name as instructed and here the result is above
thank you again
bill

Hello.

1. Close any open browsers.
   
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
3. Open notepad and copy/paste the text in the quotebox below into it:
   

   Code:

   
KILLALL::
30072332
30072331
ute0mzyy

   
   
4. Save this as CFScript.txt, in the same location as ComboFix.exe
   
   
   
   
5. Referring to the picture above, drag CFScript into ComboFix.exe
   
6. When finished, it shall produce a log for you at C:\ComboFix.txt
   
7. Please post the contents of the log in your next reply.
   

ComboFix 10-09-16.07 - ALONSO PAJON 09/17/2010 19:14:38.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.447.187 [GMT -4:00]
Running from: c:\documents and settings\ALONSO PAJON\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\ALONSO PAJON\My Documents\CFScript.txt
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2010-08-17 to 2010-09-17 )))))))))))))))))))))))))))))))
.

2010-09-14 18:22 . 2010-09-14 18:22 989880 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav11\11.0.1.400\updater.dll
2010-09-14 18:22 . 2010-09-14 18:22 146104 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav11\11.0.1.400\threatsmanager.dll
2010-09-14 18:22 . 2010-09-14 18:22 84664 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav11\11.0.1.400\libola.dll
2010-09-14 18:22 . 2010-09-14 18:22 391864 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav11\11.0.1.400\klifpp.dll
2010-09-14 18:22 . 2010-09-14 18:22 117432 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav11\11.0.1.400\dumpwriter.dll
2010-09-14 18:22 . 2010-09-14 18:22 482392 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav11\11.0.1.400\sys\i386\5.1\klif.sys
2010-09-14 18:22 . 2010-09-14 18:22 357096 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\rollback\patch\AutoPatches\kav11\11.0.1.400\avp.exe
2010-09-14 18:22 . 2010-09-14 18:22 989880 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav11\11.0.1.400\updater.dll
2010-09-14 18:21 . 2010-09-14 18:21 146104 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav11\11.0.1.400\threatsmanager.dll
2010-09-14 18:21 . 2010-09-14 18:21 84664 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav11\11.0.1.400\libola.dll
2010-09-14 18:21 . 2010-09-14 18:21 395960 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav11\11.0.1.400\klifpp.dll
2010-09-14 18:21 . 2010-09-14 18:21 117432 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav11\11.0.1.400\dumpwriter.dll
2010-09-14 18:18 . 2010-09-14 18:19 352976 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav11\11.0.1.400\avp.exe
2010-09-14 18:18 . 2010-09-14 18:18 475736 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav11\11.0.1.400\sys\i386\5.1\klif.sys
2010-09-12 23:50 . 2010-09-12 23:51 -------- d-----w- c:\program files\Essentials Codec Pack
2010-09-11 16:50 . 2010-09-11 16:50 -------- d--h--w- c:\windows\PIF
2010-09-11 04:16 . 2010-09-11 04:16 288080 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Data\Updater\Temporary Files\temporaryFolder\bases\av\kdb\i386\win\avengine.dll
2010-09-11 03:42 . 2010-09-11 03:42 97549 ----a-w- c:\windows\system32\drivers\klick.dat
2010-09-11 03:42 . 2010-09-11 03:42 113933 ----a-w- c:\windows\system32\drivers\klin.dat
2010-09-11 03:40 . 2010-09-17 23:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2010-09-11 03:40 . 2010-09-11 03:40 -------- d-----w- c:\program files\Kaspersky Lab
2010-09-11 03:38 . 2010-09-11 03:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2010-09-11 00:24 . 2010-09-11 00:24 -------- d-----w- c:\program files\ESET
2010-09-11 00:01 . 2010-09-11 00:01 7168 ----a-w- c:\windows\system32\drivers\ute0mzyy.sys
2010-09-10 22:36 . 2010-09-10 22:36 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-09-10 19:37 . 2009-05-18 17:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-09-10 19:37 . 2008-04-17 16:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-09-10 19:36 . 2010-09-10 19:36 -------- d-----w- c:\program files\iPod
2010-09-10 19:36 . 2010-09-10 19:37 -------- d-----w- c:\program files\iTunes
2010-09-10 19:34 . 2010-09-10 19:35 -------- d-----w- c:\program files\QuickTime
2010-09-10 19:33 . 2010-09-10 19:33 -------- d-----w- c:\program files\Bonjour
2010-09-01 13:12 . 2010-09-01 13:12 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.0.0.68\SetupAdmin.exe
2010-08-29 19:28 . 2010-08-29 19:29 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-08-29 19:23 . 2010-08-29 19:23 -------- d-----w- c:\program files\Apple Software Update
2010-08-27 12:02 . 2010-08-27 12:02 68256 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 2011 11.0.1.400\English\setup.exe
2010-08-21 13:59 . 2010-08-21 13:59 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-15 21:08 . 2009-09-03 02:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-09-14 02:44 . 2003-01-04 16:29 -------- d-----w- c:\program files\BigFix
2010-09-13 01:05 . 2010-07-26 02:15 -------- d-----r- c:\program files\Skype
2010-09-13 00:54 . 2010-07-23 04:26 -------- d-----w- c:\documents and settings\ALONSO PAJON\Application Data\Azureus
2010-09-11 16:52 . 2009-12-30 20:50 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-11 04:29 . 2010-08-17 21:50 288080 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Bases\avengine.dll
2010-09-11 00:38 . 2003-01-04 11:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2010-09-10 19:36 . 2009-12-23 20:12 -------- d-----w- c:\program files\Common Files\Apple
2010-09-10 19:34 . 2009-12-23 20:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-09-10 19:04 . 2010-03-03 18:52 -------- d-----w- c:\program files\CCleaner
2010-09-07 17:27 . 2010-07-26 02:16 -------- d-----w- c:\documents and settings\ALONSO PAJON\Application Data\Skype
2010-09-07 17:27 . 2010-07-26 02:21 -------- d-----w- c:\documents and settings\ALONSO PAJON\Application Data\skypePM
2010-08-30 18:45 . 2009-12-23 20:20 -------- d-----w- c:\documents and settings\ALONSO PAJON\Application Data\Apple Computer
2010-08-19 00:23 . 2010-07-23 04:23 -------- d-----w- c:\program files\Vuze_Remote
2010-08-18 23:06 . 2010-08-18 23:06 -------- d-----w- c:\documents and settings\ALONSO PAJON\Application Data\Malwarebytes
2010-08-18 23:06 . 2010-08-18 23:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-18 23:05 . 2010-08-18 23:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-18 18:16 . 2010-08-18 18:16 271696 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Bases\sys_critical_obj.dll
2010-07-27 22:44 . 2010-07-27 22:44 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-27 22:44 . 2010-07-27 22:44 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-07-27 22:44 . 2010-07-27 22:44 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-07-26 02:21 . 2010-07-26 02:21 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-07-26 02:15 . 2010-07-26 02:15 -------- d-----w- c:\program files\Common Files\Skype
2010-07-26 02:15 . 2010-07-26 02:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-07-23 04:24 . 2010-07-23 04:24 -------- d-----w- c:\program files\Conduit
2010-07-02 01:35 . 2010-07-02 01:35 228024 ----a-w- c:\windows\system32\klogon.dll
2010-06-30 22:43 . 2010-06-30 22:43 247120 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Bases\uds.dll
2010-06-30 22:43 . 2010-06-30 22:43 1037648 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Bases\klavasyswatch.dll
2010-06-30 22:42 . 2010-06-30 22:42 132432 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP11\Bases\dns_client.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" [2010-09-14 352976]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-08-10 421888]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BigFix.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BigFix.lnk
backup=c:\windows\pss\BigFix.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^ALONSO PAJON^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\ALONSO PAJON\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2010-08-10 19:10 2349776 ----a-w- c:\program files\IObit\Advanced SystemCare 3\AWC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
2003-06-03 19:01 496640 ----a-w- c:\windows\zHotkey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-04 07:56 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-09-01 12:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-04 07:56 1667584 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 20:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-10-22 16:22 7700480 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-10-22 16:22 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVMixerTray]
2004-12-20 21:12 131072 ----a-w- c:\program files\NVIDIA Corporation\NvMixer\NvMixerTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-10-22 16:22 1622016 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-08-10 09:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-05-13 20:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 19:28 577536 ----a-w- c:\windows\soundman.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 15:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sunkist2k]
2003-11-20 03:32 139264 ----a-w- c:\program files\Multimedia Card Reader\shwicon2k.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VF0060 STISvc]
2004-11-01 01:00 36864 ----a-r- c:\windows\system32\V0060Pin.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R3 ute0mzyy;AVZ Kernel Driver;c:\windows\system32\Drivers\ute0mzyy.sys [2010-09-11 7168]
R3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\WPRO_40_1340.sys [x]
S0 30072332;30072332 Boot Guard Driver;c:\windows\system32\DRIVERS\30072332.sys [2009-10-22 37392]
S1 30072331;30072331;c:\windows\system32\DRIVERS\30072331.sys [2009-09-25 128016]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2010-06-09 11352]
S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2010-05-07 32856]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-03 19472]
S3 V0060VID;Creative WebCam Live! Ultra;c:\windows\system32\DRIVERS\V0060Vid.sys [2005-02-02 196409]

.
Contents of the 'Scheduled Tasks' folder

2010-09-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:50]

2010-09-17 c:\windows\Tasks\Windows Codec Update Service.job
- c:\program files\Essentials Codec Pack\WECPUpdate.exe [2010-05-30 13:17]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = hxxp://www.emachines.com/
uInternet Settings,ProxyOverride = *.local
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: aol.com\free
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-17 19:32
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3356)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\progra~1\COMMON~1\AOL\ACS\acsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\wanmpsvc.exe
.
**************************************************************************
.
Completion time: 2010-09-17 19:45:08 - machine was rebooted
ComboFix-quarantined-files.txt 2010-09-17 23:44
ComboFix2.txt 2010-09-14 03:15
ComboFix3.txt 2010-09-11 20:30
ComboFix4.txt 2010-09-11 02:20
ComboFix5.txt 2010-09-17 23:11

Pre-Run: 119,949,598,720 bytes free
Post-Run: 121,118,285,824 bytes free

- - End Of File - - 09457F7B56C94C00286CEC017A83BEE1

above is the report you ask me too and agan thank you very much

Goddamn it I made a mistake in the script so it didn't work. Need you to do this next script too.

1. Close any open browsers.
   
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
3. Open notepad and copy/paste the text in the quotebox below into it:
   

   Code:

   
KILLALL::

Driver::
30072332
30072331
ute0mzyy

   
   
4. Save this as CFScript.txt, in the same location as ComboFix.exe
   
   
   
   
5. Referring to the picture above, drag CFScript into ComboFix.exe
   
6. When finished, it shall produce a log for you at C:\ComboFix.txt
   
7. Please post the contents of the log in your next reply.