Redirectinfected

Hi, So happy to report I have been surfing all afternoon without popups or redirectings !

I didnt split the lines in OTL so didnt run correctly... here the good one. I hope I haven't messed it up All processes killed ========== OTL ========== C:\Users\Martha\AppData\Roaming\AV Security Essentials folder moved successfully. ========== FILES ========== < ipconfig /flushdns /c > Configuraci¢n IP de Windows Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS. C:\Users\Martha\Desktop\cmd.bat deleted successfully. C:\Users\Martha\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Martha ->Temp folder emptied: 398568786 bytes ->Temporary Internet Files folder emptied: 159014954 bytes ->Java cache emptied: 525791 bytes ->Google Chrome cache emptied: 7082638 bytes ->Apple Safari cache emptied: 85095424 bytes ->Flash cache emptied: 1818 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 10142120 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 112236 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 630.00 mb Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.60.0 log created on 09042012_143431 Files\Folders moved on Reboot... C:\Users\Martha\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... ------ RKILL ---- Rkill 2.3.4 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2012 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 09/04/2012 02:41:17 PM in x64 mode. Windows Version: Windows 7 Home Premium Service Pack 1 Checking for Windows services to stop. * No malware services found to stop. Checking for processes to terminate. * C:\Program Files\Java\jre6\bin\jusched.exe (PID: 4988) [FI] 1 proccess terminated! Checking Registry for malware related settings. * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks. * Windows Defender Disabled [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001 Checking Windows Service Integrity: * Windows Defender (WinDefend) is not Running. Startup Type set to: Manual * CscService [Missing Service] * PeerDistSvc [Missing Service] * UmRdpService [Missing Service] * atapi => \SystemRoot\system32\drivers\atapi.sys [incorrect ImagePath] Searching for Missing Digital Signatures: * No issues found. Program finished at: 09/04/2012 02:41:33 PM Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)

OTL Fix log All processes killed Error: Unable to interpret <:OTL[2012/02/12 13:19:16 | 000,000,000 | -HSD | M] -- C:\Users\Martha\AppData\Roaming\AV Security Essentials:filesipconfig /flushdns /c:Commands[resethosts][emptytemp][clearallrestorepoints]> in the current context! OTL by OldTimer - Version 3.2.60.0 log created on 09042012_125143 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot... ----- RKILL log ------ Rkill 2.3.4 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2012 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 09/04/2012 12:58:47 PM in x64 mode. Windows Version: Windows 7 Home Premium Service Pack 1 Checking for Windows services to stop. * No malware services found to stop. Checking for processes to terminate. * C:\Program Files\Java\jre6\bin\jusched.exe (PID: 3372) [FI] 1 proccess terminated! Checking Registry for malware related settings. * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. * HKLM\Software\Classes\.com "@" has been changed to ComFile! * HKLM\Software\Classes\.com "@" was reset to comfile! Performing miscellaneous checks. * Windows Defender Disabled [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001 Checking Windows Service Integrity: * Windows Defender (WinDefend) is not Running. Startup Type set to: Manual * CscService [Missing Service] * PeerDistSvc [Missing Service] * UmRdpService [Missing Service] * atapi => \SystemRoot\system32\drivers\atapi.sys [incorrect ImagePath] Searching for Missing Digital Signatures: * No issues found. Program finished at: 09/04/2012 12:59:06 PM Execution time: 0 hours(s), 0 minute(s), and 18 seconds(s)

The previous post was too long with both files, here EXTRAS.TXT OTL Extras logfile created on: 03/09/2012 03:27:29 p.m. - Run 1 OTL by OldTimer - Version 3.2.60.0 Folder = C:\Users\Martha\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000080a | Country: México | Language: ESM | Date Format: dd/MM/yyyy 3.97 Gb Total Physical Memory | 2.46 Gb Available Physical Memory | 62.12% Memory free 7.93 Gb Paging File | 6.07 Gb Available in Paging File | 76.45% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.59 Gb Total Space | 347.78 Gb Free Space | 77.01% Space Free | Partition Type: NTFS Computer Name: MARTHA-VAIO | User Name: Martha | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- Reg Error: Key error. File not found .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) https [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. https [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{18CA0F3B-76C3-4026-9EA1-4977650A64D7}" = rport=139 | protocol=6 | dir=out | app=system | "{26E1AE49-62F6-4FF1-9C2A-7DD919F357CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{28B98C8B-5AB3-42F4-9AB5-6314A6852222}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{33B40250-6657-466B-BB77-CDD3FE511B13}" = lport=2869 | protocol=6 | dir=in | app=system | "{36F9F39E-E83B-42C7-BE33-21FC00E49E7D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{3A7C3CC0-40BE-43A7-9871-CA5FF33A2C57}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4A694240-7C85-44B0-984C-D7B48221F3E8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{4DC87644-5B32-4BBF-8E2F-E561E9DE70B5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{50725A36-FB42-49DE-AD85-3F64DD365357}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{56E9892E-9A18-4760-963B-C1D7F7DBF4B4}" = lport=139 | protocol=6 | dir=in | app=system | "{6C2A3CAC-C629-438F-A04A-14B5402EA71A}" = rport=10243 | protocol=6 | dir=out | app=system | "{6D2ACB29-F0E1-4285-B94C-E0905E0D15EA}" = lport=445 | protocol=6 | dir=in | app=system | "{732BACED-0F57-4ABB-B044-4A2998A41574}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{770500B2-B459-4C49-B255-5B6AA6979572}" = lport=10243 | protocol=6 | dir=in | app=system | "{806A7433-25BE-47D6-9587-7C008EA6B384}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8CC1FCDB-CA72-4358-964F-F6126EA75ECB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8D91D6AB-FFA2-4C75-A563-30B727D44E5F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{AE2D1D8A-B8E5-4F25-9F62-DA4635E022B0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B268576D-EA2C-42A9-9493-5A757798D277}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{C60C9652-D4E0-495B-8434-5A06068BBDA0}" = rport=445 | protocol=6 | dir=out | app=system | "{C764874E-B92B-42F1-A696-4B039606259D}" = rport=137 | protocol=17 | dir=out | app=system | "{C9473BC5-C937-4EB4-BAFE-7A0F1F3835A6}" = lport=138 | protocol=17 | dir=in | app=system | "{DC533EE0-B2FE-4B80-A448-DA7189E42112}" = rport=138 | protocol=17 | dir=out | app=system | "{E6D4BACE-5795-4827-A36C-E4CF274CA01A}" = lport=137 | protocol=17 | dir=in | app=system | "{F1AB20B3-4FCA-47DF-865B-59E4D8082A82}" = lport=2869 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{049EBD4B-4108-4FC4-A823-A18FE7B69137}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{08C960CD-9357-45A7-92B1-651E42AEBE2A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{0B7F5799-44DB-449D-B44D-5C373D07500E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{1BE8FB9E-1CEA-48A7-A14B-A3F9AC33585A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{1C04847C-2353-47BF-8BCB-708B618B83CC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{240C4C2C-AA4F-4B72-9801-687050C20F44}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{24B29B96-667B-4FBA-B710-4B6F1672EE93}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{2687BD0D-5D22-4FE5-9763-7DC229273BE0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{27E138FC-7C45-493E-A502-8338CBAB7F33}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{30EEB0D9-01B4-467F-A650-34A49F8BB270}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{340F12B4-9B08-470D-AD97-AB0631C095B0}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{384184DE-7439-429C-B5C8-E9CE1F1D5DCC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{461AC3CC-2AEB-4033-ABF7-23B1C03CC665}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4C2FDAAD-37C9-46E4-B042-C3798C95688E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{4E218A75-CD80-42F2-83BA-D2C53AE06A37}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{51F2C310-F424-48AD-B2B7-4706B06D9C41}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{5262605D-3D19-4999-914B-D7F0506C92A7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{53424549-5742-46CA-9629-DDFFA4987D78}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{597DD3BC-AAC7-4F66-8688-389E62B7B20D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5DFBB0F6-D207-4F4B-8E8E-3D631BA37EEE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{7D5B6211-FFBF-4A06-9AD9-C3424DB5474E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{81698F62-2A90-434D-BF8B-DB37F0DD232C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{847395FD-D93D-4AC9-865E-6919CA3D9DB8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{879BD924-EFE9-4D7B-9265-C56E84E5AB0F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{8B773DA4-1130-48D7-B4C2-C87FE78CAA66}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8D9EE1EB-E03F-44A2-A699-246C6F6D9240}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{96BE7309-738B-4017-9272-142B8B2C71E8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{9845CB74-D72E-4F12-A395-281BEDA3D735}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{984C1033-082A-480E-AACB-D6266BFBAA1D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{A30A5D63-8751-4B1F-9528-478D6A2A3860}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{AAC026E6-2DF1-4C0E-BAA9-1A0AF3405BF8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AD050F4D-8505-422A-BE6A-A5839DBDAF5B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{ADF6D791-47AE-4EF1-A0B3-A9049D4377CD}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{B317F345-68FB-4969-BE23-D03EFC638250}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{B3F27A0E-7FD0-4CB8-8EDB-34792E56D228}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | "{B7CEEF63-D7E5-4C91-A892-B44874502430}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{B8589D8F-B6ED-4A6F-A46A-A778E1B77F44}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{BDF33F4B-4955-4AB7-A0D5-D91ED4D3EF11}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{C9FB88F8-5540-4A4A-A0EB-0EAEDF508750}" = protocol=6 | dir=out | app=system | "{CF6A33A7-EC88-4CB6-9C27-51C7C812EBEB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{D468331A-337E-4E46-A75A-4DCD289C5902}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{D954D8CE-A895-4000-9F4B-FB50A7BE5540}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E4473AE2-F27E-4970-8603-AA89EDED2294}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{E91C8441-FD6B-4285-85A9-E46017036E44}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe | "{E9A85DF6-4DE9-45E0-B9B4-75D9DFBEF4D8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe | "{EB3DE871-DB3F-4220-829F-6D4BA47A922A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{F0235B02-CA0E-4C58-8662-C15AF27605D9}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe | "{F5727917-7BAF-43B2-A4F5-E6CB175CB466}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{FC7850D9-D51B-4762-A8B8-0EF4DD9BA09A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{1022EA9E-FF06-4D0E-98A5-47173F34E0A8}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "TCP Query User{4161C36E-91DF-4AB1-97FB-68E9D42BA0E0}C:\program files\sony\vaio care\vcsystray.exe" = protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcsystray.exe | "TCP Query User{5302AB8E-45A2-4652-A06E-5B72193333F9}C:\program files\sony\vaio care\vaiocare.exe" = protocol=6 | dir=in | app=c:\program files\sony\vaio care\vaiocare.exe | "TCP Query User{6E8CB1D7-A6A2-4C4C-83D2-4282CFB66704}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "TCP Query User{AD02232E-1E66-4B73-A48A-67E09A959A37}C:\program files\sony\vaio care\vcsystray.exe" = protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcsystray.exe | "TCP Query User{FB8AF1E5-67C8-4672-96CE-1A35BC5D92CA}C:\program files\sony\vaio care\vaiocare.exe" = protocol=6 | dir=in | app=c:\program files\sony\vaio care\vaiocare.exe | "UDP Query User{000C4B9D-F2F7-476D-AD4C-6F65C961CAD7}C:\program files\sony\vaio care\vaiocare.exe" = protocol=17 | dir=in | app=c:\program files\sony\vaio care\vaiocare.exe | "UDP Query User{842BECC8-7416-4017-93E6-39C9050384B0}C:\program files\sony\vaio care\vcsystray.exe" = protocol=17 | dir=in | app=c:\program files\sony\vaio care\vcsystray.exe | "UDP Query User{B0FF84AA-F6D0-47B8-B2FB-65025A256CD7}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "UDP Query User{D3509536-6512-4A57-9D19-022A4023707A}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | "UDP Query User{D6FCC31E-4381-4D8C-A40D-14D865956FF6}C:\program files\sony\vaio care\vaiocare.exe" = protocol=17 | dir=in | app=c:\program files\sony\vaio care\vaiocare.exe | "UDP Query User{E249B12F-FB07-42EF-92D7-1CBD53EA1517}C:\program files\sony\vaio care\vcsystray.exe" = protocol=17 | dir=in | app=c:\program files\sony\vaio care\vcsystray.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{26A24AE4-039D-4CA4-87B4-2F86416015FF}" = Java 6 Update 15 (64-bit) "{3C8159DD-1890-4625-A5B2-E3D8D78D4486}" = AVG 2012 "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64 "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2 "{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java SE Development Kit 6 Update 15 (64-bit) "{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{7C3AC18F-F19B-4082-8D13-7D603848E06C}" = VAIO Update Merge Module x64 "{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0C0A-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Spanish) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software "{A108BD40-0A8C-4385-8874-74C4B6086CC3}" = AVG 2012 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "{C3C912BB-BF4B-3788-8A19-DA5B999CE0C6}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst "{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "AVG" = AVG 2012 "FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Paquete de controladores de Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN "Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "NVIDIA Drivers" = NVIDIA Drivers "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{04EB7EC7-BA84-11D6-A753-0006298968D6}" = NED 6.0 "{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data "{0A5F02E5-1A52-4F85-892C-A35227641C75}" = VAIO Content Metadata Intelligent Analyzing Manager "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime "{0E77269E-DC0F-46DC-946C-8E95CB1455AC}" = Media Gallery "{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support "{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo "{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE and Startup Assistant "{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2018C019-30D9-4240-8C01-0865C10DCF5A}" = Soporte para Presentación VAIO "{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Configuración de Monitorización de contenido del VAIO "{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java 6 Update 34 "{2BE51320-174A-44EC-8041-50E35E091283}" = VAIO Content Metadata Intelligent Analyzing Manager "{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64) "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey "{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care "{38BB21D5-B0D1-41DA-A0B0-1EFB5EF4AAC2}" = Microsoft Works "{3B1168DE-1F8C-471C-AC49-0CA52F096170}" = VAIO Content Metadata Intelligent Network Service Manager "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{48E91AD2-2A80-4E70-98E6-450A189F6048}" = VAIO Movie Story "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor "{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ "{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents "{5511C07D-A83C-45AD-92B6-42DF99729A3C}" = Adobe Photoshop Elements 7.0 "{57AABF73-E17F-4212-A103-13A9794F0869}" = VAIO Content Metadata XML Interface Library "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{5F2D882B-A663-4EB5-9851-48CC6C75FD2D}" = VAIO Content Metadata Intelligent Network Service Manager "{5F5867F0-2D23-4338-A206-01A76C823924}" = Administración de energía del VAIO "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc "{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform "{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}" = VAIO Media plus Opening Movie "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "{70991E0A-1108-437E-BA7D-085702C670C0}" = "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center "{7395DD51-0D1A-47A7-9993-742073ECF4CE}" = VAIO Content Metadata Manager Settings "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7A512C74-7780-43A1-93DA-29C23D0DF374}" = VAIO Content Metadata XML Interface Library "{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2 "{7CCA5B1B-3D58-4046-978A-2DA3214D4E0A}" = My Photo Books (MEMORINGO Edition) "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7E8DE539-B044-48B3-BC76-4F0A089ABE2F}" = VAIO Content Metadata Intelligent Analyzing Manager "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{85AF94EC-55DE-452A-8FD7-C34E598B3F1F}" = Adobe Premiere Elements 7.0 Templates "{860E3C5D-BE36-49FE-BCFA-1A09B90D6F49}" = VAIO Content Metadata Manager Settings "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus "{8F47B673-8D71-49E3-98B6-BCF547C82F57}" = Click to Disc "{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger "{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007 "{90120000-0016-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007 "{90120000-0018-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007 "{90120000-001B-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007 "{90120000-001F-0403-0000-0000000FF1CE}_HOMESTUDENTR_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007 "{90120000-001F-0416-0000-0000000FF1CE}_HOMESTUDENTR_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007 "{90120000-001F-042D-0000-0000000FF1CE}_HOMESTUDENTR_{017A6981-5E03-4A97-830A-35FE0927BB7F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007 "{90120000-001F-0456-0000-0000000FF1CE}_HOMESTUDENTR_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-0020-0C0A-0000-0000000FF1CE}" = Paquete de compatibilidad para 2007 Office system "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0C0A-1000-0000000FF1CE}_HOMESTUDENTR_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007 "{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007 "{90120000-006E-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007 "{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{931FE23C-BB40-4C7A-A594-DB35908D8E83}" = VAIO Quick Web Access "{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = ZTE Mobile Connection Manager "{949419DF-F4AF-4693-B60A-522B24F233C6}" = VAIO Content Metadata XML Interface Library "{95120000-00AF-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Spanish) "{953D4586-9A16-495E-BA1F-EE5AA66604DB}" = Windows Live Sync "{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = "{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}" = SmartWi Connection Utility "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9CAB7412-1612-41E2-8182-8F92814D93CD}" = Configuración de funciones originales del VAIO "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9D912275-85FD-45F6-9AF3-388A0F8AADB2}" = VAIO Content Metadata Intelligent Network Service Manager "{9E39EA0D-38CD-4739-9E28-DEA4A1155522}" = Sony Home Network Library "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A568DFBD-4A04-484E-86BB-165AA6C53E2B}" = VAIO Content Monitoring Settings "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1034-7B44-A95000000001}" = Adobe Reader 9.5.2 - Español "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service "{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari "{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0 "{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0 "{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility "{D564B5E2-CCB5-4A5C-B35E-2FC30BBC9336}" = Adobe Premiere Elements 7.0 "{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents "{D64EA5EB-E3F0-40DF-AA3A-C3A30E827DD3}" = VAIO Original Function Settings "{D8AE7D4E-BA8B-4F7B-BF50-8D2F090034F0}" = VAIO Content Metadata Intelligent Analyzing Manager "{DABF43D9-1104-4764-927B-5BED1274A3B0}" = Runtime "{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery "{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E79467B0-7148-4E37-B91A-EB6107C3BB68}" = VAIO Help and Support "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F3B19B7C-0125-4044-85D3-D72364295CCA}" = PowerArchiver 2010 "{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements "{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = "{FBBF5D9C-1989-4933-AE4E-19EE368385B4}" = VAIO Entertainment Platform "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0 "ESET Online Scanner" = ESET Online Scanner v3 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor "InstallShield_{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versión 1.62.0.1300 "PremElem70" = Adobe Premiere Elements 7.0 "PremElem70Templates" = Adobe Premiere Elements 7.0 Templates "RocketDock_is1" = RocketDock 1.3.5 "splashtop" = VAIO Quick Web Access "WinLiveSuite" = Windows Live Essentials ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2050008525-2778328402-3899645604-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 29/08/2012 06:41:14 p.m. | Computer Name = Martha-VAIO | Source = SideBySide | ID = 16842832 Description = Error al generar el contexto de activación para "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Error en el archivo de manifiesto o directiva "" en la línea . Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo. Los componentes en conflicto son:. Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 29/08/2012 07:02:14 p.m. | Computer Name = Martha-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019) Error - 30/08/2012 02:39:09 p.m. | Computer Name = Martha-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019) Error - 30/08/2012 05:28:28 p.m. | Computer Name = Martha-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019) Error - 30/08/2012 05:33:17 p.m. | Computer Name = Martha-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019) Error - 30/08/2012 07:56:54 p.m. | Computer Name = Martha-VAIO | Source = SideBySide | ID = 16842832 Description = Error al generar el contexto de activación para "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Error en el archivo de manifiesto o directiva "" en la línea . Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo. Los componentes en conflicto son:. Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error - 31/08/2012 01:06:21 a.m. | Computer Name = Martha-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019) Error - 31/08/2012 12:59:20 p.m. | Computer Name = Martha-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019) Error - 31/08/2012 06:04:28 p.m. | Computer Name = Martha-VAIO | Source = Application Error | ID = 1000 Description = Nombre de la aplicación con errores: 1869619.exe, versión: 11.0.0.1245, marca de tiempo: 0x4d936e61 Nombre del módulo con errores: basegui.ppl, versión: 11.0.0.1245, marca de tiempo: 0x4d937050 Código de excepción: 0xc0000005 Desplazamiento de errores: 0x0005dc46 Id. del proceso con errores: 0x778 Hora de inicio de la aplicación con errores: 0x01cd879b7bb71c40 Ruta de acceso de la aplicación con errores: C:\Users\Martha\AppData\Local\Temp\1097189\1869619.exe Ruta de acceso del módulo con errores: C:\Users\Martha\AppData\Local\Temp\1097189\basegui.ppl Id. del informe: d51f658c-f3b7-11e1-98a4-002643a81817 Error - 03/09/2012 04:19:20 p.m. | Computer Name = Martha-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019) [ System Events ] Error - 30/08/2012 05:33:16 p.m. | Computer Name = Martha-VAIO | Source = Service Control Manager | ID = 7026 Description = El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: PzWDM Error - 31/08/2012 01:05:47 a.m. | Computer Name = Martha-VAIO | Source = Application Popup | ID = 1060 Description = Se bloqueó la carga de \SystemRoot\SysWow64\Drivers\PzWDM.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador. Error - 31/08/2012 01:06:03 a.m. | Computer Name = Martha-VAIO | Source = Service Control Manager | ID = 7009 Description = Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Roxio Upnp Server 10. Error - 31/08/2012 01:06:20 a.m. | Computer Name = Martha-VAIO | Source = Service Control Manager | ID = 7026 Description = El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: PzWDM Error - 31/08/2012 12:58:53 p.m. | Computer Name = Martha-VAIO | Source = Application Popup | ID = 1060 Description = Se bloqueó la carga de \SystemRoot\SysWow64\Drivers\PzWDM.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador. Error - 31/08/2012 12:59:09 p.m. | Computer Name = Martha-VAIO | Source = Service Control Manager | ID = 7009 Description = Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Roxio Upnp Server 10. Error - 31/08/2012 12:59:19 p.m. | Computer Name = Martha-VAIO | Source = Service Control Manager | ID = 7026 Description = El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: PzWDM Error - 03/09/2012 04:18:54 p.m. | Computer Name = Martha-VAIO | Source = Application Popup | ID = 1060 Description = Se bloqueó la carga de \SystemRoot\SysWow64\Drivers\PzWDM.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador. Error - 03/09/2012 04:19:10 p.m. | Computer Name = Martha-VAIO | Source = Service Control Manager | ID = 7009 Description = Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Roxio Upnp Server 10. Error - 03/09/2012 04:19:19 p.m. | Computer Name = Martha-VAIO | Source = Service Control Manager | ID = 7026 Description = El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: PzWDM < End of report >

Hi... here are the results. Thanks for your patience OTL logfile created on: 03/09/2012 03:27:29 p.m. - Run 1 OTL by OldTimer - Version 3.2.60.0 Folder = C:\Users\Martha\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 0000080a | Country: México | Language: ESM | Date Format: dd/MM/yyyy 3.97 Gb Total Physical Memory | 2.46 Gb Available Physical Memory | 62.12% Memory free 7.93 Gb Paging File | 6.07 Gb Available in Paging File | 76.45% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.59 Gb Total Space | 347.78 Gb Free Space | 77.01% Space Free | Partition Type: NTFS Computer Name: MARTHA-VAIO | User Name: Martha | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/09/03 15:22:50 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Martha\Desktop\OTL.exe PRC - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe PRC - [2012/04/05 05:12:34 | 002,587,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe PRC - [2012/02/23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe PRC - [2012/01/18 14:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe PRC - [2009/08/26 17:11:50 | 000,173,368 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe PRC - [2009/08/26 17:11:50 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe PRC - [2009/08/26 17:11:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe PRC - [2009/08/26 17:11:48 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe PRC - [2009/07/23 10:39:38 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe PRC - [2009/07/23 10:39:36 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe PRC - [2009/07/22 15:03:04 | 000,642,920 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe PRC - [2009/07/01 20:54:04 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Archivos de programa\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe PRC - [2009/07/01 11:49:34 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe PRC - [2009/07/01 11:49:34 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe PRC - [2009/06/04 21:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2009/05/26 09:23:14 | 000,317,288 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe PRC - [2008/12/08 15:16:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe PRC - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe PRC - [2007/12/24 01:26:32 | 002,641,920 | ---- | M] (pdfforge http://www.pdfforge.org/) -- C:\Program Files (x86)\PDFCreator\PDFCreator.exe ========== Modules (No Company Name) ========== MOD - [2012/06/14 21:10:04 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll MOD - [2012/06/14 21:09:18 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll MOD - [2012/06/14 18:56:07 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll MOD - [2012/05/10 16:52:12 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012/05/10 16:51:29 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll MOD - [2012/05/10 16:51:25 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012/05/10 16:51:21 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012/05/10 16:51:21 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012/05/10 16:51:16 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012/04/23 17:35:09 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll MOD - [2012/03/21 17:32:36 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll MOD - [2012/01/03 21:51:03 | 003,190,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2010/11/12 18:35:42 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_es_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/11/04 20:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll MOD - [2010/11/04 20:58:10 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll MOD - [2010/11/04 20:58:09 | 000,385,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll MOD - [2009/09/05 06:32:56 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_es_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2009/08/26 17:11:50 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll MOD - [2009/08/26 17:11:50 | 000,081,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll MOD - [2009/08/26 17:11:50 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe MOD - [2009/08/26 17:11:50 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll MOD - [2009/08/26 17:11:50 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll MOD - [2009/08/26 17:11:50 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll MOD - [2009/08/26 17:11:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe MOD - [2009/08/26 17:11:50 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll MOD - [2009/08/26 17:11:50 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll MOD - [2009/08/26 17:11:50 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll MOD - [2009/08/26 17:11:50 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll MOD - [2009/08/26 17:11:50 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll MOD - [2009/08/26 17:11:50 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll MOD - [2009/08/26 17:11:50 | 000,004,608 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll MOD - [2009/08/26 17:11:48 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe MOD - [2009/08/26 17:11:48 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll MOD - [2009/08/26 17:11:48 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll MOD - [2009/08/26 17:11:48 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll MOD - [2007/11/28 18:59:42 | 003,702,784 | ---- | M] () -- C:\Program Files (x86)\PDFCreator\GS8.61\gs8.61\Bin\gsdll32.dll ========== Services (SafeList) ========== SRV:64bit: - [2009/07/31 15:02:00 | 000,382,976 | ---- | M] (Marvell) [Auto | Running] -- C:\Windows\SysNative\yk62x64.dll -- (yksvc) SRV:64bit: - [2008/09/29 16:06:32 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector) SRV - [2012/08/28 10:18:55 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/08/13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/07/04 17:25:54 | 005,160,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2012/01/13 10:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Archivos de programa\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent) SRV - [2011/03/28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010/06/14 16:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/09/05 04:00:44 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2009/08/22 14:19:06 | 000,411,496 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Archivos de programa\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2009/07/27 16:58:40 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr) SRV - [2009/07/27 16:58:38 | 000,427,304 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2009/07/27 16:58:38 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2009/07/27 16:58:38 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr) SRV - [2009/07/27 16:58:36 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2009/07/23 10:39:38 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw) SRV - [2009/07/23 10:39:38 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service) SRV - [2009/07/23 10:39:36 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc) SRV - [2009/07/22 15:03:04 | 000,642,920 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2009/07/01 20:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Archivos de programa\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009/07/01 11:49:34 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2009/06/26 14:56:10 | 000,357,672 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr) SRV - [2009/06/26 14:35:04 | 000,468,264 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2009/06/26 11:25:36 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10) SRV - [2009/06/26 11:25:24 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10) SRV - [2009/06/17 18:50:30 | 000,110,888 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Archivos de programa\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper) SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) SRV - [2008/12/08 15:16:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0) SRV - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/05/25 09:02:09 | 000,039,184 | ---- | M] (Greatis Software) [Kernel | Boot | Unknown] -- C:\Windows\SysNative\Partizan.exe -- (Partizan) DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:64bit: - [2012/03/19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter) DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 05:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010/11/20 04:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010/09/06 17:13:50 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2010/02/26 15:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt) DRV:64bit: - [2010/02/26 15:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2010/02/26 15:33:22 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64) DRV:64bit: - [2010/02/26 15:33:22 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64) DRV:64bit: - [2009/08/03 21:10:04 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2009/08/03 21:09:53 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2009/08/03 21:09:53 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009/08/03 21:04:25 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2009/08/03 15:04:18 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009/07/31 15:29:11 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/07/31 15:10:23 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe) DRV:64bit: - [2009/07/31 15:10:18 | 000,091,648 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci) DRV:64bit: - [2009/07/31 15:02:03 | 000,393,216 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/10 13:23:12 | 000,150,784 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV:64bit: - [2009/07/10 13:23:12 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV:64bit: - [2009/07/10 13:23:12 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV:64bit: - [2009/06/11 15:19:09 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/06/05 15:04:10 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) DRV:64bit: - [2009/06/04 20:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009/05/26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV:64bit: - [2009/05/20 05:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2008/08/28 13:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV - [2012/05/25 10:13:57 | 000,000,250 | ---- | M] () [Kernel | Boot | Unknown] -- C:\Windows\SysWow64\PARTIZAN.TXT -- (Partizan) DRV - [2010/01/18 22:28:31 | 000,015,172 | ---- | M] (Prassi Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\PzWDM.sys -- (PzWDM) DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2050008525-2778328402-3899645604-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaio.sony-latin.com/ [binary data] IE - HKU\S-1-5-21-2050008525-2778328402-3899645604-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT IE - HKU\S-1-5-21-2050008525-2778328402-3899645604-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2050008525-2778328402-3899645604-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2050008525-2778328402-3899645604-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_34: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Martha\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Martha\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/08 17:12:43 | 000,000,000 | ---D | M] [2012/04/30 18:09:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martha\AppData\Roaming\mozilla\Extensions ========== Chrome ========== CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Martha\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Martha\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Martha\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Martha\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Java Platform SE 6 U34 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 6.0.340.4 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Skype Click to Call = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\ CHR - Extension: AVG Do Not Track = C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\ O1 HOSTS File: ([2012/02/12 13:19:16 | 000,001,398 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 108.163.215.51 www.google-analytics.com. O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net. O1 - Hosts: 108.163.215.51 www.statcounter.com. O1 - Hosts: 67.215.245.19 www.google-analytics.com. O1 - Hosts: 67.215.245.19 ad-emea.doubleclick.net. O1 - Hosts: 67.215.245.19 www.statcounter.com. O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKU\S-1-5-21-2050008525-2778328402-3899645604-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4:64bit: - HKLM..\Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Archivos de programa\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [skytel] C:\Archivos de programa\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [iSBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [LaunchUserRequestedPrograms] C:\Program Files\Sony\First Experience\Miniprogram.exe () O4 - HKLM..\Run: [RegistrationReminder] C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe (Sony Electronics, Inc.) O4 - HKLM..\Run: [smartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation) O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe () O4 - HKU\S-1-5-21-2050008525-2778328402-3899645604-1001..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - Startup: C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_04584387.lnk = C:\Users\Martha\AppData\Local\Temp\_uninst_04584387.bat () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2050008525-2778328402-3899645604-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2050008525-2778328402-3899645604-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.) O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Archivos de programa\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Archivos de programa\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Java Plug-in 1.6.0_34) O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} http://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player) O16 - DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Java Plug-in 1.6.0_34) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Java Plug-in 1.6.0_34) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D79E2A4A-D1A8-425B-AAF8-C5921C0DAAF3}: DhcpNameServer = 209.18.47.61 209.18.47.62 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Archivos de programa\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/09/03 15:22:44 | 000,599,040 | ---- | C] (OldTimer Tools) -- C:\Users\Martha\Desktop\OTL.exe [2012/08/31 12:10:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2012/08/30 20:42:06 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012/08/29 18:02:21 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/08/29 16:14:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012/08/29 13:16:36 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012/08/29 13:07:13 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/08/29 13:07:13 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/08/29 13:07:13 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/08/29 13:07:08 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/08/29 13:06:55 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012/08/29 10:53:24 | 004,739,810 | R--- | C] (Swearware) -- C:\Users\Martha\Desktop\ComboFix.exe [2012/08/29 08:09:58 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Martha\Desktop\aswMBR.exe [2012/08/29 08:01:25 | 000,000,000 | ---D | C] -- C:\Users\Martha\Desktop\limpiar [2012/08/29 07:54:06 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{CBE9FDAC-9891-450A-B80B-E6455952034A} [2012/08/28 10:21:36 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{7CC4DBEE-6FFB-48B6-9F55-E0A91E4252E0} [2012/08/27 22:21:09 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{8882F6EB-B6BB-4006-8555-DF2582BC9357} [2012/08/27 07:44:40 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{244F122C-6F7F-45CD-90B6-A168CA8DA7DA} [2012/08/26 10:39:11 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{249326E3-E08D-4B1B-A559-B019C611992C} [2012/08/25 22:37:23 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{E5F39E20-E5FA-40F6-B1E8-3A5F15BFEA04} [2012/08/24 14:08:56 | 000,000,000 | ---D | C] -- C:\Users\Martha\Documents\AVIOS [2012/08/21 09:47:48 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{4958BAF1-539C-44C4-8CFB-3CAC69E4032F} [2012/08/17 15:40:18 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{0C9F9173-BB96-4533-A9F2-F170F9AD0190} [2012/08/16 22:12:29 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{34DBC2A3-532F-4299-B111-AC29A9BCEE8B} [2012/08/16 09:39:03 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{7576BC0B-8137-445C-A5C4-596537FFCDF6} [2012/08/16 09:38:37 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{AD16B8BB-7A36-4CD2-A794-B34C103C3CDB} [2012/08/15 11:14:26 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{E4D04F30-F740-4BAA-9CD0-3A6C802A5E57} [2012/08/15 11:14:00 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{4B393ACC-4F8B-4C17-A1D8-B0DCC802FE34} [2012/08/14 22:57:11 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{4C8EF8B5-B1D4-469C-B61E-123C5EC975EF} [2012/08/14 10:56:31 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{90169E71-AC81-4948-8965-BCA911B36145} [2012/08/14 10:56:05 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{648924F2-739D-4222-A65C-F738853E578F} [2012/08/13 22:16:22 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{C3CFECEA-AEA3-44F3-A561-9DAFA85C1D1B} [2012/08/13 09:32:11 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{8B805331-41E5-436A-8C98-7E8DBE691DA9} [2012/08/12 16:55:07 | 000,000,000 | ---D | C] -- C:\Users\Martha\Documents\Ericsson informacion [2012/08/12 16:40:20 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{2A2BE011-BD18-4A2F-A7C3-4F0158C38F7D} [2012/08/12 16:39:56 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{2916CF18-E5B8-4118-AD43-F6FB3907CF6D} [2012/08/11 09:10:06 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{7FF18C17-FA1F-4A86-B3B0-90C5B681A74C} [2012/08/11 09:09:41 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{F2DED082-F95A-4AF3-8453-CBA945E8D5C5} [2012/08/10 20:32:00 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{F01832FC-EC3D-4BE5-8294-4D7C67B9F2ED} [2012/08/10 08:22:32 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{9D0E7BCC-21EF-4A90-8317-E2648193571D} [2012/08/10 08:22:15 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{312C2199-6B17-411B-8745-E256C8DF87D2} [2012/08/09 14:37:13 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{38EEA8F3-BC4C-4C11-8696-8F0996698C2E} [2012/08/08 10:18:30 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{7EB29699-B097-4193-8727-01DBE9AF1EDC} [2012/08/08 10:18:08 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{E138E7F7-0CB0-4D11-B445-E0A93F0F67D2} [2012/08/07 22:17:43 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{8941FF43-7209-4E93-A8F5-72D4CC8059E5} [2012/08/07 08:58:39 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{A7EB017D-D3C0-4602-8FDA-26A0BF230D5F} [2012/08/07 08:58:13 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{4F78BFA2-C823-4AAF-9321-0ABEE2046C74} [2012/08/06 10:44:03 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{9CFCA4BB-DB30-48BD-B76B-568ADEECE5E2} [2012/08/05 10:22:20 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{757570EE-D1FD-421B-9CB4-C24D8B0BBF05} [2012/08/05 10:21:57 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{6BD52458-C4F2-4D72-8A75-D6750C30DC61} [2012/08/04 22:21:21 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{C177B8B6-43C0-41B5-96D3-4649C8C2755F} [2012/08/04 22:20:55 | 000,000,000 | ---D | C] -- C:\Users\Martha\AppData\Local\{03CF6C2C-22D2-46A5-8D96-06D4C8A2F8FC} ========== Files - Modified Within 30 Days ========== [2012/09/03 15:27:44 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/09/03 15:27:44 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/09/03 15:23:12 | 093,601,386 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012/09/03 15:22:50 | 000,599,040 | ---- | M] (OldTimer Tools) -- C:\Users\Martha\Desktop\OTL.exe [2012/09/03 15:19:15 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/09/03 15:19:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/09/03 15:18:48 | 3195,297,792 | -HS- | M] () -- C:\hiberfil.sys [2012/08/31 17:04:00 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/08/31 16:58:00 | 000,000,838 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/08/31 16:46:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2050008525-2778328402-3899645604-1001UA.job [2012/08/31 12:10:12 | 000,001,014 | ---- | M] () -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_04584387.lnk [2012/08/31 12:08:14 | 133,957,728 | ---- | M] () -- C:\Users\Martha\Desktop\setup_11.0.0.1245.x01_2012_08_31_19_13.exe [2012/08/30 20:46:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2050008525-2778328402-3899645604-1001Core.job [2012/08/29 10:53:32 | 004,739,810 | R--- | M] (Swearware) -- C:\Users\Martha\Desktop\ComboFix.exe [2012/08/29 08:32:24 | 000,000,512 | ---- | M] () -- C:\Users\Martha\Desktop\MBR.dat [2012/08/29 08:09:58 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Martha\Desktop\aswMBR.exe [2012/08/26 22:19:38 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2012/08/26 11:40:25 | 000,144,396 | ---- | M] () -- C:\test.xml [2012/08/16 22:15:07 | 000,224,601 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2012/08/16 09:36:48 | 000,367,192 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/08/12 17:08:31 | 001,555,882 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/08/12 17:08:31 | 000,704,074 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat [2012/08/12 17:08:31 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/08/12 17:08:31 | 000,138,040 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat [2012/08/12 17:08:31 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat ========== Files Created - No Company Name ========== [2012/08/31 12:10:12 | 000,001,014 | ---- | C] () -- C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_04584387.lnk [2012/08/31 12:05:55 | 133,957,728 | ---- | C] () -- C:\Users\Martha\Desktop\setup_11.0.0.1245.x01_2012_08_31_19_13.exe [2012/08/30 20:41:11 | 000,001,114 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2050008525-2778328402-3899645604-1001UA.job [2012/08/30 20:41:10 | 000,001,062 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2050008525-2778328402-3899645604-1001Core.job [2012/08/29 13:07:13 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/08/29 13:07:13 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/08/29 13:07:13 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/08/29 13:07:13 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/08/29 13:07:13 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/08/29 08:32:24 | 000,000,512 | ---- | C] () -- C:\Users\Martha\Desktop\MBR.dat [2012/02/15 22:05:06 | 001,584,518 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/02/15 21:31:12 | 000,007,607 | ---- | C] () -- C:\Users\Martha\AppData\Local\Resmon.ResmonCfg [2010/12/15 11:18:15 | 000,000,100 | ---- | C] () -- C:\Users\Martha\AppData\Roaming\MPUI.ini [2010/01/14 23:13:28 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat ========== LOP Check ========== [2010/02/24 09:26:10 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\Auslogics [2012/02/12 13:19:16 | 000,000,000 | -HSD | M] -- C:\Users\Martha\AppData\Roaming\AV Security Essentials [2012/07/08 17:14:04 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\AVG2012 [2010/11/11 13:23:37 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\Nokia [2012/05/29 17:46:12 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\PamFax Office Integrations [2010/11/11 13:23:54 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\PC Suite [2012/04/30 18:09:23 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\Softland [2010/12/10 13:44:51 | 000,000,000 | ---D | M] -- C:\Users\Martha\AppData\Roaming\Windows Live Writer [2012/05/25 07:36:35 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report >

Hi, I scanned as instructed and didnt detect any threats so save button is disable.

Done. Still having the pop ups after installing. When I uninstalled I checked the box "Also delete browser data".

ie9, chrome and safari... =S sometimes they have the shape of a cell phone

Sorry to keep bothering you. The slide windows are still there I attached an image, the redirect issue seems to be fixed. Thanks again.

Still having those annoying ads and just before running Esset I was redirected... however I just tried a couple of links and seems to be working fine.

Only this lines as result ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK

Please find the log file below. Can I enable my anti virus and firewall now? Thanks ! ComboFix 12-08-28.03 - Martha 29/08/2012 13:08:37.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.52.3082.18.4063.2557 [GMT -5:00] Running from: c:\users\Martha\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Martha\AppData\Local\assembly\tmp . . ((((((((((((((((((((((((( Files Created from 2012-07-28 to 2012-08-29 ))))))))))))))))))))))))))))))) . . 2012-08-29 18:14 . 2012-08-29 18:14 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-16 03:22 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys 2012-08-16 02:48 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll 2012-08-16 02:48 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll 2012-08-16 02:48 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll 2012-08-16 02:48 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-16 02:48 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe 2012-08-16 02:48 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll 2012-08-16 02:48 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll 2012-08-16 02:48 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll 2012-08-16 02:48 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll 2012-08-16 02:48 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll 2012-08-16 02:48 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-08-16 02:48 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll 2012-07-30 21:52 . 2012-07-30 21:52 103904 ----a-w- c:\program files (x86)\Internet Explorer\PLUGINS\nppdf32.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-28 15:18 . 2012-04-02 18:46 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-28 15:18 . 2011-05-12 23:08 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-16 03:18 . 2010-03-01 12:56 62134624 ----a-w- c:\windows\system32\MRT.exe 2012-07-25 17:19 . 2012-07-25 17:19 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2012-07-25 17:19 . 2012-07-25 17:19 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2012-07-25 17:19 . 2012-07-25 17:19 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2012-07-25 17:19 . 2012-07-25 17:19 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2012-07-25 17:19 . 2012-07-25 17:19 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2012-07-25 17:19 . 2012-07-25 17:19 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2012-07-25 17:19 . 2012-07-25 17:19 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2012-07-25 17:19 . 2012-07-25 17:19 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2012-07-25 17:19 . 2012-07-25 17:19 367104 ----a-w- c:\windows\SysWow64\html.iec 2012-07-25 17:19 . 2012-07-25 17:19 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2012-07-25 17:19 . 2012-07-25 17:19 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2012-07-25 17:19 . 2012-07-25 17:19 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2012-07-25 17:19 . 2012-07-25 17:19 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-07-25 17:19 . 2012-07-25 17:19 65024 ----a-w- c:\windows\system32\pngfilt.dll 2012-07-25 17:19 . 2012-07-25 17:19 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2012-07-25 17:19 . 2012-07-25 17:19 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2012-07-25 17:19 . 2012-07-25 17:19 267776 ----a-w- c:\windows\system32\ieaksie.dll 2012-07-25 17:19 . 2012-07-25 17:19 222208 ----a-w- c:\windows\system32\msls31.dll 2012-07-25 17:19 . 2012-07-25 17:19 197120 ----a-w- c:\windows\system32\msrating.dll 2012-07-25 17:19 . 2012-07-25 17:19 163840 ----a-w- c:\windows\system32\ieakui.dll 2012-07-25 17:19 . 2012-07-25 17:19 149504 ----a-w- c:\windows\system32\occache.dll 2012-07-25 17:19 . 2012-07-25 17:19 12288 ----a-w- c:\windows\system32\mshta.exe 2012-07-25 17:19 . 2012-07-25 17:19 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2012-07-25 17:19 . 2012-07-25 17:19 114176 ----a-w- c:\windows\system32\admparse.dll 2012-07-25 17:19 . 2012-07-25 17:19 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2012-07-25 17:19 . 2012-07-25 17:19 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-07-25 17:19 . 2012-07-25 17:19 89088 ----a-w- c:\windows\system32\ie4uinit.exe 2012-07-25 17:19 . 2012-07-25 17:19 85504 ----a-w- c:\windows\system32\iesetup.dll 2012-07-25 17:19 . 2012-07-25 17:19 82432 ----a-w- c:\windows\system32\icardie.dll 2012-07-25 17:19 . 2012-07-25 17:19 76800 ----a-w- c:\windows\system32\tdc.ocx 2012-07-25 17:19 . 2012-07-25 17:19 55296 ----a-w- c:\windows\system32\msfeedsbs.dll 2012-07-25 17:19 . 2012-07-25 17:19 534528 ----a-w- c:\windows\system32\ieapfltr.dll 2012-07-25 17:19 . 2012-07-25 17:19 49664 ----a-w- c:\windows\system32\imgutil.dll 2012-07-25 17:19 . 2012-07-25 17:19 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-07-25 17:19 . 2012-07-25 17:19 452608 ----a-w- c:\windows\system32\dxtmsft.dll 2012-07-25 17:19 . 2012-07-25 17:19 448512 ----a-w- c:\windows\system32\html.iec 2012-07-25 17:19 . 2012-07-25 17:19 403248 ----a-w- c:\windows\system32\iedkcs32.dll 2012-07-25 17:19 . 2012-07-25 17:19 39936 ----a-w- c:\windows\system32\iernonce.dll 2012-07-25 17:19 . 2012-07-25 17:19 3695416 ----a-w- c:\windows\system32\ieapfltr.dat 2012-07-25 17:19 . 2012-07-25 17:19 30720 ----a-w- c:\windows\system32\licmgr10.dll 2012-07-25 17:19 . 2012-07-25 17:19 282112 ----a-w- c:\windows\system32\dxtrans.dll 2012-07-25 17:19 . 2012-07-25 17:19 249344 ----a-w- c:\windows\system32\webcheck.dll 2012-07-25 17:19 . 2012-07-25 17:19 160256 ----a-w- c:\windows\system32\ieakeng.dll 2012-07-25 17:19 . 2012-07-25 17:19 145920 ----a-w- c:\windows\system32\iepeers.dll 2012-07-25 17:19 . 2012-07-25 17:19 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-07-25 17:19 . 2012-07-25 17:19 111616 ----a-w- c:\windows\system32\iesysprep.dll 2012-07-25 17:19 . 2012-07-25 17:19 10752 ----a-w- c:\windows\system32\msfeedssync.exe 2012-07-25 17:19 . 2012-07-25 17:19 697344 ----a-w- c:\windows\system32\msfeeds.dll 2012-07-25 17:19 . 2012-07-25 17:19 603648 ----a-w- c:\windows\system32\vbscript.dll 2012-07-25 17:19 . 2012-07-25 17:19 165888 ----a-w- c:\windows\system32\iexpress.exe 2012-07-25 17:19 . 2012-07-25 17:19 160256 ----a-w- c:\windows\system32\wextract.exe 2012-07-25 17:19 . 2012-07-25 17:19 103936 ----a-w- c:\windows\system32\inseng.dll 2012-07-03 18:46 . 2012-02-28 18:35 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-18 08:12 . 2012-07-08 15:02 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CAD0B1F6-99ED-45E2-A02E-434A9518D892}\mpengine.dll 2012-06-09 05:43 . 2012-07-11 16:40 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-06-07 01:59 . 2012-06-07 01:59 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX 2012-06-06 06:06 . 2012-07-11 16:40 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 06:06 . 2012-07-11 16:40 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 06:02 . 2012-07-11 16:39 1133568 ----a-w- c:\windows\system32\cdosys.dll 2012-06-06 05:05 . 2012-07-11 16:40 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-06 05:05 . 2012-07-11 16:40 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-06 05:03 . 2012-07-11 16:39 805376 ----a-w- c:\windows\SysWow64\cdosys.dll 2012-06-02 22:19 . 2012-06-21 20:35 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 20:35 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-21 20:35 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 20:35 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 20:35 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-21 20:35 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-21 20:35 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 20:19 . 2012-06-21 20:35 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 20:15 . 2012-06-21 20:35 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 05:50 . 2012-07-11 16:40 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 05:48 . 2012-07-11 16:40 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 05:48 . 2012-07-11 16:40 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 05:45 . 2012-07-11 16:40 340992 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 05:44 . 2012-07-11 16:40 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-06-02 04:40 . 2012-07-11 16:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-06-02 04:40 . 2012-07-11 16:40 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-06-02 04:39 . 2012-07-11 16:40 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34 . 2012-07-11 16:40 96768 ----a-w- c:\windows\SysWow64\sspicli.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552] "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "LaunchUserRequestedPrograms"="c:\program files\Sony\First Experience\Miniprogram.exe" [2009-08-26 68608] "RegistrationReminder"="c:\program files\Sony\First Experience\OOBEFcdRegistration.exe" [2009-10-24 268288] "SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2009-08-26 79872] "VAIOSurvey"="c:\program files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe" [2008-07-25 385024] "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-05-26 317288] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888] "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776] . c:\users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Recorte de pantalla e Inicio rápido de OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584] PDFCreator.lnk - c:\program files (x86)\PDFCreator\PDFCreator.exe [2010-2-4 2641920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2009-07-01 16:49 98304 ----a-w- c:\windows\System32\VESWinlogon.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R0 PzWDM;PzWDM;c:\windows\system32\Drivers\PzWDM.sys [x] R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-07-04 5160568] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Servicio de actualización de Google (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-05 133104] R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992] R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-15 158856] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-28 250568] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-08-04 35104] R3 gupdatem;Google Update Servicio (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-05 133104] R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088] R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456] R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840] R3 SampleCollector;Intel® Sample Collector;c:\program files\Sony\VAIO Care\collsvc.exe [2008-09-29 167424] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-07-27 120104] R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-07-27 70952] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-07-27 427304] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-07-27 75048] R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-07-27 91432] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736] R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-06-26 468264] R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-06-26 357672] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-06-17 110888] R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-07 1255736] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872] S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-08 169312] S2 avgwd;WatchDog de AVG;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimssne64.sys [2009-07-31 91648] S2 risdsnpe;risdsnpe;c:\windows\system32\DRIVERS\risdsne64.sys [2009-07-31 75776] S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960] S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-08-22 411496] S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-07-22 642920] S2 yksvc;Marvell Yukon Service;c:\windows\System32\svchost.exe [2009-07-14 27136] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-05 5435904] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-09-06 84512] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2009-06-11 11392] S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-07-31 393216] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - ASWMBR *Deregistered* - aswMBR . Contents of the 'Scheduled Tasks' folder . 2012-08-29 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 15:18] . 2012-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-05 08:46] . 2012-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-09-05 08:46] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-24 7938080] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-24 1833504] "IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-02 16395880] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab . - - - - ORPHANS REMOVED - - - - . WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\collsvc.exe\" \"/service\" \"/counter=\Processor(_Total)\% Processor Time:5\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:5\" \"/counter=\Network Interface(*)\Bytes Total/sec:5\" \"/directory=inteldata\"" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2050008525-2778328402-3899645604-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-2050008525-2778328402-3899645604-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-08-29 13:16:35 ComboFix-quarantined-files.txt 2012-08-29 18:16 . Pre-Run: 348,592,119,808 bytes libres Post-Run: 348,251,267,072 bytes libres . - - End Of File - - 700CEB3D865474EA5A115696351D1E76

Hi Maniac, Thanks for your help. Mbam and aswMBR logs. Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Versión de la Base de Datos: v2012.08.29.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Martha :: MARTHA-VAIO [administrador] 29/08/2012 08:03:05 a.m. mbam-log-2012-08-29 (08-03-05).txt Tipos de Análisis: Análisis Rápido Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM Opciones de análisis desactivados: P2P Objetos examinados: 200502 Tiempo transcurrido: 4 minuto(s), 10 segundo(s) Procesos en Memoria Detectados: 0 (No se han detectado elementos maliciosos) Módulos de Memoria Detectados: 0 (No se han detectado elementos maliciosos) Claves del Registro Detectados: 0 (No se han detectado elementos maliciosos) Valores del Registro Detectados: 0 (No se han detectado elementos maliciosos) Elementos de Datos del Registro Detectados: 0 (No se han detectado elementos maliciosos) Carpetas Detectadas: 0 (No se han detectado elementos maliciosos) Archivos Detectados: 0 (No se han detectado elementos maliciosos) fin) aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-08-29 08:10:54 ----------------------------- 08:10:54.465 OS Version: Windows x64 6.1.7601 Service Pack 1 08:10:54.465 Number of processors: 2 586 0x170A 08:10:54.465 ComputerName: MARTHA-VAIO UserName: Martha 08:10:56.197 Initialize success 08:12:52.101 AVAST engine defs: 12082900 08:13:26.452 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 08:13:26.452 Disk 0 Vendor: SAMSUNG_ 2AC1 Size: 476940MB BusType: 3 08:13:26.468 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000066 08:13:26.468 Disk 1 Vendor: RICOH 02 Size: 476940MB BusType: 0 08:13:26.483 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000067 08:13:26.483 Disk 2 Vendor: RICOH 02 Size: 476940MB BusType: 0 08:13:26.483 Disk 0 MBR read successfully 08:13:26.499 Disk 0 MBR scan 08:13:26.499 Disk 0 Windows 7 default MBR code 08:13:26.514 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14408 MB offset 2048 08:13:26.530 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 29509632 08:13:26.546 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 462430 MB offset 29714432 08:13:26.577 Disk 0 scanning C:\Windows\system32\drivers 08:13:38.136 Service scanning 08:14:05.124 Modules scanning 08:14:05.140 Disk 0 trace - called modules: 08:14:05.156 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 08:14:05.171 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800576f410] 08:14:05.171 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8004707520] 08:14:05.187 5 ACPI.sys[fffff88000f4d7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800470c050] 08:14:06.918 AVAST engine scan C:\Windows 08:14:09.524 AVAST engine scan C:\Windows\system32 08:17:06.048 AVAST engine scan C:\Windows\system32\drivers 08:17:22.022 AVAST engine scan C:\Users\Martha 08:28:35.133 AVAST engine scan C:\ProgramData 08:32:13.128 Scan finished successfully 08:32:24.922 Disk 0 MBR has been saved successfully to "C:\Users\Martha\Desktop\MBR.dat" 08:32:24.922 The log file has been saved successfully to "C:\Users\Martha\Desktop\aswMBR.txt"

Hi, Im getting slide-out pop ups form the bottom right or left on both my browsers. While surfing sometimes I get redirected to a "search" web page (http://63.209.69.107/search/web). I have scanned with AVG, Malwarebytes and Superantispyware, all showed my pc is clean. I hope is not a problem that my windows 7 is in spanish. Please help Martha Here there are the DDS and Attach file . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Martha at 11:18:52 on 2012-08-28 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.52.3082.18.4063.2258 [GMT -5:00] . AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\nvvsvc.exe C:\Windows\System32\svchost.exe -k yksvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\SysWOW64\DllHost.exe C:\Program Files (x86)\AVG\AVG2012\avgemca.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\PDFCreator\PDFCreator.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG2012\avgtray.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe C:\Windows\system32\taskeng.exe C:\Program Files\Sony\VAIO Care\VCsystray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe C:\Program Files\Sony\VAIO Update Common\VUAgent.exe C:\Program Files\Sony\VAIO Power Management\SPMService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Sony\VAIO Power Management\SPMgr.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_265_ActiveX.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Aplicación auxiliar de inicio de sesión de Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe mRun: [LaunchUserRequestedPrograms] "C:\Program Files\Sony\First Experience\Miniprogram.exe" mRun: [RegistrationReminder] "C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe" mRun: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup mRun: [VAIOSurvey] "C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe" mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" StartupFolder: C:\Users\Martha\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RECORT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PDFCRE~1.LNK - C:\Program Files (x86)\PDFCreator\PDFCreator.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{D79E2A4A-D1A8-425B-AAF8-C5921C0DAAF3} : DhcpNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{D79E2A4A-D1A8-425B-AAF8-C5921C0DAAF3}\94E46494E4944555D413535383 : DhcpNameServer = 192.168.1.254 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: VESWinlogon - VESWinlogon.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} {9030D464-4C02-4ABF-8ECC-5164760863C6} {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} {DBC80044-A445-435b-BC74-9C25C1C588A9} TB-X64: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File mRun-x64: [LaunchUserRequestedPrograms] "C:\Program Files\Sony\First Experience\Miniprogram.exe" mRun-x64: [RegistrationReminder] "C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe" mRun-x64: [smartWiHelper] "C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" /WindowsStartup mRun-x64: [VAIOSurvey] "C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe" mRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Hosts: 108.163.215.51 www.google-analytics.com. Hosts: 108.163.215.51 ad-emea.doubleclick.net. Hosts: 108.163.215.51 www.statcounter.com. Hosts: 67.215.245.19 www.google-analytics.com. Hosts: 67.215.245.19 ad-emea.doubleclick.net. . Note: multiple HOSTS entries found. Please refer to Attach.txt . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-8 169312] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-7-4 5160568] R2 avgwd;WatchDog de AVG;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288] R2 rimspci;rimspci;C:\Windows\system32\DRIVERS\rimssne64.sys --> C:\Windows\system32\DRIVERS\rimssne64.sys [?] R2 risdsnpe;risdsnpe;C:\Windows\system32\DRIVERS\risdsne64.sys --> C:\Windows\system32\DRIVERS\risdsne64.sys [?] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-7-5 3048136] R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2009-9-5 104960] R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-9-5 411496] R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-7-22 642920] R2 yksvc;Marvell Yukon Service;C:\Windows\System32\svchost.exe -k yksvcs [2009-7-13 20992] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\DRIVERS\SFEP.sys --> C:\Windows\system32\DRIVERS\SFEP.sys [?] R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Servicio de actualización de Google (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-9-5 133104] S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-6-26 362992] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-15 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-2 250568] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 gupdatem;Google Update Servicio (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-9-5 133104] S3 nmwcdcx64;Nokia USB Generic;C:\Windows\system32\drivers\ccdcmbox64.sys --> C:\Windows\system32\drivers\ccdcmbox64.sys [?] S3 nmwcdx64;Nokia USB Phone Parent;C:\Windows\system32\drivers\ccdcmbx64.sys --> C:\Windows\system32\drivers\ccdcmbx64.sys [?] S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-6-26 313840] S3 SampleCollector;Intel® Sample Collector;C:\Program Files\Sony\VAIO Care\collsvc.exe [2009-9-5 167424] S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-9-5 120104] S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-9-5 70952] S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-9-5 427304] S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-9-5 75048] S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-9-5 91432] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2009-9-5 468264] S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-9-5 357672] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2009-9-5 110888] S3 WatAdminSvc;Servicio de tecnologías de activación de Windows;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-08-28 15:21:36 -------- d-----w- C:\Users\Martha\AppData\Local\{7CC4DBEE-6FFB-48B6-9F55-E0A91E4252E0} 2012-08-28 03:21:09 -------- d-----w- C:\Users\Martha\AppData\Local\{8882F6EB-B6BB-4006-8555-DF2582BC9357} 2012-08-27 12:44:40 -------- d-----w- C:\Users\Martha\AppData\Local\{244F122C-6F7F-45CD-90B6-A168CA8DA7DA} 2012-08-26 15:39:11 -------- d-----w- C:\Users\Martha\AppData\Local\{249326E3-E08D-4B1B-A559-B019C611992C} 2012-08-26 03:37:23 -------- d-----w- C:\Users\Martha\AppData\Local\{E5F39E20-E5FA-40F6-B1E8-3A5F15BFEA04} 2012-08-21 14:47:48 -------- d-----w- C:\Users\Martha\AppData\Local\{4958BAF1-539C-44C4-8CFB-3CAC69E4032F} 2012-08-17 20:40:18 -------- d-----w- C:\Users\Martha\AppData\Local\{0C9F9173-BB96-4533-A9F2-F170F9AD0190} 2012-08-17 03:12:29 -------- d-----w- C:\Users\Martha\AppData\Local\{34DBC2A3-532F-4299-B111-AC29A9BCEE8B} 2012-08-16 14:39:03 -------- d-----w- C:\Users\Martha\AppData\Local\{7576BC0B-8137-445C-A5C4-596537FFCDF6} 2012-08-16 14:38:37 -------- d-----w- C:\Users\Martha\AppData\Local\{AD16B8BB-7A36-4CD2-A794-B34C103C3CDB} 2012-08-16 03:22:29 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys 2012-08-16 02:48:09 503808 ----a-w- C:\Windows\System32\srcore.dll 2012-08-16 02:48:09 43008 ----a-w- C:\Windows\SysWow64\srclient.dll 2012-08-16 02:48:07 751104 ----a-w- C:\Windows\System32\win32spl.dll 2012-08-16 02:48:07 67072 ----a-w- C:\Windows\splwow64.exe 2012-08-16 02:48:07 559104 ----a-w- C:\Windows\System32\spoolsv.exe 2012-08-16 02:48:07 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll 2012-08-16 02:48:04 59392 ----a-w- C:\Windows\System32\browcli.dll 2012-08-16 02:48:04 41984 ----a-w- C:\Windows\SysWow64\browcli.dll 2012-08-16 02:48:04 136704 ----a-w- C:\Windows\System32\browser.dll 2012-08-16 02:48:03 956928 ----a-w- C:\Windows\System32\localspl.dll 2012-08-16 02:48:03 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-08-15 16:14:26 -------- d-----w- C:\Users\Martha\AppData\Local\{E4D04F30-F740-4BAA-9CD0-3A6C802A5E57} 2012-08-15 16:14:00 -------- d-----w- C:\Users\Martha\AppData\Local\{4B393ACC-4F8B-4C17-A1D8-B0DCC802FE34} 2012-08-15 03:57:11 -------- d-----w- C:\Users\Martha\AppData\Local\{4C8EF8B5-B1D4-469C-B61E-123C5EC975EF} 2012-08-14 15:56:31 -------- d-----w- C:\Users\Martha\AppData\Local\{90169E71-AC81-4948-8965-BCA911B36145} 2012-08-14 15:56:05 -------- d-----w- C:\Users\Martha\AppData\Local\{648924F2-739D-4222-A65C-F738853E578F} 2012-08-14 03:16:22 -------- d-----w- C:\Users\Martha\AppData\Local\{C3CFECEA-AEA3-44F3-A561-9DAFA85C1D1B} 2012-08-13 14:32:11 -------- d-----w- C:\Users\Martha\AppData\Local\{8B805331-41E5-436A-8C98-7E8DBE691DA9} 2012-08-12 21:40:20 -------- d-----w- C:\Users\Martha\AppData\Local\{2A2BE011-BD18-4A2F-A7C3-4F0158C38F7D} 2012-08-12 21:39:56 -------- d-----w- C:\Users\Martha\AppData\Local\{2916CF18-E5B8-4118-AD43-F6FB3907CF6D} 2012-08-11 14:10:06 -------- d-----w- C:\Users\Martha\AppData\Local\{7FF18C17-FA1F-4A86-B3B0-90C5B681A74C} 2012-08-11 14:09:41 -------- d-----w- C:\Users\Martha\AppData\Local\{F2DED082-F95A-4AF3-8453-CBA945E8D5C5} 2012-08-11 01:32:00 -------- d-----w- C:\Users\Martha\AppData\Local\{F01832FC-EC3D-4BE5-8294-4D7C67B9F2ED} 2012-08-10 13:22:32 -------- d-----w- C:\Users\Martha\AppData\Local\{9D0E7BCC-21EF-4A90-8317-E2648193571D} 2012-08-10 13:22:15 -------- d-----w- C:\Users\Martha\AppData\Local\{312C2199-6B17-411B-8745-E256C8DF87D2} 2012-08-09 19:37:13 -------- d-----w- C:\Users\Martha\AppData\Local\{38EEA8F3-BC4C-4C11-8696-8F0996698C2E} 2012-08-08 15:18:30 -------- d-----w- C:\Users\Martha\AppData\Local\{7EB29699-B097-4193-8727-01DBE9AF1EDC} 2012-08-08 15:18:08 -------- d-----w- C:\Users\Martha\AppData\Local\{E138E7F7-0CB0-4D11-B445-E0A93F0F67D2} 2012-08-08 03:17:43 -------- d-----w- C:\Users\Martha\AppData\Local\{8941FF43-7209-4E93-A8F5-72D4CC8059E5} 2012-08-07 13:58:39 -------- d-----w- C:\Users\Martha\AppData\Local\{A7EB017D-D3C0-4602-8FDA-26A0BF230D5F} 2012-08-07 13:58:13 -------- d-----w- C:\Users\Martha\AppData\Local\{4F78BFA2-C823-4AAF-9321-0ABEE2046C74} 2012-08-06 15:44:03 -------- d-----w- C:\Users\Martha\AppData\Local\{9CFCA4BB-DB30-48BD-B76B-568ADEECE5E2} 2012-08-05 15:22:20 -------- d-----w- C:\Users\Martha\AppData\Local\{757570EE-D1FD-421B-9CB4-C24D8B0BBF05} 2012-08-05 15:21:57 -------- d-----w- C:\Users\Martha\AppData\Local\{6BD52458-C4F2-4D72-8A75-D6750C30DC61} 2012-08-05 03:21:21 -------- d-----w- C:\Users\Martha\AppData\Local\{C177B8B6-43C0-41B5-96D3-4649C8C2755F} 2012-08-05 03:20:55 -------- d-----w- C:\Users\Martha\AppData\Local\{03CF6C2C-22D2-46A5-8D96-06D4C8A2F8FC} 2012-08-04 13:22:51 -------- d-----w- C:\Users\Martha\AppData\Local\{6AD7CDDA-3392-4B0F-B2B3-A237CB3582B3} 2012-08-03 16:24:58 -------- d-----w- C:\Users\Martha\AppData\Local\{B9DA931A-0A1F-42D9-B577-1F521FD277C0} 2012-08-03 16:24:37 -------- d-----w- C:\Users\Martha\AppData\Local\{84785C6E-A634-4DDE-9E4D-9D670D97A49C} 2012-08-03 04:08:06 -------- d-----w- C:\Users\Martha\AppData\Local\{51631544-165F-43A6-A896-7BEA4D2E6FD6} 2012-08-02 16:07:30 -------- d-----w- C:\Users\Martha\AppData\Local\{DBEBBD41-71EC-4EF8-B607-3D7CEF5DF0E6} 2012-08-02 16:07:08 -------- d-----w- C:\Users\Martha\AppData\Local\{4BE7D480-A035-4A46-88D1-1F14B0EA0467} 2012-08-02 04:06:42 -------- d-----w- C:\Users\Martha\AppData\Local\{BF3E406F-1D22-4563-8B64-6873766E75CD} 2012-08-01 16:05:47 -------- d-----w- C:\Users\Martha\AppData\Local\{540B5EED-3ED4-42BA-BC2A-5745F8ABB9D0} 2012-08-01 16:05:20 -------- d-----w- C:\Users\Martha\AppData\Local\{5DA143EC-F27D-4F5E-A635-5F0AAC351CCE} 2012-07-30 21:52:13 103904 ----a-w- C:\Program Files (x86)\Internet Explorer\PLUGINS\nppdf32.dll 2012-07-30 13:56:21 -------- d-----w- C:\Users\Martha\AppData\Local\{390824EE-033C-4BF9-B6C4-5E86DE4D3AF1} . ==================== Find3M ==================== . 2012-08-28 15:18:55 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-28 15:18:55 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-03 18:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-07 01:59:42 1070152 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX 2012-06-06 06:06:16 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 20:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 20:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-31 17:25:12 279656 ------w- C:\Windows\System32\MpSigStub.exe . ============= FINISH: 11:19:17.92 =============== Attach . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 02/12/2009 10:21:49 p.m. System Uptime: 28/08/2012 10:13:15 a.m. (1 hours ago) . Motherboard: Sony Corporation | | VAIO Processor: Intel® Core™2 Duo CPU P8700 @ 2.53GHz | N/A | 2534/266mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 452 GiB total, 325.064 GiB free. E: is Removable F: is CDROM () G: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP282: 20/07/2012 09:39:37 a.m. - Punto de control programado RP283: 25/07/2012 12:08:01 p.m. - VAIO Care Automatic Restore Point RP284: 25/07/2012 12:17:36 p.m. - Windows Update RP285: 01/08/2012 01:09:27 p.m. - Punto de control programado RP286: 08/08/2012 02:33:12 p.m. - Punto de control programado RP287: 15/08/2012 10:18:34 p.m. - Windows Update RP288: 23/08/2012 07:24:31 p.m. - Punto de control programado . ==== Hosts File Hijack ====================== . Hosts: 108.163.215.51 www.google-analytics.com. Hosts: 108.163.215.51 ad-emea.doubleclick.net. Hosts: 108.163.215.51 www.statcounter.com. Hosts: 67.215.245.19 www.google-analytics.com. Hosts: 67.215.245.19 ad-emea.doubleclick.net. Hosts: 67.215.245.19 www.statcounter.com. . ==== Installed Programs ====================== . . Update for Microsoft Office 2007 (KB2508958) Administración de energía del VAIO Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop Elements 7.0 Adobe Premiere Elements 7.0 Adobe Premiere Elements 7.0 Templates Adobe Reader 9.5.2 - Español Apple Application Support Apple Software Update ArcSoft Magic-i Visual Effects 2 ArcSoft WebCam Companion 3 Click to Disc Click to Disc Editor Configuración de funciones originales del VAIO Configuración de Monitorización de contenido del VAIO D3DX10 Galería fotográfica de Windows Live Google Chrome Google Earth Google Update Helper Java Auto Updater Java™ 6 Update 33 Junk Mail filter update Malwarebytes Anti-Malware versión 1.62.0.1300 Media Gallery Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel 2007 Help Actualización (KB963678) Microsoft Office Excel MUI (Spanish) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (Spanish) 2007 Microsoft Office Powerpoint 2007 Help Actualización (KB963669) Microsoft Office PowerPoint MUI (Spanish) 2007 Microsoft Office PowerPoint Viewer 2007 (Spanish) Microsoft Office Proof (Basque) 2007 Microsoft Office Proof (Catalan) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Galician) 2007 Microsoft Office Proof (Portuguese (Brazil)) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Spanish) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (Spanish) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word 2007 Help Actualización (KB963665) Microsoft Office Word MUI (Spanish) 2007 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MSVC80_x86_v2 MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Music Transfer My Photo Books (MEMORINGO Edition) NED 6.0 Nokia Connectivity Cable Driver Paquete de compatibilidad para 2007 Office system PC Connectivity Solution PDFCreator PowerArchiver 2010 Primo QuickTime Realtek High Definition Audio Driver RocketDock 1.3.5 Roxio Central Audio Roxio Central Copy Roxio Central Core Roxio Central Data Roxio Central Tools Roxio Easy Media Creator 10 LJ Roxio Easy Media Creator Home Runtime Safari Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Security Update for Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (KB2478663) Security Update for Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (KB2518870) Setting Utility Series Skype Click to Call Skype™ 5.8 SmartSound Quicktracks for Premiere Elements SmartWi Connection Utility Sony Home Network Library Sony Picture Utility Soporte para Presentación VAIO Spelling Dictionaries Support For Adobe Reader 9 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) VAIO Care VAIO Content Metadata Intelligent Analyzing Manager VAIO Content Metadata Intelligent Network Service Manager VAIO Content Metadata Manager Settings VAIO Content Metadata XML Interface Library VAIO Content Monitoring Settings VAIO Control Center VAIO Data Restore Tool VAIO DVD Menu Data Basic VAIO Entertainment Platform VAIO Event Service VAIO Help and Support VAIO Media plus VAIO Media plus Opening Movie VAIO Movie Story VAIO Movie Story Template Data VAIO OOBE and Startup Assistant VAIO Original Function Settings VAIO Personalization Manager VAIO Quick Web Access VAIO Sample Contents VAIO Survey VAIO Update VAIO Wallpaper Contents Visual C++ 8.0 Runtime Setup Package (x64) Visual Studio 2008 x64 Redistributables VU5x86 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinZip 14.0 ZTE Mobile Connection Manager . ==== Event Viewer Messages From Past Week ======== . 28/08/2012 10:14:01 a.m., Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: PzWDM 28/08/2012 10:13:53 a.m., Error: Service Control Manager [7009] - Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Roxio Upnp Server 10. 28/08/2012 10:13:35 a.m., Error: Application Popup [1060] - Se bloqueó la carga de \SystemRoot\SysWow64\Drivers\PzWDM.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador. 27/08/2012 10:20:25 p.m., Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: PzWDM 27/08/2012 10:20:15 p.m., Error: Service Control Manager [7009] - Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Roxio Upnp Server 10. 27/08/2012 10:20:03 p.m., Error: Application Popup [1060] - Se bloqueó la carga de \SystemRoot\SysWow64\Drivers\PzWDM.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador. 27/08/2012 09:22:12 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. 27/08/2012 09:20:54 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. 27/08/2012 09:20:54 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. 27/08/2012 09:20:54 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. 27/08/2012 09:20:54 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. 27/08/2012 09:20:54 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. 27/08/2012 09:20:53 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. 27/08/2012 09:20:53 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor: {9E175B6D-F52A-11D8-B9A5-505054503030} 27/08/2012 09:20:52 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1084" al intentar iniciar el servicio WSearch con argumentos "" para ejecutar el servidor: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 27/08/2012 09:20:48 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. 27/08/2012 09:20:47 p.m., Error: Service Control Manager [7001] - El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. 27/08/2012 09:20:47 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1068" al intentar iniciar el servicio netprofm con argumentos "" para ejecutar el servidor: {A47979D2-C419-11D9-A5B4-001185AD2B89} 27/08/2012 09:20:47 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1068" al intentar iniciar el servicio netman con argumentos "" para ejecutar el servidor: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 27/08/2012 09:20:46 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1084" al intentar iniciar el servicio EventSystem con argumentos "" para ejecutar el servidor: {1BE1F766-5536-11D1-B726-00C04FB926AF} 27/08/2012 09:20:39 p.m., Error: Microsoft-Windows-DistributedCOM [10005] - Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "" para ejecutar el servidor: {DD522ACC-F821-461A-A407-50B198B896DC} 27/08/2012 09:20:31 p.m., Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: AFD Avgldx64 Avgmfx64 Avgtdia DfsC discache NetBIOS NetBT nsiproxy Psched PzWDM rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 27/08/2012 09:20:30 p.m., Error: Service Control Manager [7001] - El servicio Servicio Interfaz de almacenamiento en red depende del servicio NSI proxy service driver., el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona. 27/08/2012 09:20:30 p.m., Error: Service Control Manager [7001] - El servicio Reconocimiento de ubicación de red depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. 27/08/2012 09:20:30 p.m., Error: Service Control Manager [7001] - El servicio Minirredirector SMB 2.0 depende del servicio Contenedor y motor de minirredirector SMB, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. 27/08/2012 09:20:30 p.m., Error: Service Control Manager [7001] - El servicio Minirredirector SMB 1.x depende del servicio Contenedor y motor de minirredirector SMB, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. 27/08/2012 09:20:30 p.m., Error: Service Control Manager [7001] - El servicio Estación de trabajo depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. 27/08/2012 09:20:30 p.m., Error: Service Control Manager [7001] - El servicio Contenedor y motor de minirredirector SMB depende del servicio Subsistema de almacenamiento en búfer redirigido, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona. 27/08/2012 09:20:30 p.m., Error: Service Control Manager [7001] - El servicio Cliente DNS depende del servicio Controlador de soporte TDI heredado NetIO, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona. 27/08/2012 09:20:30 p.m., Error: Service Control Manager [7001] - El servicio Cliente DHCP depende del servicio Ancillary Function Driver for Winsock, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona. 27/08/2012 09:20:30 p.m., Error: Service Control Manager [7001] - El servicio Aplicación auxiliar IP depende del servicio Servicio Interfaz de almacenamiento en red, el cual no pudo iniciarse debido al siguiente error: No se puede iniciar el servicio o grupo de dependencia. 27/08/2012 09:20:30 p.m., Error: Service Control Manager [7001] - El servicio Aplicación auxiliar de NetBIOS sobre TCP/IP depende del servicio Ancillary Function Driver for Winsock, el cual no pudo iniciarse debido al siguiente error: Uno de los dispositivos conectados al sistema no funciona. 27/08/2012 09:20:15 p.m., Error: Application Popup [1060] - Se bloqueó la carga de \SystemRoot\SysWow64\Drivers\PzWDM.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador. 27/08/2012 07:44:06 a.m., Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: PzWDM 27/08/2012 07:43:57 a.m., Error: Service Control Manager [7009] - Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Roxio Upnp Server 10. 27/08/2012 07:43:33 a.m., Error: Application Popup [1060] - Se bloqueó la carga de \SystemRoot\SysWow64\Drivers\PzWDM.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador. 26/08/2012 10:37:26 a.m., Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: PzWDM 26/08/2012 10:37:00 a.m., Error: Service Control Manager [7009] - Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Roxio Upnp Server 10. 26/08/2012 10:36:18 a.m., Error: Application Popup [1060] - Se bloqueó la carga de \SystemRoot\SysWow64\Drivers\PzWDM.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador. 25/08/2012 10:36:39 p.m., Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: PzWDM 25/08/2012 10:36:25 p.m., Error: Service Control Manager [7009] - Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Roxio Upnp Server 10. 25/08/2012 10:36:12 p.m., Error: Application Popup [1060] - Se bloqueó la carga de \SystemRoot\SysWow64\Drivers\PzWDM.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador. 24/08/2012 04:15:25 p.m., Error: Schannel [36887] - Se recibió la siguiente alerta irrecuperable: 80. 22/08/2012 08:45:05 a.m., Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: PzWDM 22/08/2012 08:44:53 a.m., Error: Service Control Manager [7009] - Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Roxio Upnp Server 10. 22/08/2012 08:44:38 a.m., Error: Application Popup [1060] - Se bloqueó la carga de \SystemRoot\SysWow64\Drivers\PzWDM.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador. 22/08/2012 05:38:35 p.m., Error: Schannel [36887] - Se recibió la siguiente alerta irrecuperable: 80. 21/08/2012 10:27:05 a.m., Error: Schannel [36887] - Se recibió la siguiente alerta irrecuperable: 80. 21/08/2012 10:26:59 a.m., Error: Schannel [36887] - Se recibió la siguiente alerta irrecuperable: 80. 21/08/2012 10:26:51 a.m., Error: Schannel [36887] - Se recibió la siguiente alerta irrecuperable: 80. 21/08/2012 10:24:43 a.m., Error: Schannel [36887] - Se recibió la siguiente alerta irrecuperable: 80. 21/08/2012 10:22:35 a.m., Error: Schannel [36887] - Se recibió la siguiente alerta irrecuperable: 80. 21/08/2012 10:17:33 a.m., Error: Schannel [36887] - Se recibió la siguiente alerta irrecuperable: 80. 21/08/2012 10:12:36 a.m., Error: Schannel [36887] - Se recibió la siguiente alerta irrecuperable: 80. 21/08/2012 10:11:33 a.m., Error: Schannel [36887] - Se recibió la siguiente alerta irrecuperable: 80. 21/08/2012 09:46:59 a.m., Error: Service Control Manager [7026] - El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: PzWDM 21/08/2012 09:46:41 a.m., Error: Service Control Manager [7009] - Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Roxio Upnp Server 10. 21/08/2012 09:46:25 a.m., Error: Application Popup [1060] - Se bloqueó la carga de \SystemRoot\SysWow64\Drivers\PzWDM.sys por una incompatibilidad con este sistema. Póngase en contacto con el fabricante del software para obtener una versión compatible del controlador. . ==== End Of File ===========================

I apologize for posting in the wrong forum. I will open a new topic in the correct one. Thanks !