Thank you for your help, Sunyata.
here is the OTL:
OTL logfile created on: 2/28/2012 6:47:46 AM - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Documents and Settings\Alfonso\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 63.54% Memory free
3.25 Gb Paging File | 2.38 Gb Available in Paging File | 73.21% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 433.85 Gb Free Space | 93.15% Space Free | Partition Type: NTFS
Computer Name: ALFONSO | User Name: Alfonso | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\Alfonso\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Norton AntiVirus\Engine\19.5.0.145\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
MOD - C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - C:\Program Files\Lavasoft\Ad-Aware\Viprebridge.dll ()
MOD - C:\Program Files\Lavasoft\Ad-Aware\Vipre.dll ()
MOD - C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- File not found
SRV - (AppMgmt) -- File not found
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (NAV) -- C:\Program Files\Norton AntiVirus\Engine\19.5.0.145\ccSvcHst.exe (Symantec Corporation)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
========== Driver Services (SafeList) ==========
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (NAVEX15) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120227.002\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120227.002\NAVENG.SYS (Symantec Corporation)
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys ()
DRV - (IDSxpx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120224.002\IDSXpx86.sys (Symantec Corporation)
DRV - (BHDrvx86) -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120215.001\BHDrvx86.sys (Symantec Corporation)
DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\NAV\1305000.091\SYMEFA.SYS (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\System32\Drivers\NAV\1305000.091\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\WINDOWS\system32\drivers\NAV\1305000.091\SRTSPX.SYS (Symantec Corporation)
DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\NAV\1305000.091\SYMTDI.SYS (Symantec Corporation)
DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\NAV\1305000.091\Ironx86.SYS (Symantec Corporation)
DRV - (ccSet_NAV) -- C:\WINDOWS\system32\drivers\NAV\1305000.091\ccSetx86.sys (Symantec Corporation)
DRV - (gdrv) -- C:\WINDOWS\gdrv.sys (Windows ® 2000 DDK provider)
DRV - (SymDS) -- C:\WINDOWS\system32\drivers\NAV\1305000.091\SYMDS.SYS (Symantec Corporation)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (AtcL002) -- C:\WINDOWS\system32\drivers\l251x86.sys (Atheros Communications, Inc.)
DRV - (HECI) Intel® -- C:\WINDOWS\system32\drivers\HECI.sys (Intel Corporation)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (sfng32) -- C:\WINDOWS\system32\drivers\sfng32.sys (Sonic Focus, Inc)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (rtl8139) Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.commsec.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://iat.ninemsn.c...er/default.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D4 4D 68 5E 50 8A CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "
http://www.google.com/"
FF - prefs.js..keyword.URL: "www.google.com"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\IPSFFPlgn\ [2012/01/29 07:37:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/14 17:47:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2012/02/27 18:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alfonso\Application Data\Mozilla\Extensions
[2012/02/27 18:36:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alfonso\Application Data\Mozilla\Firefox\Profiles\y1vwtt3l.default\extensions
[2011/11/15 22:06:07 | 000,002,519 | ---- | M] () -- C:\Documents and Settings\Alfonso\Application Data\Mozilla\Firefox\Profiles\y1vwtt3l.default\searchplugins\Search_Results.xml
[2012/02/15 17:41:22 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Alfonso\Application Data\Mozilla\Firefox\Profiles\y1vwtt3l.default\searchplugins\SweetIM Search.xml
[2012/02/15 17:41:10 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Alfonso\Application Data\Mozilla\Firefox\Profiles\y1vwtt3l.default\searchplugins\sweetim.xml
[2012/02/27 18:57:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/16 18:24:58 | 000,000,000 | ---D | M] (SMART Notebook Extension) -- C:\Program Files\Mozilla Firefox\extensions\{D6D05E6F-D5C1-4e03-8E33-73F92B05E262}
[2012/01/29 07:37:03 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\IPSFFPLGN
[2011/09/29 14:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/29 08:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/15 22:06:07 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
========== Chrome ==========
CHR - default_search_provider: SweetIM Search ()
CHR - default_search_provider: search_url =
http://search.sweeti...6-DB654AFDFC3F}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
O1 HOSTS File: ([2004/08/04 20:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CIEDownload Object) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\Notebook Software\NotebookPlugin.dll (SMART Technologies ULC.)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.5.0.145\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WINDOW~4\Datamngr\ToolBar\searchqudtx.dll File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3 - HKLM\..\Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WINDOW~4\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] sttray.exe File not found
O4 - HKCU..\Run: [Spyware Doctor] C:\Documents and Settings\Alfonso\Desktop\sdsetup_revwire207.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B}
http://kitchenplanne..._IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1312C0D8-BA2B-464E-BACD-4ED6E4A1F29C}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3F8CEC1C-9952-4228-9CAA-1D5E257DAB2E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8515E628-4961-47D9-9319-2CC250FD7329}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A604C5B8-EDF9-4DE8-95AC-6F957AE69257}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/02/19 14:55:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012/02/28 06:46:18 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Alfonso\Desktop\OTL.exe
[2012/02/27 19:07:50 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Alfonso\Desktop\HiJackThis.exe
[2012/02/27 17:56:39 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2012/02/27 17:56:31 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/02/27 17:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2012/02/27 17:56:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Lavasoft
[2012/02/27 17:56:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2012/02/27 17:50:52 | 003,834,864 | ---- | C] (PC Tools) -- C:\Documents and Settings\Alfonso\Desktop\sdasetup.exe
[9 C:\Documents and Settings\Alfonso\My Documents\*.tmp files -> C:\Documents and Settings\Alfonso\My Documents\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/02/28 06:46:18 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Alfonso\Desktop\OTL.exe
[2012/02/28 06:33:00 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/28 06:33:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/28 06:19:25 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012/02/28 06:18:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/27 19:07:52 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Alfonso\Desktop\HiJackThis.exe
[2012/02/27 19:06:03 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/27 18:23:39 | 000,004,706 | -H-- | M] () -- C:\aaw7boot.cmd
[2012/02/27 17:56:43 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2012/02/27 17:55:51 | 012,410,880 | ---- | M] () -- C:\Documents and Settings\Alfonso\Desktop\Ad-Aware96Install.msi
[2012/02/27 17:51:31 | 003,834,864 | ---- | M] (PC Tools) -- C:\Documents and Settings\Alfonso\Desktop\sdasetup.exe
[2012/02/26 09:02:07 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/02/25 09:44:02 | 000,009,669 | ---- | M] () -- C:\Documents and Settings\Alfonso\Desktop\makeup.jpg
[2012/02/18 07:34:43 | 000,001,823 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2012/02/13 06:06:27 | 000,288,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/08 18:54:16 | 000,075,279 | ---- | M] () -- C:\Documents and Settings\Alfonso\Desktop\pic1.jpg
[2012/01/30 06:08:06 | 000,001,906 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton AntiVirus.LNK
[2012/01/30 06:07:31 | 000,531,900 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1305000.091\Cat.DB
[2012/01/30 06:07:28 | 000,004,782 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1305000.091\VT20111023.023
[2012/01/29 08:01:06 | 000,141,944 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/01/29 08:01:06 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/01/29 08:01:06 | 000,007,468 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/01/29 08:01:06 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[9 C:\Documents and Settings\Alfonso\My Documents\*.tmp files -> C:\Documents and Settings\Alfonso\My Documents\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/02/27 18:23:32 | 000,004,706 | -H-- | C] () -- C:\aaw7boot.cmd
[2012/02/27 17:56:48 | 000,000,486 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012/02/27 17:56:43 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2012/02/27 17:55:46 | 012,410,880 | ---- | C] () -- C:\Documents and Settings\Alfonso\Desktop\Ad-Aware96Install.msi
[2012/02/25 09:44:01 | 000,009,669 | ---- | C] () -- C:\Documents and Settings\Alfonso\Desktop\makeup.jpg
[2012/02/12 21:53:09 | 000,030,480 | ---- | C] () -- C:\Documents and Settings\Alfonso\Desktop\FhPrint.TTF
[2012/02/08 18:58:58 | 000,075,279 | ---- | C] () -- C:\Documents and Settings\Alfonso\Desktop\pic1.jpg
[2011/11/12 20:28:43 | 000,063,080 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/10/20 20:10:42 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/10/20 17:06:27 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Alfonso\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/20 14:42:20 | 000,002,048 | ---- | C] () -- C:\Documents and Settings\Alfonso\Application Data\cudopromotion Prefs
[2011/10/14 15:13:08 | 000,147,456 | R--- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4864.dll
[2011/10/14 15:00:39 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2011/10/14 15:00:34 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2011/10/14 15:00:31 | 000,019,583 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2011/10/14 15:00:31 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011/01/20 08:45:57 | 001,445,112 | ---- | C] () -- C:\WINDOWS\System32\igkrng400.bin
[2011/01/19 16:50:30 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4957.dll
========== LOP Check ==========
[2011/11/19 10:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alfonso\Application Data\AVG2012
[2011/12/18 09:32:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alfonso\Application Data\Canon
[2011/10/20 14:42:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alfonso\Application Data\cudopromotion
[2011/11/15 22:09:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alfonso\Application Data\searchquband
[2011/10/16 18:25:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alfonso\Application Data\SMART Technologies Inc
[2011/11/19 10:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alfonso\Application Data\TestApp
[2011/12/24 19:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/11/15 22:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2011/12/06 18:02:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/12/10 10:43:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonEPP
[2011/12/10 10:48:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEGV
[2011/12/10 10:43:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJEPPEX2
[2011/12/10 10:42:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJFAX
[2011/12/11 12:35:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2011/12/10 10:40:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJWSpt
[2011/11/19 10:42:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/12/24 18:59:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/10/16 18:29:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SMART Technologies
[2012/02/27 17:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/10/14 16:39:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/02/28 06:19:25 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2012/02/27 18:23:39 | 000,004,706 | -H-- | M] () -- C:\aaw7boot.cmd
[2005/02/19 14:55:37 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/12/24 19:03:13 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2005/02/19 14:55:37 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/01/16 12:47:15 | 000,000,032 | ---- | M] () -- C:\csb.log
[2011/10/15 11:23:34 | 000,757,784 | ---- | M] (Adobe Systems Incorporated) -- C:\install_flashplayer11x32ax_gtba_aih.exe
[2005/02/19 14:55:37 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/02/19 14:55:37 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/04 20:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011/10/21 10:21:29 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/02/28 06:18:42 | 1509,949,440 | -HS- | M] () -- C:\pagefile.sys
[2011/11/25 17:56:25 | 006,283,632 | ---- | M] (Microsoft Corporation) -- C:\Silverlight.exe
< %systemroot%\Fonts\*.com >
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2005/02/19 14:55:06 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2007/03/14 05:06:40 | 000,019,968 | ---- | M] (Black Ice Software) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\BuEProNT.dll
[2007/03/19 05:00:00 | 000,027,136 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8S.DLL
[2010/09/20 05:00:00 | 000,028,672 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPDAK.DLL
[2007/03/19 05:00:00 | 000,069,632 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPP8S.DLL
[2010/09/20 05:00:00 | 000,074,752 | ---- | M] (CANON INC.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPPAK.DLL
[2003/06/18 17:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2006/10/26 18:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2005/02/19 22:43:13 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2005/02/19 22:43:13 | 000,634,880 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2005/02/19 22:43:13 | 000,880,640 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lîk /x >
[2011/10/21 10:24:27 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
[2011/10/21 10:24:27 | 000,001,573 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Set Program Access and Defaults.lnk
[2005/02/19 14:55:44 | 000,000,398 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Windows Catalog.lnk
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Mikzosoft\Internet Explorer\Quick Launch\*.lnk /x >
< %USERPROFILE%\Deskuop\*.exe >
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results Install|LastSuccessTime /rs >
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< %systemroot%\*. /rp /s >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|* /RS >
< MD5 for: EXPLORER.EXE >
[2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004/08/04 20:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[1999/04/24 14:22:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=B22B28F61B1BB06723019307F0FAACFC -- C:\Documents and Settings\Alfonso\Desktop\Desktop\backup\WINDOWS\EXPLORER.EXE
< MD5 for: EXPLORER.EXE-082F38A9.PF >
[2012/02/27 17:58:30 | 000,058,970 | ---- | M] () MD5=F8DC0E6E0054F44A0C9ADDBCC8442B89 -- C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
< MD5 for: EXPLORER.LGC >
[2002/10/10 03:24:44 | 000,073,263 | ---- | M] () MD5=FB909170A9210FC2ADF45933D6AE3AD5 -- C:\Documents and Settings\Alfonso\Desktop\Desktop\backup\WINDOWS\APPLOG\EXPLORER.LGC
< MD5 for: EXPLORER.LNK >
[2003/04/04 09:42:46 | 000,000,276 | ---- | M] () MD5=2DA7C14C5978A621B6AED4FEDC89C8F1 -- C:\Documents and Settings\Alfonso\Desktop\Desktop\backup\WINDOWS\Application Data\Microsoft\Office\Recent\Explorer.LNK
< MD5 for: EXPLORER.SCF >
[1999/04/24 14:22:00 | 000,000,080 | ---- | M] () MD5=A3975A7D2C98B30A2AE010754FFB9392 -- C:\Documents and Settings\Alfonso\Desktop\Desktop\backup\WINDOWS\EXPLORER.SCF
[2004/08/04 20:00:00 | 000,000,080 | ---- | M] () MD5=A3975A7D2C98B30A2AE010754FFB9392 -- C:\WINDOWS\explorer.scf
< MD5 for: IEXPLORE.CHM >
[2009/02/21 00:21:24 | 000,529,818 | ---- | M] () MD5=1435F4731719DF5F57D17DC38196245D -- C:\WINDOWS\Help\iexplore.chm
[1999/04/24 14:22:00 | 000,113,910 | ---- | M] () MD5=6001884F943D00E3C15C7119A044D6AA -- C:\Documents and Settings\Alfonso\Desktop\Desktop\backup\WINDOWS\HELP\IEXPLORE.CHM
[2004/08/04 20:00:00 | 000,204,810 | ---- | M] () MD5=60858526AAD1CC55F5F0055B8E3B66FE -- C:\WINDOWS\ie8\iexplore.chm
< MD5 for: IEXPLORE.EXE >
[2008/04/14 04:42:24 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=55794B97A7FAABD2910873C85274F409 -- C:\WINDOWS\ie8\iexplore.exe
[2008/04/14 04:42:24 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=55794B97A7FAABD2910873C85274F409 -- C:\WINDOWS\ServicePackFiles\i386\iexplore.exe
[2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\WINDOWS\system32\dllcache\iexplore.exe
[2004/08/04 20:00:00 | 000,093,184 | ---- | M] (Microsoft Corporation) MD5=E7484514C0464642BE7B4DC2689354C8 -- C:\WINDOWS\$NtServicePackUninstall$\iexplore.exe
[1999/04/24 14:22:00 | 000,078,272 | ---- | M] (Microsoft Corporation) MD5=F51690B7980BD05DB110FDCD1714688E -- C:\Documents and Settings\Alfonso\Desktop\Desktop\backup\Program Files\Internet Explorer\IEXPLORE.EXE
< MD5 for: IEXPLORE.EXE.MUI >
[2009/03/08 13:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2009/03/08 13:21:44 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=943030B55FDB56FB8B8FCC086071E119 -- C:\Program Files\Internet Explorer\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-27122324.PF >
[2012/02/27 21:17:00 | 000,077,204 | ---- | M] () MD5=D273D85B9A03800AB6355846E452C328 -- C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf
< MD5 for: IEXPLORE.HLP >
[2004/08/04 20:00:00 | 000,180,335 | ---- | M] () MD5=3F19AF1B745140DAFAC6F78F561A3C62 -- C:\WINDOWS\Help\iexplore.hlp
[1999/04/24 14:22:00 | 000,085,280 | ---- | M] () MD5=D49D121E4A6D19C87720016D85D1EEBD -- C:\Documents and Settings\Alfonso\Desktop\Desktop\backup\WINDOWS\HELP\IEXPLORE.HLP
< MD5 for: IEXPLORE.LGC >
[2002/09/12 14:26:16 | 000,001,227 | ---- | M] () MD5=B8CC58701AE55B7162CB796B7F631B6D -- C:\Documents and Settings\Alfonso\Desktop\Desktop\backup\WINDOWS\APPLOG\IEXPLORE.LGC
< MD5 for: WINLOGON.EXE >
[2004/08/04 20:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 04:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 04:42:40 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WINLOGON.EXE-32C57D49.PF >
[2012/02/28 06:18:51 | 000,075,030 | ---- | M] () MD5=2C08C9B081AA6BF9A0F05E8EB2FC89D3 -- C:\WINDOWS\Prefetch\WINLOGON.EXE-32C57D49.pf
< MD5 for: WINSRV.DLL >
[2008/04/14 04:42:10 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=1618F36D4F7F6CCCEB3EE44BA95BE85C -- C:\WINDOWS\ServicePackFiles\i386\winsrv.dll
[2008/04/14 04:42:10 | 000,293,376 | ---- | M] (Microsoft Corporation) MD5=1618F36D4F7F6CCCEB3EE44BA95BE85C -- C:\WINDOWS\system32\winsrv.dll
[2004/08/04 20:00:00 | 000,290,816 | ---- | M] (Microsoft Corporation) MD5=442D0EAD5534E4ADCF6D4469043C82C0 -- C:\WINDOWS\$NtServicePackUninstall$\winsrv.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:430C6D84
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >
Extras:
OTL Extras logfile created on: 2/28/2012 6:47:46 AM - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Documents and Settings\Alfonso\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 63.54% Memory free
3.25 Gb Paging File | 2.38 Gb Available in Paging File | 73.21% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 433.85 Gb Free Space | 93.15% Space Free | Partition Type: NTFS
Computer Name: ALFONSO | User Name: Alfonso | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"ANTIVIRUSDISABLENOTIFY" = 0
"FIREWALLDISABLENOTIFY" = 0
"UPDATESDISABLENOTIFY" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Documents and Settings\Alfonso\Local Settings\Temporary Internet Files\Content.IE5\G26E9FIL\SweetImSetup[1].exe" = C:\Documents and Settings\Alfonso\Local Settings\Temporary Internet Files\Content.IE5\G26E9FIL\SweetImSetup[1].exe:*:Enabled:SweetIM Installer
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A755762-EED8-47AB-A446-505766F93D43}" = Atheros Communications Inc.® L2 Fast Ethernet Driver
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series" = Canon MP210 series
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX360_series" = Canon MX360 series MP Drivers
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{2B43252C-A1E3-4C47-927C-9F2C276D3515}" = S3GSetup
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E9976D2-E563-43DE-A51F-5AEBC38D1F08}" = Ad-Aware
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A70800000002}" = Adobe Reader 7.0.8
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F581DF68-CAE9-4064-A6CD-705D95D1C756}" = Notebook Software
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 1.99.1
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MP Navigator EX 4.1" = Canon MP Navigator EX 4.1
"NAV" = Norton AntiVirus
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Speed Dial Utility" = Canon Speed Dial Utility
"VIA/S3G UniChrome Family Win2K/XP Display" = VIA/S3G Display Driver
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1/29/2012 6:33:39 PM | Computer Name = ALFONSO | Source = Application Error | ID = 1000
Description = Faulting application acrord32.exe, version 7.0.8.218, faulting module
acrord32.dll, version 7.0.8.218, fault address 0x000c882d.
Error - 1/29/2012 6:37:24 PM | Computer Name = ALFONSO | Source = Application Error | ID = 1000
Description = Faulting application acrord32.exe, version 7.0.8.218, faulting module
acrord32.dll, version 7.0.8.218, fault address 0x000c882d.
Error - 1/29/2012 6:38:26 PM | Computer Name = ALFONSO | Source = Application Error | ID = 1000
Description = Faulting application acrord32.exe, version 7.0.8.218, faulting module
acrord32.dll, version 7.0.8.218, fault address 0x000c882d.
Error - 1/29/2012 6:40:19 PM | Computer Name = ALFONSO | Source = Application Error | ID = 1000
Description = Faulting application acrord32.exe, version 7.0.8.218, faulting module
acrord32.dll, version 7.0.8.218, fault address 0x000c882d.
Error - 1/29/2012 7:30:56 PM | Computer Name = ALFONSO | Source = Application Error | ID = 1000
Description = Faulting application acrord32.exe, version 7.0.8.218, faulting module
acrord32.dll, version 7.0.8.218, fault address 0x000c882d.
Error - 1/29/2012 8:13:38 PM | Computer Name = ALFONSO | Source = Application Error | ID = 1000
Description = Faulting application acrord32.exe, version 7.0.8.218, faulting module
acrord32.dll, version 7.0.8.218, fault address 0x000c882d.
Error - 1/29/2012 8:14:07 PM | Computer Name = ALFONSO | Source = Application Error | ID = 1000
Description = Faulting application acrord32.exe, version 7.0.8.218, faulting module
acrord32.dll, version 7.0.8.218, fault address 0x000c882d.
Error - 1/30/2012 8:27:33 AM | Computer Name = ALFONSO | Source = Application Error | ID = 1000
Description = Faulting application acrord32.exe, version 7.0.8.218, faulting module
acrord32.dll, version 7.0.8.218, fault address 0x000c882d.
Error - 1/30/2012 8:50:10 AM | Computer Name = ALFONSO | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.18702, fault address 0x002535c4.
Error - 2/1/2012 6:46:03 AM | Computer Name = ALFONSO | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module mshtml.dll, version 8.0.6001.18702, fault address 0x00265067.
[ System Events ]
Error - 2/27/2012 6:33:52 AM | Computer Name = ALFONSO | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 2/27/2012 6:33:52 AM | Computer Name = ALFONSO | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 2/27/2012 6:33:53 AM | Computer Name = ALFONSO | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 2/27/2012 6:33:53 AM | Computer Name = ALFONSO | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 2/27/2012 6:33:53 AM | Computer Name = ALFONSO | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 2/27/2012 6:33:53 AM | Computer Name = ALFONSO | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 2/27/2012 6:33:53 AM | Computer Name = ALFONSO | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 2/27/2012 6:33:53 AM | Computer Name = ALFONSO | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 2/27/2012 6:33:53 AM | Computer Name = ALFONSO | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
Error - 2/27/2012 6:33:53 AM | Computer Name = ALFONSO | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126
< End of report >
aswMBR log
aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-02-28 06:54:01
-----------------------------
06:54:01.306 OS Version: Windows 5.1.2600 Service Pack 3
06:54:01.306 Number of processors: 2 586 0xF0D
06:54:01.306 ComputerName: ALFONSO UserName: Alfonso
06:54:05.853 Initialize success
07:06:36.666 AVAST engine defs: 12022701
07:15:35.166 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5
07:15:35.166 Disk 0 Vendor: ST3500413AS JC45 Size: 476940MB BusType: 3
07:15:35.181 Disk 0 MBR read successfully
07:15:35.181 Disk 0 MBR scan
07:15:35.213 Disk 0 Windows VISTA default MBR code
07:15:35.244 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476938 MB offset 2048
07:15:35.244 Disk 0 scanning sectors +976771120
07:15:35.306 Disk 0 scanning C:\WINDOWS\system32\drivers
07:15:41.635 Service scanning
07:15:52.135 Modules scanning
07:15:56.088 Disk 0 trace - called modules:
07:15:56.103 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
07:15:56.119 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a69bab8]
07:15:56.119 3 CLASSPNP.SYS[ba0f8fd7] -> nt!IofCallDriver -> \Device\00000075[0x8a702278]
07:15:56.119 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-5[0x8a6f5940]
07:15:57.697 AVAST engine scan C:\WINDOWS
07:16:07.775 AVAST engine scan C:\WINDOWS\system32
07:17:30.306 AVAST engine scan C:\WINDOWS\system32\drivers
07:17:50.135 AVAST engine scan C:\Documents and Settings\Alfonso
07:33:19.041 File: C:\Documents and Settings\Alfonso\My Documents\PetSetup.exe **INFECTED** Win32:CIH-G@dam
07:34:04.306 AVAST engine scan C:\Documents and Settings\All Users
07:38:57.822 Scan finished successfully
07:39:15.978 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Alfonso\Desktop\MBR.dat"
07:39:15.978 The log file has been saved successfully to "C:\Documents and Settings\Alfonso\Desktop\aswMBR.txt"