Internet Explorer/Mozilla Firefox not connecting to internet

	Advanced Search

Welcome to Omgili,
Omgili (Oh My God I Love It ;) is a search engine for discussions. With Omgili you can find answers and solutions, debates, discussions, personal experiences, opinions and more... To learn more about Omgili click here.

This is a complete preview of the discussion as it was indexed by Omgili crawlers. Use this preview if the original discussion is unavailable.
Click here to view the original discussion.


	Internet Explorer/Mozilla Firefox not connecting to internet - Piriform Community Forums Hi, I'm a Vista user. My IE 8.0 stopped working after I did some "questionable" P2P downloads. Also, Firefox emits an error message before it fails to open. I know my connection is fine because I can update softwares and connect to IM. Also, IE and Firefox do connect to the internet when I start the computer in the safe mode. In regular mode IE will not open any websites and Firefox won't even start. I spoke with AT&T high speed internet tech support and they said I have a virus or malaware problem. Whether Windows Firewall is on or off, the problem continues. My anti virus is AVG8.5, and I have run scans of Malawarebites Anti-Malaware, Search & Destroy, SuperAntiSpyware and SpywareBlaster. I did some HiJackThis work myself too. Some crap was eliminated, but the problem remains: browsers cannot access the internet. Please help. Thank you


	LOGS PART 1 Malwarebytes' Anti-Malware 1.32 Database version: 1649 Windows 6.0.6001 Service Pack 1 7/11/2009 2:56:09 PM mbam-log-2009-07-11 (14-56-09).txt Scan type: Quick Scan Objects scanned: 56382 Time elapsed: 4 minute(s), 25 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Rooter.exe (v1.0.2) by Eric_71 . The token does not have the SeDebugPrivilege privilege ! (error:1300) Can not acquire SeDebugPrivilege ! Please run the tool as administrator .. . Windows Vista Home Edition (6.0.6001) Service Pack 1 [32_bits] - x86 Family 6 Model 23 Stepping 6, GenuineIntel . Error OpenService (wscsvc) : 6 Error OpenSCManager : 5 Error OpenService (MpsSvc) : 6 Windows Defender -> Enabled User Account Control (UAC) -> Enabled . Internet Explorer 8.0.6001.18783 Mozilla Firefox 3.0.1 (en-US) . C:\ [Fixed-NTFS] .. ( Total:285 Go - Free:160 Go ) D:\ [Fixed-NTFS] .. ( Total:9 Go - Free:5 Go ) E:\ [CD_Rom] F:\ [Removable] G:\ [Removable] . Scan : 14:58.06 Path : C:\Users\Luis\Desktop\Rooter.exe User : Luis ( Administrator -> YES ) . \\ Processes . Locked [System Process] (0) Locked System (4) Locked smss.exe (484) Locked csrss.exe (656) Locked wininit.exe (708) Locked csrss.exe (724) Locked services.exe (768) Locked lsass.exe (780) Locked lsm.exe (788) Locked winlogon.exe (956) Locked svchost.exe (1052) Locked nvvsvc.exe (1100) Locked svchost.exe (1132) Locked svchost.exe (1180) Locked svchost.exe (1276) Locked svchost.exe (1308) Locked svchost.exe (1348) Locked audiodg.exe (1432) Locked svchost.exe (1488) Locked SLsvc.exe (1512) Locked svchost.exe (1536) Locked rundll32.exe (1624) Locked DockLogin.exe (1680) Locked upeksvr.exe (1752) Locked svchost.exe (1812) Locked WLTRYSVC.EXE (492) Locked BCMWLTRY.EXE (628) Locked wlanext.exe (660) Locked spoolsv.exe (1728) Locked svchost.exe (1844) C:\Windows\system32\taskeng.exe (2140) Locked taskeng.exe (2212) C:\Windows\system32\Dwm.exe (2312) Locked StxMenuMgr.exe (2344) C:\Windows\Explorer.EXE (2384) Locked taskeng.exe (2548) C:\Program Files\Winamp\winampa.exe (2624) Locked HP1006MC.EXE (2856) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (2904) Locked AEstSrv.exe (2988) Locked AppleMobileDeviceService.exe (3028) Locked avgwdsvc.exe (3052) C:\Program Files\Dell\MediaDirect\PCMService.exe (3072) C:\Windows\System32\rundll32.exe (3080) C:\Windows\System32\rundll32.exe (3092) C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe (3108) C:\Program Files\iTunes\iTunesHelper.exe (3116) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (3124) C:\Program Files\HP\HP UT\bin\hppusg.exe (3132) C:\Program Files\AVG\AVG8\avgtray.exe (3168) C:\Program Files\DellTPad\Apoint.exe (3176) Locked mDNSResponder.exe (3232) Locked IAANTmon.exe (3320) Locked McciCMService.exe (3420) Locked avgrsx.exe (3560) Locked avgnsx.exe (3576) Locked svchost.exe (3632) C:\Program Files\Fingerprint Reader Suite\psqltray.exe (2560) Locked stacsv.exe (1448) Locked svchost.exe (1128) Locked ViewpointService.exe (2092) Locked svchost.exe (1464) Locked SearchIndexer.exe (1452) C:\Windows\ehome\ehtray.exe (764) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (3256) C:\Program Files\Dell\Dell WUSB\WQ_Tray2.exe (3364) Locked wmpnetwk.exe (4024) Locked WUDFHost.exe (852) Locked iPodService.exe (3672) C:\Windows\ehome\ehmsas.exe (4608) Locked svchost.exe (4864) Locked ApMsgFwd.exe (5068) C:\Program Files\DellTPad\HidFind.exe (5112) C:\Program Files\DellTPad\Apntex.exe (5148) C:\Program Files\Internet Explorer\iexplore.exe (4036) C:\Program Files\Internet Explorer\iexplore.exe (6104) C:\Users\Luis\Desktop\Rooter.exe (2488) Locked taskeng.exe (5564) . \\ Device\Harddisk0\ . \Device\Harddisk0 [Sectors : 63 x 512 Bytes] . \Device\Harddisk0\Partition1 (Start_Offset:32256 \| Length:98671104) \Device\Harddisk0\Partition2 (Start_Offset:99614720 \| Length:10737418240) \Device\Harddisk0\Partition3 --[ MBR ]-- (Start_Offset:10837032960 \| Length:306550140928) \Device\Harddisk0\Partition0 (Start_Offset:317387177984 \| Length:2684354560) \Device\Harddisk0\Partition4 (Start_Offset:317388226560 \| Length:2683305984) . \\ Scheduled Tasks . C:\Windows\Tasks\HP WEP.job C:\Windows\Tasks\SA.DAT C:\Windows\Tasks\SCHEDLGU.TXT C:\Windows\Tasks\User_Feed_Synchronization-{D1CAD405-44FD-4870-A5EA-E558523335D5}.job . \\ Registry . . \\ Files & Folders .


	LOGS PART 2 OTL logfile created on: 7/11/2009 2:59:28 PM - Run 1 OTL by OldTimer - Version 3.0.7.1 Folder = C:\Users\Luis\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18783) Locale: 409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 2.00 Gb Total Physical Memory \| 1.88 Gb Available Physical Memory \| 93.83% Memory free 4.00 Gb Paging File \| 4.00 Gb Available in Paging File \| 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files Drive C: \| 285.50 Gb Total Space \| 160.83 Gb Free Space \| 56.33% Space Free \| Partition Type: NTFS Drive D: \| 10.00 Gb Total Space \| 5.31 Gb Free Space \| 53.13% Space Free \| Partition Type: NTFS E: Drive not present or media not loaded Drive F: \| 247.20 Mb Total Space \| 246.52 Mb Free Space \| 99.73% Space Free \| Partition Type: FAT Drive G: \| 7.46 Gb Total Space \| 2.66 Gb Free Space \| 35.63% Space Free \| Partition Type: FAT32 H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LUISPC Current User Name: Luis Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal Processes (SafeList) PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation) PRC - C:\Program Files\Fingerprint Reader Suite\upeksvr.exe (UPEK Inc.) PRC - C:\Windows\System32\WLTRYSVC.EXE () PRC - C:\Windows\System32\bcmwltry.exe (Dell Inc.) PRC - C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe (Seagate LLC) PRC - C:\Windows\Explorer.EXE (Microsoft Corporation) PRC - C:\Program Files\Winamp\winampa.exe () PRC - C:\Windows\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE (Software 2000 Limited) PRC - C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH) PRC - C:\Windows\System32\aestsrv.exe (Andrea Electronics Corporation) PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) PRC - C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe () PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files\HP\HP UT\bin\hppusg.exe ( ) PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation) PRC - C:\Program Files\Common Files\Motive\McciCMService.exe (Motive Communications, Inc.) PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Fingerprint Reader Suite\psqltray.exe (UPEK Inc.) PRC - C:\Windows\System32\STacSV.exe (IDT, Inc.) PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation) PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) PRC - C:\Program Files\Dell\Dell WUSB\WQ_Tray2.exe (WiQuest Communications, Inc.) PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation) PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) PRC - C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\DellTPad\HidFind.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\DellTPad\Apntex.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Windows\System32\wbem\wmiprvse.exe (Microsoft Corporation) PRC - C:\Users\Luis\Desktop\OTL.exe (OldTimer Tools) Win32 Services (SafeList) SRV - (AESTFilters [Auto \| Running]) -- C:\Windows\System32\aestsrv.exe (Andrea Electronics Corporation) SRV - (Apple Mobile Device [Auto \| Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (aspnet_state [On_Demand \| Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation) SRV - (avg8wd [Auto \| Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (Bonjour Service [Auto \| Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) SRV - (clr_optimization_v2.0.50727_32 [On_Demand \| Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (DockLoginService [Auto \| Running]) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation) SRV - (ehRecvr [On_Demand \| Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation) SRV - (ehSched [On_Demand \| Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation) SRV - (ehstart [Auto \| Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation) SRV - (Eventlog [Auto \| Running]) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation) SRV - (FontCache3.0.0.0 [On_Demand \| Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (GoogleDesktopManager-092308-165331 [On_Demand \| Stopped]) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) SRV - (GoToAssist [On_Demand \| Stopped]) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.) SRV - (IAANTMON [Auto \| Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation) SRV - (idsvc [Unknown \| Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (iPod Service [On_Demand \| Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) SRV - (Macromedia Licensing Service [On_Demand \| Stopped]) -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe () SRV - (McciCMService [Auto \| Running]) -- C:\Program Files\Common Files\Motive\McciCMService.exe (Motive Communications, Inc.) SRV - (NetTcpPortSharing [Disabled \| Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (nvsvc [Auto \| Running]) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) SRV - (odserv [On_Demand \| Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose [On_Demand \| Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (PCLEPCI [Auto \| Stopped]) -- C:\Windows\System32\drivers\pclepci.sys (Pinnacle Systems GmbH) SRV - (RapiMgr [Auto \| Running]) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (RoxLiveShare10 [Auto \| Stopped]) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (Sonic Solutions) SRV - (RoxMediaDB10 [On_Demand \| Stopped]) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions) SRV - (RoxWatch10 [Auto \| Stopped]) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe (Sonic Solutions) SRV - (SessionLauncher [Auto \| Stopped]) -- File not found SRV - (STacSV [Auto \| Running]) -- C:\Windows\System32\STacSV.exe (IDT, Inc.) SRV - (stllssvr [On_Demand \| Stopped]) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.) SRV - (usnjsvc [On_Demand \| Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation) SRV - (Viewpoint Manager Service [Auto \| Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) SRV - (WcesComm [Auto \| Running]) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (WinDefend [Auto \| Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (wltrysvc [Auto \| Running]) -- C:\Windows\System32\WLTRYSVC.EXE () SRV - (WMPNetworkSvc [Auto \| Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) Driver Services (SafeList) DRV - (adp94xx [Disabled \| Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (adpahci [Disabled \| Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (adpu160m [Disabled \| Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (adpu320 [Disabled \| Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (AFS [Boot \| Running]) -- C:\Windows\System32\drivers\AFS.SYS (Oak Technology Inc.) DRV - (aic78xx [Disabled \| Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (aliide [Disabled \| Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (ApfiltrService [On_Demand \| Running]) -- C:\Windows\System32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (arc [Disabled \| Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (arcsas [Disabled \| Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (AvgLdx86 [System \| Running]) -- C:\Windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgMfx86 [System \| Running]) -- C:\Windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgTdiX [System \| Running]) -- C:\Windows\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (BCM43XX [On_Demand \| Running]) -- C:\Windows\System32\DRIVERS\bcmwl6.sys (Broadcom Corp.) DRV - (BrFiltLo [On_Demand \| Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp [On_Demand \| Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (Brserid [Disabled \| Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrSerWdm [Disabled \| Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm [Disabled \| Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer [On_Demand \| Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (cmdide [Disabled \| Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (e1express [On_Demand \| Stopped]) -- C:\Windows\System32\DRIVERS\e1e6032.sys (Intel Corporation) DRV - (E1G60 [On_Demand \| Stopped]) -- C:\Windows\System32\DRIVERS\E1G60I32.sys (Intel Corporation) DRV - (elxstor [Disabled \| Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (GEARAspiWDM [On_Demand \| Stopped]) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV - (HpCISSs [Disabled \| Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (iaNvStor [Disabled \| Stopped]) -- C:\Windows\system32\drivers\ianvstor.sys (Intel Corporation) DRV - (iaStor [Boot \| Running]) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation) DRV - (iaStorV [Boot \| Running]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (iirsp [Disabled \| Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (iteatapi [Disabled \| Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (iteraid [Disabled \| Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (LSI_FC [Disabled \| Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (LSI_SAS [Disabled \| Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (LSI_SCSI [Disabled \| Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (MarvinBus [On_Demand \| Running]) -- C:\Windows\System32\DRIVERS\MarvinBus.sys (Pinnacle Systems GmbH) DRV - (megasas [Disabled \| Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation) DRV - (MegaSR [Disabled \| Stopped]) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.) DRV - (Mraid35x [Disabled \| Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (MREMP50 [On_Demand \| Stopped]) -- C:\Program Files\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (MRESP50 [On_Demand \| Stopped]) -- C:\Program Files\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA)) DRV - (nfrd960 [Disabled \| Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (ntrigdigi [Disabled \| Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (nvlddmkm [On_Demand \| Running]) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys (NVIDIA Corporation) DRV - (nvraid [Disabled \| Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor [Disabled \| Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (OEM02Dev [On_Demand \| Running]) -- C:\Windows\System32\DRIVERS\OEM02Dev.sys (Creative Technology Ltd.) DRV - (OEM02Vfx [On_Demand \| Running]) -- C:\Windows\System32\DRIVERS\OEM02Vfx.sys (EyePower Games Pte. Ltd.) DRV - (pcouffin [On_Demand \| Running]) -- C:\Windows\System32\Drivers\pcouffin.sys (VSO Software) DRV - (PinnacleMarvinUsb [On_Demand \| Stopped]) -- C:\Windows\System32\DRIVERS\MarvinUsb.sys (Pinnacle Systems) DRV - (PxHelp20 [Boot \| Running]) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions) DRV - (ql2300 [Disabled \| Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (ql40xx [Disabled \| Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (R300 [On_Demand \| Stopped]) -- C:\Windows\System32\DRIVERS\atikmdag.sys (ATI Technologies Inc.) DRV - (rimmptsk [Auto \| Running]) -- C:\Windows\System32\DRIVERS\rimmptsk.sys (REDC) DRV - (rimsptsk [Auto \| Running]) -- C:\Windows\System32\DRIVERS\rimsptsk.sys (REDC) DRV - (rismxdp [Auto \| Running]) -- C:\Windows\System32\DRIVERS\rixdptsk.sys (REDC) DRV - (SASDIFSV [System \| Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASENUM [On_Demand \| Running]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (SASKUTIL [System \| Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV - (secdrv [Auto \| Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (SiSRaid4 [Disabled \| Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (STHDA [On_Demand \| Running]) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.) DRV - (Symc8xx [Disabled \| Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_hi [Disabled \| Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Sym_u3 [Disabled \| Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (TcUsb [On_Demand \| Running]) -- C:\Windows\System32\Drivers\tcusb.sys (UPEK Inc.) DRV - (uliahci [Disabled \| Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (UlSata [Disabled \| Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (ulsata2 [Disabled \| Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (USBAAPL [On_Demand \| Stopped]) -- C:\Windows\System32\Drivers\usbaapl.sys (Apple, Inc.) DRV - (usb_rndisx [On_Demand \| Stopped]) -- C:\Windows\System32\DRIVERS\usb8023x.sys (Microsoft Corporation) DRV - (viaide [Disabled \| Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (vsmraid [Disabled \| Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (WQ_USBCBAF [Disabled \| Stopped]) -- C:\Windows\system32\drivers\wq_cba.sys (WiQuest Communications, Inc.) DRV - (WQ_USBDWA [Disabled \| Stopped]) -- C:\Windows\system32\drivers\wq_dwa.sys (WiQuest Communications, Inc.) DRV - (WQ_USBHWA [On_Demand \| Running]) -- C:\Windows\System32\DRIVERS\WQ_hwa.sys (WiQuest Communications, Inc.) DRV - (WQ_USBLOAD [On_Demand \| Stopped]) -- C:\Windows\System32\DRIVERS\WQ_ldr.sys (WiQuest Communications, Inc.) DRV - (WQ_USBRCI [On_Demand \| Running]) -- C:\Windows\System32\DRIVERS\WQ_rci.sys (WiQuest Communications, Inc.) DRV - (yukonwlh [On_Demand \| Running]) -- C:\Windows\System32\DRIVERS\yk60x86.sys (Marvell) Standard Registry (SafeList) Internet Explorer IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = .local FireFox FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.1 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/27 22:13:33 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/07/10 20:56:43 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/10 22:53:11 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/10 22:28:22 \| 00,000,000 \| ---D \| M] [2009/07/10 22:53:12 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Extensions [2009/07/10 22:53:12 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/02/08 16:53:40 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Extensions\uploadr@flickr.com [2009/07/10 22:57:03 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Firefox\Profiles\2g7yej1l.default\extensions [2009/07/10 22:57:03 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Firefox\Profiles\2g7yej1l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/07/10 22:28:23 \| 00,000,000 \| ---D \| M] -- C:\Program Files\mozilla firefox\extensions [2009/07/10 22:28:23 \| 00,000,000 \| ---D \| M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2008/07/02 18:52:45 \| 00,023,040 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2008/07/02 18:52:46 \| 00,134,144 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009/07/07 21:36:18 \| 00,122,880 \| ---- \| M] (Google) -- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll [2009/02/24 12:34:32 \| 01,044,480 \| ---- \| M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll [2007/04/10 17:21:08 \| 00,163,256 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2009/02/24 12:34:14 \| 01,337,648 \| ---- \| M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll [2009/02/24 12:34:22 \| 00,098,304 \| ---- \| M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2008/07/02 18:52:47 \| 00,065,536 \| ---- \| M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2006/10/26 20:12:16 \| 00,016,192 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2008/10/14 22:33:30 \| 00,095,600 \| ---- \| M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2009/06/28 17:44:05 \| 00,143,360 \| ---- \| M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009/06/28 17:44:05 \| 00,143,360 \| ---- \| M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009/06/28 17:44:05 \| 00,143,360 \| ---- \| M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009/06/28 17:44:05 \| 00,143,360 \| ---- \| M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009/06/28 17:44:05 \| 00,143,360 \| ---- \| M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009/06/28 17:44:06 \| 00,143,360 \| ---- \| M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009/06/28 17:44:06 \| 00,143,360 \| ---- \| M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2007/04/16 10:07:12 \| 00,180,293 \| ---- \| M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll [2009/02/24 12:34:32 \| 00,200,704 \| ---- \| M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll [2008/07/02 09:31:38 \| 00,001,394 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml [2008/07/02 09:31:38 \| 00,002,193 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml [2008/07/02 09:31:38 \| 00,001,534 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml [2008/07/02 09:31:38 \| 00,002,642 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml [2008/07/02 09:31:38 \| 00,001,706 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2008/07/02 09:31:38 \| 00,001,178 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml [2008/07/02 09:31:38 \| 00,000,792 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml O1 HOSTS File: (291222 bytes) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 10029 more lines... O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.) O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( ) O4 - HKLM..\Run: [Google Desktop Search] File not found O4 - HKLM..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe () O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files\HP\HP UT\bin\hppusg.exe ( ) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe File not found O4 - HKLM..\Run: [Nitro PDF Printer Monitor] C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [PrintUtil] C:\Program Files\HP\HP Print Utility\PrintUtil.exe File not found O4 - HKLM..\Run: [PSQLLauncher] File not found O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems) O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation) O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found O4 - HKCU..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe (Pinnacle Systems) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoBackup Launcher.lnk = C:\Program Files\Seagate\AutoBackup\MemeoLauncher.exe (Memeo Inc.) O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080800 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080804 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080808 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat101355 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat102727 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114630 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114631 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115456 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115458 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115503 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120757 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120805 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120823 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120828 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120829 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120830 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120831 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat175419 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180812 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180816 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280820 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280824 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280828 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380832 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380836 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480743 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480840 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480845 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480849 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580756 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580853 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580857 AM.bat () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\0 7 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: 64 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll (Installation Support) O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab (MSN Games Texas Holdem Poker) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/...k.cab102118.cab (MSN Games - Installer) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\Program) - File not found O20 - AppInit_DLLs: (Files\RelevantKnowledge\rlai.dll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/08/08 19:17:50 \| 00,000,121 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009/05/22 12:25:20 \| 00,000,096 \| -HS- \| M] () - G:\AUTORUN.INF -- [ FAT32 ] O33 - MountPoints2\{04e06c1b-03b2-11de-a7cc-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{057e4064-881d-11dd-a66f-001644ec2390}\Shell - "" = AutoRun O33 - MountPoints2\{057e4064-881d-11dd-a66f-001644ec2390}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O33 - MountPoints2\{13a26675-7249-11dd-9b1b-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{1a1d9d55-fa43-11dd-91b0-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{253df904-5ea5-11dd-a249-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{2b1d741c-5de4-11dd-8d75-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{4a2c12ce-6ab0-11de-96eb-00219bd0b350}\Shell - "" = AutoRun O33 - MountPoints2\{4a2c12ce-6ab0-11de-96eb-00219bd0b350}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found O33 - MountPoints2\{4a9210aa-85f9-11dd-b79a-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{7424b09d-617b-11dd-ba47-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{873eb59f-81bb-11dd-bb80-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{996e1a80-46dc-11de-9fe3-00219bd0b350}\Shell - "" = AutoRun O33 - MountPoints2\{996e1a80-46dc-11de-9fe3-00219bd0b350}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found O33 - MountPoints2\{9f82f4fa-7fa2-11dd-8b31-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{b5bb4a06-60ee-11dd-b887-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{b5bb4b49-60ee-11dd-b887-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{cf629f8e-6820-11dd-bb6a-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Install FreeAgent Tools.exe -- File not found O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: () - File not found NetSvcs: FastUserSwitchingCompatibility - Service key not found. File not found NetSvcs: Ias - Service key not found. File not found NetSvcs: Irmon - Service key not found. File not found NetSvcs: Nla - Service key not found. File not found NetSvcs: Ntmssvc - Service key not found. File not found NetSvcs: NWCWorkstation - Service key not found. File not found NetSvcs: Nwsapagent - Service key not found. File not found NetSvcs: SRService - Service key not found. File not found NetSvcs: Wmi - Service key not found. File not found NetSvcs: WmdmPmSp - Service key not found. File not found NetSvcs: LogonHours - Service key not found. File not found NetSvcs: PCAudit - Service key not found. File not found NetSvcs: helpsvc - Service key not found. File not found NetSvcs: uploadmgr - Service key not found. File not found MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: EventLog - C:\Windows\System32\wevtsvc.dll (Microsoft Corporation) SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: EventLog - C:\Windows\System32\wevtsvc.dll (Microsoft Corporation) SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.) SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error. ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error. ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error. ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {AAC3F1F0-5649-4670-A698-F1523729F015} - Microsoft .NET Framework 1.1 Hotfix (KB929729) ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: Nitro PDF Professional - cscript //B "C:\Program Files\Nitro PDF\Professional\RemoveOldAddins.vbs" Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation) Drivers32: msacm.sl_anet - C:\Windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.voxacm160 - C:\Windows\System32\vct3216.acm (Voxware, Inc.) Drivers32: MSVideo8 - C:\Windows\System32\VfWWDM32.dll (Microsoft Corporation) Drivers32: VIDC.ACDV - C:\Windows\System32\ACDV.dll (ACD Systems) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.i420 - vdrcodec.dll File not found Drivers32: VIDC.MJPG - C:\Windows\System32\Pvmjpg30.dll (Pegasus Imaging Corporation) Drivers32: VIDC.MP42 - C:\Windows\System32\mpg4c32.dll (Microsoft Corporation) Drivers32: VIDC.MP43 - C:\Windows\System32\mpg4c32.dll (Microsoft Corporation) Drivers32: VIDC.MPG4 - C:\Windows\System32\mpg4c32.dll (Microsoft Corporation) Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll () Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) Files/Folders - Created Within 30 Days [2009/07/11 14:58:22 \| 00,000,000 \| ---D \| C] -- C:\Rooter$ [2009/07/11 14:57:18 \| 00,513,536 \| ---- \| C] (OldTimer Tools) -- C:\Users\Luis\Desktop\OTL.exe [2009/07/11 14:57:18 \| 00,173,119 \| ---- \| C] (Eric_71) -- C:\Users\Luis\Desktop\Rooter.exe [2009/07/11 14:39:05 \| 00,000,000 \| ---D \| C] -- C:\Windows\ERDNT [2009/07/11 14:38:53 \| 00,000,915 \| ---- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2009/07/11 14:38:35 \| 00,000,000 \| ---D \| C] -- C:\Program Files\ERUNT [2009/07/11 14:22:24 \| 00,265,216 \| ---- \| C] (OldTimer Tools) -- C:\Users\Luis\Desktop\TFC.exe [2009/07/11 14:22:15 \| 00,794,112 \| ---- \| C] () -- C:\Users\Luis\Desktop\The_Comedian.exe [2009/07/11 13:12:46 \| 00,000,000 \| R--D \| C] -- C:\Users\Luis\Desktop\hijackthis [2009/07/11 13:07:52 \| 00,115,920 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\MSINET.OCX [2009/07/11 13:07:52 \| 00,000,000 \| ---D \| C] -- C:\Program Files\SpywareBlaster [2009/07/11 12:53:07 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Alwil Software [2009/07/10 22:57:41 \| 00,068,487 \| ---- \| C] () -- C:\Users\Luis\Desktop\bookmarks.html [2009/07/10 22:53:14 \| 00,000,000 \| ---- \| C] () -- C:\Windows\nsreg.dat [2009/07/10 21:54:24 \| 00,000,000 \| ---D \| C] -- C:\ProgramData\SUPERAntiSpyware.com [2009/07/10 21:53:55 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\AppData\Roaming\SUPERAntiSpyware.com [2009/07/10 21:53:55 \| 00,000,000 \| ---D \| C] -- C:\Program Files\SUPERAntiSpyware [2009/07/10 21:37:25 \| 00,002,085 \| ---- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoBackup Launcher.lnk [2009/07/10 21:37:25 \| 00,001,828 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ultrawideband Control Center.lnk [2009/07/10 21:37:25 \| 00,001,031 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk [2009/07/10 21:12:06 \| 00,000,000 \| ---D \| C] -- C:\Windows\pss [2009/07/10 21:05:17 \| 00,000,000 \| -H-D \| C] -- C:\$AVG8.VAULT$ [2009/07/10 20:56:57 \| 00,011,952 \| ---- \| C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll [2009/07/10 20:56:56 \| 00,108,552 \| ---- \| C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys [2009/07/10 20:56:52 \| 38,052,555 \| ---- \| C] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2009/07/10 20:56:52 \| 06,061,540 \| ---- \| C] () -- C:\Windows\System32\drivers\Avg\avi7.avg [2009/07/10 20:56:52 \| 00,463,779 \| ---- \| C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg [2009/07/10 20:56:52 \| 00,335,752 \| ---- \| C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys [2009/07/10 20:56:52 \| 00,025,155 \| ---- \| C] () -- C:\Windows\System32\drivers\Avg\microavi.avg [2009/07/10 20:56:52 \| 00,000,000 \| ---D \| C] -- C:\Windows\System32\drivers\Avg [2009/07/10 20:56:42 \| 00,000,000 \| ---D \| C] -- C:\ProgramData\avg8 [2009/07/10 20:56:42 \| 00,000,000 \| ---D \| C] -- C:\Program Files\AVG [2009/07/10 20:45:52 \| 00,027,784 \| ---- \| C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys [2009/07/10 20:45:48 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Grisoft [2009/07/10 08:08:57 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580857 AM.bat [2009/07/10 08:08:53 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580853 AM.bat [2009/07/10 08:08:49 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480849 AM.bat [2009/07/10 08:08:45 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480845 AM.bat [2009/07/10 08:08:40 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480840 AM.bat [2009/07/10 08:08:36 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380836 AM.bat [2009/07/10 08:08:32 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380832 AM.bat [2009/07/10 08:08:28 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280828 AM.bat [2009/07/10 08:08:24 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280824 AM.bat [2009/07/10 08:08:20 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280820 AM.bat [2009/07/10 08:08:16 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180816 AM.bat [2009/07/10 08:08:12 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180812 AM.bat [2009/07/10 08:08:08 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080808 AM.bat [2009/07/10 08:08:04 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080804 AM.bat [2009/07/10 08:08:00 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080800 AM.bat [2009/07/10 08:07:56 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580756 AM.bat [2009/07/10 08:07:43 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480743 AM.bat [2009/07/10 07:54:19 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat175419 AM.bat [2009/07/10 00:08:31 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120831 AM.bat [2009/07/10 00:08:30 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120830 AM.bat [2009/07/10 00:08:29 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120829 AM.bat [2009/07/10 00:08:28 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120828 AM.bat [2009/07/10 00:08:23 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120823 AM.bat [2009/07/10 00:08:05 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120805 AM.bat [2009/07/10 00:07:57 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120757 AM.bat [2009/07/09 23:55:03 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115503 PM.bat [2009/07/09 23:54:58 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115458 PM.bat [2009/07/09 23:54:57 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115456 PM.bat [2009/07/09 23:46:31 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114631 PM.bat [2009/07/09 23:46:30 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114630 PM.bat [2009/07/09 22:29:57 \| 00,005,016 \| -HS- \| C] () -- C:\Windows\E88D4.exe [2009/07/09 22:27:27 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat102727 PM.bat [2009/07/09 22:18:23 \| 00,000,000 \| ---D \| C] -- C:\Program Files\ARAX Disk Doctor Data Recovery [2009/07/09 22:13:55 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat101355 PM.bat [2009/07/09 21:54:13 \| 00,193,061 \| ---- \| C] () -- C:\Windows\System32\AdobeFnt.lst [2009/07/09 21:51:08 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\Desktop\Arax Disk Doctor Data Recovery v3.1.036 + Crack [RH] [2009/07/09 21:26:09 \| 00,068,232 \| ---- \| C] (JGsoft - Just Great Software) -- C:\Windows\UnDeployV.exe [2009/07/07 21:36:53 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\Documents\My Google Gadgets [2009/07/07 21:36:09 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Google [2009/06/28 17:45:10 \| 00,000,000 \| ---D \| C] -- C:\Program Files\iPod [2009/06/28 17:45:09 \| 00,000,000 \| ---D \| C] -- C:\Program Files\iTunes [2009/06/28 17:44:17 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Bonjour [2009/06/28 17:43:37 \| 00,000,000 \| ---D \| C] -- C:\Program Files\QuickTime [2009/06/28 14:23:24 \| 00,000,056 \| -H-- \| C] () -- C:\ProgramData\ezsidmv.dat [2009/06/28 14:23:23 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\AppData\Roaming\skypePM [2009/06/28 14:16:37 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\AppData\Roaming\Skype [2009/06/28 14:16:13 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Skype [2009/06/28 14:16:12 \| 00,000,000 \| R--D \| C] -- C:\Program Files\Skype [2009/06/28 14:16:03 \| 00,000,000 \| ---D \| C] -- C:\ProgramData\Skype [2009/06/27 22:12:49 \| 01,638,912 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2009/06/27 22:12:49 \| 00,071,680 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2009/06/27 22:12:48 \| 01,985,024 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll [2009/06/27 22:12:48 \| 00,915,456 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll [2009/06/27 22:12:48 \| 00,173,056 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2009/06/27 22:12:48 \| 00,164,352 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2009/06/27 22:12:48 \| 00,055,808 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2009/06/27 22:12:47 \| 01,469,440 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2009/06/27 22:12:47 \| 01,207,808 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll [2009/06/27 22:12:47 \| 00,385,536 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2009/06/27 22:12:47 \| 00,025,600 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2009/06/27 22:12:46 \| 11,064,832 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll [2009/06/27 22:12:46 \| 05,936,128 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll [2009/06/27 22:11:41 \| 00,072,704 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2009/06/27 22:11:41 \| 00,066,560 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll [2009/06/27 22:11:41 \| 00,059,904 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\icardie.dll [2009/06/27 22:11:41 \| 00,048,128 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2009/06/27 22:11:40 \| 00,348,160 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2009/06/27 22:11:40 \| 00,216,064 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2009/06/27 22:11:40 \| 00,156,160 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2009/06/27 22:11:40 \| 00,125,952 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2009/06/27 22:11:40 \| 00,066,560 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\tdc.ocx [2009/06/27 22:11:40 \| 00,034,816 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2009/06/27 22:11:40 \| 00,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll [2009/06/27 22:11:39 \| 00,236,544 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\webcheck.dll [2009/06/27 22:11:39 \| 00,229,376 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2009/06/27 22:11:39 \| 00,193,536 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2009/06/27 22:11:39 \| 00,183,808 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2009/06/27 22:11:39 \| 00,163,840 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2009/06/27 22:11:39 \| 00,109,568 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll [2009/06/27 22:11:39 \| 00,094,720 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2009/06/27 22:11:39 \| 00,066,560 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2009/06/27 22:11:39 \| 00,055,296 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2009/06/27 22:11:39 \| 00,043,008 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2009/06/27 22:11:38 \| 00,726,528 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2009/06/27 22:11:38 \| 00,611,840 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2009/06/27 22:11:38 \| 00,594,432 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2009/06/27 22:11:38 \| 00,445,952 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2009/06/27 22:11:38 \| 00,420,352 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2009/06/27 22:11:38 \| 00,208,384 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe [2009/06/27 22:11:38 \| 00,128,512 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\advpack.dll [2009/06/27 22:11:38 \| 00,057,667 \| ---- \| C] () -- C:\Windows\System32\ieuinit.inf [2009/06/27 22:11:38 \| 00,046,592 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2009/06/27 22:11:38 \| 00,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2009/06/27 22:11:37 \| 00,105,984 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2009/06/27 22:11:36 \| 03,698,584 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2009/06/27 22:11:36 \| 00,385,024 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2009/06/27 22:11:36 \| 00,169,472 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2009/06/27 22:11:36 \| 00,132,608 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2009/06/27 22:11:36 \| 00,109,568 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe [2009/06/27 22:11:36 \| 00,109,056 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2009/06/27 22:11:36 \| 00,107,520 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2009/06/27 22:11:36 \| 00,107,008 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2009/06/27 22:11:36 \| 00,103,936 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe [2009/06/27 22:11:36 \| 00,045,568 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\mshta.exe [2009/06/27 16:39:30 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\AppData\Local\SourceTec [2009/06/27 16:30:31 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\Desktop\Sothink[1].SWF.Decompiler.v5.0.503.Cracked [2009/06/27 15:47:11 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\Documents\FD Trillix [2009/06/27 15:24:02 \| 00,000,000 \| ---D \| C] -- C:\Program Files\SWF Decompile Expert [2009/06/27 15:18:54 \| 00,000,000 \| ---D \| C] -- C:\ProgramData\Macrovision [2009/06/27 15:14:16 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Macromedia Shared [2009/06/27 15:12:39 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\AppData\Local\Macromedia [2009/06/27 15:12:39 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Macromedia [2009/06/27 15:11:38 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Macromedia [2009/06/27 14:58:53 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\Desktop\Macromedia Flash MX Pro 2004, Keygen + How-To Guides [2009/06/27 14:47:25 \| 05,705,918 \| ---- \| C] () -- C:\Users\Luis\Desktop\lecture.swf [2009/06/14 12:48:24 \| 00,428,544 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2009/06/14 12:48:23 \| 00,293,376 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2009/06/14 12:48:23 \| 00,217,088 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax [2009/06/14 12:48:23 \| 00,177,664 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2009/06/14 12:48:23 \| 00,080,896 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2009/06/13 19:52:33 \| 00,000,000 \| -H-- \| C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf [2009/06/13 14:47:44 \| 02,033,152 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2009/06/13 14:47:42 \| 00,636,928 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll [2009/06/13 14:47:40 \| 00,784,896 \| ---- \| C] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll [2008/12/05 16:52:22 \| 00,509,224 \| ---- \| C] () -- C:\Windows\System32\ICCProfiles.dll [2008/08/17 16:24:57 \| 00,065,536 \| ---- \| C] () -- C:\Windows\System32\HPPLVS.dll [2008/08/17 14:18:43 \| 00,000,214 \| ---- \| C] () -- C:\Windows\HP_48BitScanUpdatePatch.ini [2008/08/08 19:17:50 \| 00,196,096 \| ---- \| C] () -- C:\Windows\System32\macd32.dll [2008/08/08 19:17:50 \| 00,138,752 \| ---- \| C] () -- C:\Windows\System32\mase32.dll [2008/08/08 19:17:50 \| 00,136,192 \| ---- \| C] () -- C:\Windows\System32\mamc32.dll [2008/08/08 19:17:50 \| 00,057,856 \| ---- \| C] () -- C:\Windows\System32\masd32.dll [2008/08/08 19:17:49 \| 00,027,648 \| ---- \| C] () -- C:\Windows\System32\ma32.dll [2008/08/01 18:18:24 \| 00,000,502 \| ---- \| C] () -- C:\Windows\FORGE32.ini [2008/08/01 18:18:20 \| 00,061,952 \| ---- \| C] () -- C:\Windows\System32\rmmerge2.DLL [2008/08/01 18:18:20 \| 00,009,728 \| ---- \| C] () -- C:\Windows\System32\rmevents.DLL [2008/08/01 18:11:47 \| 00,210,944 \| ---- \| C] () -- C:\Windows\System32\MSVCRT10.DLL [2008/08/01 18:11:46 \| 00,000,149 \| ---- \| C] () -- C:\Windows\KPCMS.INI [2008/07/24 02:03:39 \| 00,167,936 \| ---- \| C] () -- C:\Windows\System32\nvccoin.dll [2008/07/24 02:03:38 \| 00,016,480 \| ---- \| C] () -- C:\Windows\System32\rixdicon.dll [2008/07/23 23:32:21 \| 00,054,784 \| ---- \| C] () -- C:\Windows\System32\bcmwlrmt.dll [2007/07/26 12:01:50 \| 00,114,688 \| ---- \| C] () -- C:\Windows\System32\hppatusg01.dll [2006/11/02 05:35:32 \| 00,005,632 \| ---- \| C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 03:25:44 \| 00,159,744 \| ---- \| C] () -- C:\Windows\System32\atitmmxx.dll [2006/11/02 03:23:31 \| 00,000,219 \| ---- \| C] () -- C:\Windows\win.ini [2006/11/02 03:23:31 \| 00,000,219 \| ---- \| C] () -- C:\Windows\system.ini [2006/11/02 00:40:29 \| 00,013,750 \| ---- \| C] () -- C:\Windows\System32\pacerprf.ini [2005/10/09 19:33:54 \| 00,137,216 \| ---- \| C] () -- C:\Windows\System32\secdel.dll [2004/12/19 06:29:40 \| 00,180,224 \| ---- \| C] () -- C:\Windows\System32\xvidvfw.dll [2004/12/19 06:17:10 \| 00,765,952 \| ---- \| C] () -- C:\Windows\System32\xvidcore.dll [2002/10/15 15:54:04 \| 00,153,088 \| ---- \| C] () -- C:\Windows\System32\unrar.dll [2002/10/06 11:42:56 \| 00,237,568 \| ---- \| C] () -- C:\Windows\System32\OggDS.dll [2002/10/04 16:04:24 \| 00,921,600 \| ---- \| C] () -- C:\Windows\System32\VorbisEnc.dll [2002/10/04 16:04:24 \| 00,188,416 \| ---- \| C] () -- C:\Windows\System32\vorbis.dll [2002/10/04 16:04:16 \| 00,045,056 \| ---- \| C] () -- C:\Windows\System32\ogg.dll [2002/05/15 16:38:40 \| 00,091,136 \| ---- \| C] () -- C:\Windows\System32\mp4fil32.dll [2002/03/21 15:39:02 \| 00,073,728 \| ---- \| C] () -- C:\Windows\System32\UNACEV2.DLL Files - Modified Within 30 Days [2009/07/11 14:59:08 \| 00,751,146 \| ---- \| M] () -- C:\Windows\System32\PerfStringBackup.INI [2009/07/11 14:59:08 \| 00,636,992 \| ---- \| M] () -- C:\Windows\System32\perfh009.dat [2009/07/11 14:59:08 \| 00,118,088 \| ---- \| M] () -- C:\Windows\System32\perfc009.dat [2009/07/11 14:50:24 \| 00,513,536 \| ---- \| M] (OldTimer Tools) -- C:\Users\Luis\Desktop\OTL.exe [2009/07/11 14:49:52 \| 00,173,119 \| ---- \| M] (Eric_71) -- C:\Users\Luis\Desktop\Rooter.exe [2009/07/11 14:43:20 \| 00,088,616 \| ---- \| M] () -- C:\ProgramData\nvModes.001 [2009/07/11 14:42:52 \| 00,003,616 \| -H-- \| M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/07/11 14:42:52 \| 00,003,616 \| -H-- \| M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/07/11 14:42:50 \| 00,000,006 \| -H-- \| M] () -- C:\Windows\tasks\SA.DAT [2009/07/11 14:42:46 \| 00,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2009/07/11 14:38:53 \| 00,000,915 \| ---- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2009/07/11 14:22:52 \| 00,265,216 \| ---- \| M] (OldTimer Tools) -- C:\Users\Luis\Desktop\TFC.exe [2009/07/11 14:22:20 \| 00,794,112 \| ---- \| M] () -- C:\Users\Luis\Desktop\The_Comedian.exe [2009/07/11 12:53:34 \| 00,002,577 \| ---- \| M] () -- C:\Windows\System32\config.nt [2009/07/11 09:06:18 \| 38,052,555 \| ---- \| M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2009/07/10 22:56:14 \| 00,068,487 \| ---- \| M] () -- C:\Users\Luis\Desktop\bookmarks.html [2009/07/10 22:53:14 \| 00,000,000 \| ---- \| M] () -- C:\Windows\nsreg.dat [2009/07/10 22:49:18 \| 00,291,222 \| R--- \| M] () -- C:\Windows\System32\drivers\etc\hosts [2009/07/10 21:00:56 \| 00,463,779 \| ---- \| M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg [2009/07/10 21:00:56 \| 00,025,155 \| ---- \| M] () -- C:\Windows\System32\drivers\Avg\microavi.avg [2009/07/10 20:56:57 \| 00,011,952 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll [2009/07/10 20:56:56 \| 00,108,552 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys [2009/07/10 20:56:52 \| 06,061,540 \| ---- \| M] () -- C:\Windows\System32\drivers\Avg\avi7.avg [2009/07/10 20:56:52 \| 00,335,752 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys [2009/07/10 20:56:52 \| 00,027,784 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys [2009/07/10 16:41:30 \| 00,000,416 \| -H-- \| M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D1CAD405-44FD-4870-A5EA-E558523335D5}.job [2009/07/10 08:08:57 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580857 AM.bat [2009/07/10 08:08:53 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580853 AM.bat [2009/07/10 08:08:49 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480849 AM.bat [2009/07/10 08:08:45 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480845 AM.bat [2009/07/10 08:08:40 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480840 AM.bat [2009/07/10 08:08:36 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380836 AM.bat [2009/07/10 08:08:32 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380832 AM.bat [2009/07/10 08:08:28 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280828 AM.bat [2009/07/10 08:08:24 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280824 AM.bat [2009/07/10 08:08:20 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280820 AM.bat [2009/07/10 08:08:16 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180816 AM.bat [2009/07/10 08:08:12 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180812 AM.bat [2009/07/10 08:08:08 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080808 AM.bat [2009/07/10 08:08:04 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080804 AM.bat [2009/07/10 08:08:00 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080800 AM.bat [2009/07/10 08:07:56 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580756 AM.bat [2009/07/10 08:07:43 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480743 AM.bat [2009/07/10 07:54:19 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat175419 AM.bat [2009/07/10 00:08:31 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120831 AM.bat [2009/07/10 00:08:30 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120830 AM.bat [2009/07/10 00:08:29 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120829 AM.bat [2009/07/10 00:08:28 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120828 AM.bat [2009/07/10 00:08:23 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120823 AM.bat [2009/07/10 00:08:05 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120805 AM.bat [2009/07/10 00:07:57 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120757 AM.bat [2009/07/09 23:55:03 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115503 PM.bat [2009/07/09 23:55:03 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115458 PM.bat [2009/07/09 23:54:58 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115456 PM.bat [2009/07/09 23:46:31 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114631 PM.bat [2009/07/09 23:46:30 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114630 PM.bat [2009/07/09 22:30:37 \| 00,005,016 \| -HS- \| M] () -- C:\Windows\E88D4.exe [2009/07/09 22:27:27 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat102727 PM.bat [2009/07/09 22:18:02 \| 00,000,349 \| ---- \| M] () -- C:\Users\Public\Documents\PCLECHAL.INI [2009/07/09 22:13:55 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat101355 PM.bat [2009/07/09 21:54:13 \| 00,193,061 \| ---- \| M] () -- C:\Windows\System32\AdobeFnt.lst [2009/07/08 02:50:43 \| 00,173,568 \| ---- \| M] () -- C:\Users\Luis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/07/05 15:16:44 \| 00,088,616 \| ---- \| M] () -- C:\ProgramData\nvModes.dat [2009/06/28 14:23:24 \| 00,000,056 \| -H-- \| M] () -- C:\ProgramData\ezsidmv.dat [2009/06/28 13:28:53 \| 00,000,498 \| ---- \| M] () -- C:\Users\Luis\Documents\My Sharing Folders.lnk [2009/06/27 14:47:30 \| 05,705,918 \| ---- \| M] () -- C:\Users\Luis\Desktop\lecture.swf [2009/06/14 03:15:11 \| 00,448,688 \| ---- \| M] () -- C:\Windows\System32\FNTCACHE.DAT [2009/06/13 19:52:33 \| 00,000,000 \| -H-- \| M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf LOP Check [2009/07/10 21:53:55 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming [2008/09/29 21:17:51 \| 00,000,000 \| -HSD \| M] -- C:\Users\Luis\AppData\Roaming\.# [2008/07/29 21:03:49 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\ACD Systems [2008/08/01 16:55:59 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Acoustica [2009/01/24 19:02:41 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Any Video Converter [2009/03/05 23:15:06 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\ArcSoft [2009/03/28 21:40:03 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Cool Record Edit Pro [2008/09/14 00:31:10 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\CopyTrans [2008/09/14 00:29:55 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\CopyTransControlCenter [2008/07/29 22:21:14 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\CyberLink [2008/08/01 16:51:12 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\DataSafeOnline [2008/07/28 19:11:35 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Dell [2008/08/03 16:00:39 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Flickr [2009/01/17 18:50:40 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Free Sound Recorder [2008/07/29 20:35:39 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Free-backup.info [2006/11/02 05:37:34 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Media Center Programs [2008/10/20 13:20:38 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Move Networks [2008/08/17 13:59:13 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Neuratron [2009/03/07 17:15:33 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Nitro PDF [2008/11/01 10:29:54 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\ooVoo Details [2008/10/10 14:36:14 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\PeerNetworking [2008/08/18 23:06:16 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Roxio [2008/08/01 18:23:04 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\scar5 [2008/07/29 20:59:01 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Softplicity [2009/01/17 18:21:01 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Thinstall [2008/07/28 20:07:48 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\tmp [2008/09/21 14:49:43 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\U3 [2009/04/29 23:09:02 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\Vso [2008/10/16 05:01:30 \| 00,000,314 \| ---- \| M] () -- C:\Windows\Tasks\HP WEP.job [2009/07/11 14:42:50 \| 00,000,006 \| -H-- \| M] () -- C:\Windows\Tasks\SA.DAT [2009/07/11 14:34:54 \| 00,032,566 \| ---- \| M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009/07/10 16:41:30 \| 00,000,416 \| -H-- \| M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{D1CAD405-44FD-4870-A5EA-E558523335D5}.job Purity Check Custom Scans < %systemroot%\System32\antiwpa.dll > < %systemroot%\SYSTEM32\wpa.dll > < %systemroot%\setup\scripts\biestart.exe > < %systemroot%\system32\drivers\royal.sys > < %systemroot%\system32\oobe\AntiWPA_Crypt.dll > < %TEMP%\antiwpa_crypt.dll > < %TEMP%\antiwpa.dll /s > < %PROGRAMFILES%\antiwpa.dll /s > < %systemroot%\system32\crypt.dll > < %TEMP%\crypt.dll > < %SYSTEMDRIVE%\. > [2009/07/11 14:57:18 \| 00,000,000 \| R--D \| M] -- C: [2009/07/11 14:46:30 \| 00,000,000 \| -H-D \| M] -- C:\$AVG8.VAULT$ [2009/01/10 16:50:50 \| 00,000,000 \| -HSD \| M] -- C:\$Recycle.Bin [2008/11/23 17:44:45 \| 00,000,000 \| ---D \| M] -- C:\2Wire_DSL_Setup_Tool [2008/08/01 18:19:10 \| 00,000,000 \| ---D \| M] -- C:\audio [2008/02/03 16:06:57 \| 00,000,000 \| -HSD \| M] -- C:\Boot [2008/08/09 13:41:57 \| 00,000,000 \| ---D \| M] -- C:\CONSULT [2008/10/27 14:33:40 \| 00,000,000 \| ---D \| M] -- C:\DELL [2008/07/23 23:26:53 \| 00,000,000 \| ---D \| M] -- C:\Documents and Settings [2008/07/24 01:57:58 \| 00,000,000 \| ---D \| M] -- C:\Drivers [2008/08/01 18:11:47 \| 00,000,000 \| ---D \| M] -- C:\KPCMS [2008/07/28 20:17:57 \| 00,000,000 \| RH-D \| M] -- C:\MSOCache [2008/01/20 19:32:31 \| 00,000,000 \| ---D \| M] -- C:\PerfLogs [2009/07/11 14:38:35 \| 00,000,000 \| R--D \| M] -- C:\Program Files [2009/07/10 21:54:24 \| 00,000,000 \| -H-D \| M] -- C:\ProgramData [2008/07/29 21:50:52 \| 00,000,000 \| ---D \| M] -- C:\ProgramDataTechSmith [2009/07/11 14:58:22 \| 00,000,000 \| ---D \| M] -- C:\Rooter$ [2009/07/11 02:29:28 \| 00,000,000 \| -HSD \| M] -- C:\System Volume Information [2008/10/27 14:13:14 \| 00,000,000 \| R--D \| M] -- C:\Users [2009/07/11 14:43:08 \| 00,000,000 \| ---D \| M] -- C:\Windows < %SYSTEMDRIVE%\.* > [2008/08/08 19:17:50 \| 00,000,121 \| ---- \| M] () -- C:\AUTOEXEC.BAT [2008/01/20 19:24:42 \| 00,333,203 \| RHS- \| M] () -- C:\bootmgr [2008/10/14 21:29:19 \| 00,000,054 \| ---- \| M] () -- C:\cleantemp.bat [2006/09/18 14:43:37 \| 00,000,010 \| ---- \| M] () -- C:\config.sys [2008/05/14 09:21:26 \| 00,088,560 \| ---- \| M] (Sonic Solutions) -- C:\DC_ShellExt.dll [2008/07/24 02:03:49 \| 00,005,243 \| RH-- \| M] () -- C:\dell.sdr [2008/08/01 18:10:49 \| 00,000,000 \| RHS- \| M] () -- C:\IO.SYS [2008/09/20 17:12:37 \| 00,000,441 \| -H-- \| M] () -- C:\IPH.PH [2008/08/01 18:10:49 \| 00,000,000 \| RHS- \| M] () -- C:\MSDOS.SYS [2008/07/23 23:32:18 \| 00,026,927 \| ---- \| M] () -- C:\newkey [2009/07/11 14:42:38 \| 35,330,00704 \| -HS- \| M] () -- C:\pagefile.sys < %PROGRAMFILES%\*. > [2009/07/11 14:38:35 \| 00,000,000 \| R--D \| M] -- C:\Program Files [2008/07/29 21:03:01 \| 00,000,000 \| ---D \| M] -- C:\Program Files\ACD Systems [2008/08/01 16:56:18 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Acoustica CD Label Maker [2008/08/24 18:47:53 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Acoustica MP3 CD Burner [2008/11/08 20:00:17 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Adobe [2009/02/26 23:24:09 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Align [2009/07/11 12:53:07 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Alwil Software [2009/01/24 18:16:51 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Any Video Converter [2009/04/17 10:16:44 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Apple Software Update [2008/10/04 08:30:54 \| 00,000,000 \| ---D \| M] -- C:\Program Files\ARAR [2009/07/10 21:30:59 \| 00,000,000 \| ---D \| M] -- C:\Program Files\ARAX Disk Doctor Data Recovery [2009/03/05 21:29:46 \| 00,000,000 \| ---D \| M] -- C:\Program Files\ArcSoft [2008/11/23 17:57:03 \| 00,000,000 \| ---D \| M] -- C:\Program Files\ATT [2008/11/23 17:56:36 \| 00,000,000 \| ---D \| M] -- C:\Program Files\att-aace [2008/12/09 21:50:24 \| 00,000,000 \| -H-D \| M] -- C:\Program Files\Avago-HP [2009/07/10 20:56:42 \| 00,000,000 \| ---D \| M] -- C:\Program Files\AVG [2008/07/29 21:13:33 \| 00,000,000 \| ---D \| M] -- C:\Program Files\AviSynth 2.5 [2009/06/28 17:44:17 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Bonjour [2008/10/26 21:06:55 \| 00,000,000 \| ---D \| M] -- C:\Program Files\CCleaner [2008/07/23 23:32:33 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Cisco [2008/07/23 23:45:49 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Citrix [2008/10/14 20:21:00 \| 00,000,000 \| ---D \| M] -- C:\Program Files\CleanCache 3.0 [2009/07/10 22:58:02 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Common Files [2008/09/11 23:15:49 \| 00,000,000 \| ---D \| M] -- C:\Program Files\ConvertHelper [2008/07/23 23:26:53 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Creative [2008/07/23 23:26:08 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Creative Live! Cam [2008/07/23 23:38:15 \| 00,000,000 \| ---D \| M] -- C:\Program Files\CyberLink [2009/05/17 11:21:34 \| 00,000,000 \| ---D \| M] -- C:\Program Files\ddpoker3 [2008/08/08 18:32:23 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Dell [2008/07/23 23:33:40 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Dell DataSafe Online [2008/07/23 23:37:02 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Dell Support Center [2008/07/24 02:03:30 \| 00,000,000 \| ---D \| M] -- C:\Program Files\DellTPad [2009/05/31 13:23:58 \| 00,000,000 \| ---D \| M] -- C:\Program Files\DivX [2008/07/29 20:37:45 \| 00,000,000 \| ---D \| M] -- C:\Program Files\DVD Decrypter [2008/07/29 20:56:23 \| 00,000,000 \| ---D \| M] -- C:\Program Files\DVDFab Platinum 4 [2008/07/29 20:57:26 \| 00,000,000 \| ---D \| M] -- C:\Program Files\DVDx [2009/07/11 14:38:53 \| 00,000,000 \| ---D \| M] -- C:\Program Files\ERUNT [2008/07/29 21:05:26 \| 00,000,000 \| ---D \| M] -- C:\Program Files\FastStone Image Viewer [2008/07/23 23:25:29 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Fingerprint Reader Suite [2009/05/25 18:09:13 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Flickr Uploadr [2008/11/21 21:53:42 \| 00,000,000 \| -H-D \| M] -- C:\Program Files\FLV Player [2009/03/28 21:17:54 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Free Sound Recorder [2008/12/05 19:15:38 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Free Video Converter [2008/07/29 21:14:08 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Gabest [2008/12/14 20:55:50 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Gadwin Systems [2008/07/29 21:07:33 \| 00,000,000 \| ---D \| M] -- C:\Program Files\GetData [2009/07/07 21:36:09 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Google [2009/07/10 20:45:48 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Grisoft [2008/08/01 17:29:05 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Hewlett-Packard [2009/05/17 10:49:10 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Holdem Indicator [2009/05/31 13:24:41 \| 00,000,000 \| ---D \| M] -- C:\Program Files\HP [2009/06/27 15:11:37 \| 00,000,000 \| -H-D \| M] -- C:\Program Files\InstallShield Installation Information [2008/07/23 23:27:57 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Intel [2009/06/27 22:21:18 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Internet Explorer [2009/06/28 17:45:10 \| 00,000,000 \| ---D \| M] -- C:\Program Files\iPod [2009/06/28 17:45:21 \| 00,000,000 \| ---D \| M] -- C:\Program Files\iTunes [2008/07/23 23:20:47 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Java [2009/06/27 15:11:38 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Macromedia [2008/08/03 14:14:20 \| 00,000,000 \| ---D \| M] -- C:\Program Files\MagicISO [2009/01/13 22:51:54 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Malwarebytes' Anti-Malware [2009/07/11 06:26:55 \| 00,000,000 \| ---D \| M] -- C:\Program Files\McFunSoft Video Capture [2008/08/08 20:03:00 \| 00,000,000 \| ---D \| M] -- C:\Program Files\McFunSoft Video Solution [2008/12/16 23:21:20 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Medieval Software [2009/07/01 19:01:30 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Megacubo [2008/08/16 18:13:28 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Memeo [2009/02/23 22:13:56 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft [2006/11/02 05:37:34 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft Games [2008/07/28 20:22:24 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft Office [2009/03/01 14:05:32 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft Silverlight [2008/07/23 23:22:00 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft SQL Server Compact Edition [2008/11/23 03:25:03 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft Visual Studio [2009/04/30 20:23:51 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft Works [2008/07/28 20:21:59 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Microsoft.NET [2008/12/14 17:08:10 \| 00,000,000 \| -H-D \| M] -- C:\Program Files\Mihov Picture Downloader [2008/01/20 19:35:17 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Movie Maker [2009/07/11 14:40:32 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox [2008/07/29 21:05:58 \| 00,000,000 \| ---D \| M] -- C:\Program Files\MP3Gain [2006/11/02 05:37:34 \| 00,000,000 \| ---D \| M] -- C:\Program Files\MSBuild [2008/07/28 19:22:40 \| 00,000,000 \| ---D \| M] -- C:\Program Files\MSXML 4.0 [2009/03/07 17:13:59 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Nitro PDF [2008/08/08 19:21:15 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Pinnacle [2009/06/28 17:44:05 \| 00,000,000 \| ---D \| M] -- C:\Program Files\QuickTime [2008/07/29 20:36:53 \| 00,000,000 \| ---D \| M] -- C:\Program Files\RarZilla Free Unrar [2008/07/29 21:13:30 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Red Kawa [2006/11/02 05:37:34 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Reference Assemblies [2009/03/04 22:59:20 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Replay Video Capture [2008/07/23 23:45:26 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Roxio [2008/11/23 23:00:52 \| 00,000,000 \| ---D \| M] -- C:\Program Files\scar5 [2008/08/18 20:05:52 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Seagate [2008/07/23 18:08:42 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Sigmatel [2009/06/28 14:16:14 \| 00,000,000 \| R--D \| M] -- C:\Program Files\Skype [2009/07/10 21:29:10 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Spybot - Search & Destroy [2009/07/11 13:08:57 \| 00,000,000 \| ---D \| M] -- C:\Program Files\SpywareBlaster [2009/07/10 21:53:57 \| 00,000,000 \| ---D \| M] -- C:\Program Files\SUPERAntiSpyware [2009/06/27 15:36:52 \| 00,000,000 \| ---D \| M] -- C:\Program Files\SWF Decompile Expert [2008/07/29 21:48:43 \| 00,000,000 \| ---D \| M] -- C:\Program Files\TechSmith [2008/07/29 21:12:01 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Total Video Converter [2008/07/29 20:58:57 \| 00,000,000 \| ---D \| M] -- C:\Program Files\TotalAudioConverter [2009/05/17 13:21:40 \| 00,000,000 \| ---D \| M] -- C:\Program Files\TVUPlayer [2006/11/02 06:01:55 \| 00,000,000 \| -H-D \| M] -- C:\Program Files\Uninstall Information [2008/07/29 21:34:12 \| 00,000,000 \| ---D \| M] -- C:\Program Files\URUSoft [2008/09/20 17:12:08 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Viewpoint [2008/07/29 21:00:15 \| 00,000,000 \| ---D \| M] -- C:\Program Files\VirtualDJ [2008/07/29 20:50:51 \| 00,000,000 \| ---D \| M] -- C:\Program Files\VSO [2008/08/18 18:46:08 \| 00,000,000 \| ---D \| M] -- C:\Program Files\WinAce [2008/07/29 21:57:08 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Winamp [2008/01/20 19:35:18 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Windows Calendar [2008/01/20 19:35:15 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Windows Collaboration [2008/01/20 19:35:09 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Windows Defender [2008/01/20 19:35:14 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Windows Journal [2008/07/28 21:52:15 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Windows Live [2009/05/13 03:02:03 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Windows Mail [2009/03/11 03:06:18 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Windows Media Player [2006/11/02 05:37:34 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Windows NT [2008/01/20 19:35:14 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Windows Photo Gallery [2008/01/20 19:35:17 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Windows Sidebar [2008/09/14 12:54:43 \| 00,000,000 \| ---D \| M] -- C:\Program Files\WindSolutions [2008/08/07 21:50:01 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Xilisoft [2008/07/29 21:14:26 \| 00,000,000 \| ---D \| M] -- C:\Program Files\X-VCD Player [2008/07/29 21:14:43 \| 00,000,000 \| ---D \| M] -- C:\Program Files\Xvid [2009/01/22 19:01:14 \| 00,000,000 \| -H-D \| M] -- C:\Program Files\Yahoo! Alternate Data Streams


	LOGS PART 3 OTL Extras logfile created on: 7/11/2009 2:59:28 PM - Run 1 OTL by OldTimer - Version 3.0.7.1 Folder = C:\Users\Luis\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18783) Locale: 409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 2.00 Gb Total Physical Memory \| 1.88 Gb Available Physical Memory \| 93.83% Memory free 4.00 Gb Paging File \| 4.00 Gb Available in Paging File \| 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files Drive C: \| 285.50 Gb Total Space \| 160.83 Gb Free Space \| 56.33% Space Free \| Partition Type: NTFS Drive D: \| 10.00 Gb Total Space \| 5.31 Gb Free Space \| 53.13% Space Free \| Partition Type: NTFS E: Drive not present or media not loaded Drive F: \| 247.20 Mb Total Space \| 246.52 Mb Free Space \| 99.73% Space Free \| Partition Type: FAT Drive G: \| 7.46 Gb Total Space \| 2.66 Gb Free Space \| 35.63% Space Free \| Partition Type: FAT32 H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LUISPC Current User Name: Luis Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal Extra Registry (SafeList) File Associations [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = Photoshop.CHMFile] -- C:\Program Files\Adobe\Photoshop5\Photoshp.exe (Adobe Systems, Incorporated) .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Security Center Settings [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 Reg Error: Unknown registry data type File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 Authorized Applications List HKEY_LOCAL_MACHINE Uninstall List [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02C85EC5-E864-4847-AF55-42730861004C}" = MrvlUsgTracking "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data "{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService "{0AEA9ECE-2AD0-4DF0-932E-F0AC6B771749}" = SnagIt 8 "{0EC7C406-B592-4686-BAC1-AD29A85EAE6A}" = HP Driver Diagnostics "{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}" = Studio 11 "{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools "{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype 4.0 "{2767DEDE-EA9D-4FCE-A06A-40F4DD293330}" = hppusgP1000 "{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.1 "{29F2FE64-EFCE-4FC5-8FEB-16B688578F89}" = Nitro PDF Professional "{2F353D44-73BB-4971-B31D-F7642E9E9531}" = Macromedia Flash MX 2004 "{2F952048-3220-4AC7-A206-D01EFC774BB2}" = Studio 11 "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5 "{3F198846-A8B6-44FD-80C9-139C51A8EB6B}" = DineCorp PixelEase "{3FB3647F-B6A6-46B4-8613-A09BCFAB80F0}" = Roxio Creator Premier 10 "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement "{469EF13B-4AD0-48D7-AF89-6B92278293E2}" = Roxio Creator Premier "{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet "{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online "{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module "{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist "{5D601655-6D54-4384-B52C-17EC5385FBBD}" = iTunes "{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module "{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply "{7B02BF60-796D-4616-908B-B31A63CFDEFB}" = HPCarePackCore "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{8355F970-601D-442D-A79B-1D7DB4F24CAD}" = Apple Mobile Device Support "{86B5E5AF-3D50-4979-9C81-687C1B3C586D}" = Dell WUSB "{8920EF0D-633E-46D1-9561-90E713E3145A}" = AutoBackup "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack "{90120000-0015-0409-0000- FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000- FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000- FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000- FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000- FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000- FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0409-0000- FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000- FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0409-0000- FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000- FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000- FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000- FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000- FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000- FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000- FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000- FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000- FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000- FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000- FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000- FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000- FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0044-0409-0000- FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000- FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000- FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000- FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000- FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000- FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0409-0000- FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000- FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0114-0409-0000- FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000- FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000- FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000- FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0117-0409-0000- FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000- FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant "{95120000-00AF-0409-0000- FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup "{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad "{A2289997-10A3-48F2-AA03-99180D761661}" = Fingerprint Reader Suite 5.6 "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter "{AC76BA86-7AD7-1033-7B44-A813 3}" = Adobe Reader 8.1.3 "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder "{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B96D2269-568B-4CBF-9332-12FAE8B158F7}" = Medieval CUE Splitter "{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.2.3.258g "{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module "{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime "{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center "{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module "{ECA31632-C2AD-4774-A3CA-2813D47E4DD0}" = HPCarePackProducts "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Premier "{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}" = Pinnacle Instant DVD Recorder "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F5A83924-6A0A-40A2-9A9C-00D876B62E7F}" = FreeAgent Pro Tools "{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock "{F8B98EB6-FC06-45BF-87D4-9784E0408611}" = ACDSee 10 Photo Manager "{F9AEEC34-CF00-4CBD-9E36-DF9DC4002685}" = Yahoo! Desktop Login "Acoustica CD/DVD Label Maker" = Acoustica CD/DVD Label Maker "Acoustica MP3 CD Burner" = Acoustica MP3 CD Burner "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Advanced Audio FX Engine" = Advanced Audio FX Engine "Advanced RAR Repair v1.2" = Advanced RAR Repair v1.2 "Advanced Video FX Engine" = Advanced Video FX Engine "Any Video Converter_is1" = Any Video Converter 2.5.1 "Applian FLV Player2.0.24" = Applian FLV Player "ATT-AACE" = ATT-AACE "AVG8Uninstall" = AVG Free 8.5 "AVI Codec Pack" = AVI Codec Pack "AviSynth" = AviSynth 2.5 "Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card "CCleaner" = CCleaner (remove only) "CleanCache 3.0_is1" = CleanCache 3.5 "CopyTrans Suite" = CopyTrans Suite Remove Only "Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011) "DD Poker 3 " = DD Poker 3 "Dell Webcam Center" = Dell Webcam Center "Dell Webcam Manager" = Dell Webcam Manager "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DVD Decrypter" = DVD Decrypter (Remove Only) "DVDFab Platinum 4_is1" = DVDFab Platinum 4.1.0.2 "DVDx_is1" = DVDx "ENTERPRISE" = Microsoft Office Enterprise 2007 "ERUNT_is1" = ERUNT 1.1j "FastStone Image Viewer" = FastStone Image Viewer 3.5 "Flickr Uploadr" = Flickr Uploadr 3.0.5 "FLV Player" = FLV Player 2.0 (build 25) "Free Sound Recorder" = Free Sound Recorder "Free Video Converter_is1" = Free Video Converter V 1.4 "Gadwin PrintScreen" = Gadwin PrintScreen "Google Desktop" = Google Desktop "GoToAssist" = GoToAssist 8.0.0.514 "HijackThis" = HijackThis 2.0.2 "HP LaserJet P1000 series" = HP LaserJet P1000 series "InstallShield_{621C02EA-AAFF-4026-A903-165D59529A16}" = Driver Detective "InstallShield_{F5A83924-6A0A-40A2-9A9C-00D876B62E7F}" = FreeAgent Pro Tools "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "McFunSoft Video Capture_is1" = McFunSoft Video Capture v6.0.0.139 "McFunSoft Video Solution_is1" = McFunSoft Video Solution Trial Version (English) 8.0.4.20 "Megacubo_is1" = Megacubo 6.0.3 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mihov Picture Downloader" = Mihov Picture Downloader 1.4 (remove only) "Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1) "NVIDIA Drivers" = NVIDIA Drivers "RarZilla Free Unrar 2.52" = RarZilla Free Unrar 2.52 "Recover My Files_is1" = Recover My Files "Replay Video Capture3.1B" = Replay Video Capture "Simple File Shredder" = Simple File Shredder 3.2 "Sonic Foundry MP3 encoder" = Sonic Foundry MP3 encoder v1.0d "Sound Forge" = Sound Forge v4.5e final (329) "SpywareBlaster_is1" = SpywareBlaster 4.0 "SubtitleWorkshop" = Subtitle Workshop 2.51 "Total Audio Converter_is1" = AudioConverter "Total Video Converter 3.01_is1" = Total Video Converter 3.01 "Videora iPod Converter" = Videora iPod Converter 3.07 "ViewpointMediaPlayer" = Viewpoint Media Player "Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions "VobSub" = VobSub v2.23 (Remove Only) "WinAce Archiver" = WinAce Archiver "Winamp" = Winamp "X-VCD Player" = X-VCD Player "Xvid_is1" = Xvid 1.1.3 final uninstall "Yahoo! Messenger" = Yahoo! Messenger "YInstHelper" = Yahoo! Install Manager HKEY_CURRENT_USER Uninstall List [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "InstallShield_{8920EF0D-633E-46D1-9561-90E713E3145A}" = AutoBackup "Move Networks Player - IE" = Move Networks Media Player for Internet Explorer "uTorrent" = µTorrent Last 10 Event Log Errors


	Do you recognise these O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080800 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080804 AM.bat () Run OTL Under the Custom Scans/Fixes box at the bottom, paste in the following CODE :OTL PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O20 - AppInit_DLLs: (Files\RelevantKnowledge\rlai.dll) - File not found O33 - MountPoints2\{04e06c1b-03b2-11de-a7cc-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{057e4064-881d-11dd-a66f-001644ec2390}\Shell - "" = AutoRun O33 - MountPoints2\{057e4064-881d-11dd-a66f-001644ec2390}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found O33 - MountPoints2\{13a26675-7249-11dd-9b1b-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{1a1d9d55-fa43-11dd-91b0-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{253df904-5ea5-11dd-a249-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{2b1d741c-5de4-11dd-8d75-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{4a2c12ce-6ab0-11de-96eb-00219bd0b350}\Shell - "" = AutoRun O33 - MountPoints2\{4a2c12ce-6ab0-11de-96eb-00219bd0b350}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found O33 - MountPoints2\{4a9210aa-85f9-11dd-b79a-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{7424b09d-617b-11dd-ba47-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{873eb59f-81bb-11dd-bb80-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{996e1a80-46dc-11de-9fe3-00219bd0b350}\Shell - "" = AutoRun O33 - MountPoints2\{996e1a80-46dc-11de-9fe3-00219bd0b350}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- File not found O33 - MountPoints2\{9f82f4fa-7fa2-11dd-8b31-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{b5bb4a06-60ee-11dd-b887-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{b5bb4b49-60ee-11dd-b887-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\{cf629f8e-6820-11dd-bb6a-00219bd0b350}\Shell\Auto\command - "" = config.exe O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Install FreeAgent Tools.exe -- File not found [2009/07/09 21:51:08 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\Desktop\Arax Disk Doctor Data Recovery v3.1.036 + Crack [RH] [2009/06/27 16:30:31 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\Desktop\Sothink[1].SWF.Decompiler.v5.0.503.Cracked [2009/06/27 14:58:53 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\Desktop\Macromedia Flash MX Pro 2004, Keygen + How-To Guides :Services :Reg :Files :Commands [purity] [emptytemp] [Reboot] Then click the Run Fix button at the top Let the program run unhindered, reboot the PC when it is done Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.


	Thank you very much for your reply. [Quote: name='Rorschach112' date='Jul 11 2009, 06:02 PM' post='141389'] do you recognise these O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080800 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080804 AM.bat () No I don't. I did what you suggested. Here's the log. OTL logfile created on: 7/11/2009 6:37:16 PM - Run 2 OTL by OldTimer - Version 3.0.7.1 Folder = C:\Users\Luis\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18783) Locale: 409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 2.00 Gb Total Physical Memory \| 1.95 Gb Available Physical Memory \| 97.72% Memory free 4.00 Gb Paging File \| 4.00 Gb Available in Paging File \| 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files Drive C: \| 285.50 Gb Total Space \| 159.35 Gb Free Space \| 55.82% Space Free \| Partition Type: NTFS Drive D: \| 10.00 Gb Total Space \| 5.31 Gb Free Space \| 53.13% Space Free \| Partition Type: NTFS Drive E: \| 702.31 Mb Total Space \| 476.67 Mb Free Space \| 67.87% Space Free \| Partition Type: UDF Drive F: \| 247.20 Mb Total Space \| 246.28 Mb Free Space \| 99.63% Space Free \| Partition Type: FAT Drive G: \| 7.46 Gb Total Space \| 2.66 Gb Free Space \| 35.63% Space Free \| Partition Type: FAT32 H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LUISPC Current User Name: Luis Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 7 Days Output = Minimal Quick Scan Processes (SafeList) PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) PRC - C:\Program Files\Fingerprint Reader Suite\upeksvr.exe (UPEK Inc.) PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation) PRC - C:\Windows\System32\WLTRYSVC.EXE () PRC - C:\Windows\System32\bcmwltry.exe (Dell Inc.) PRC - C:\Windows\Explorer.EXE (Microsoft Corporation) PRC - C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe (Seagate LLC) PRC - C:\Windows\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE (Software 2000 Limited) PRC - C:\Windows\System32\aestsrv.exe (Andrea Electronics Corporation) PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation) PRC - C:\Program Files\Common Files\Motive\McciCMService.exe (Motive Communications, Inc.) PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Windows\System32\STacSV.exe (IDT, Inc.) PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation) PRC - C:\Windows\System32\wbem\wmiprvse.exe (Microsoft Corporation) PRC - C:\Program Files\Winamp\winampa.exe () PRC - C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH) PRC - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) PRC - C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe () PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files\HP\HP UT\bin\hppusg.exe ( ) PRC - C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe () PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe (Adobe Systems Incorporated) PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation) PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) PRC - C:\Program Files\Dell\Dell WUSB\WQ_Tray2.exe (WiQuest Communications, Inc.) PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Program Files\Fingerprint Reader Suite\psqltray.exe (UPEK Inc.) PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) PRC - C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\DellTPad\HidFind.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) PRC - C:\Program Files\DellTPad\Apntex.exe (Alps Electric Co., Ltd.) PRC - C:\Windows\System32\mobsync.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Users\Luis\Desktop\OTL.exe (OldTimer Tools) Win32 Services (SafeList) SRV - (AESTFilters [Auto \| Running]) -- C:\Windows\System32\aestsrv.exe (Andrea Electronics Corporation) SRV - (Apple Mobile Device [Auto \| Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (aspnet_state [On_Demand \| Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation) SRV - (avg8wd [Auto \| Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (Bonjour Service [Auto \| Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) SRV - (clr_optimization_v2.0.50727_32 [On_Demand \| Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (DockLoginService [Auto \| Running]) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation) SRV - (ehRecvr [On_Demand \| Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation) SRV - (ehSched [On_Demand \| Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation) SRV - (ehstart [Auto \| Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation) SRV - (Eventlog [Auto \| Running]) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation) SRV - (FontCache3.0.0.0 [On_Demand \| Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (GoogleDesktopManager-092308-165331 [On_Demand \| Stopped]) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) SRV - (GoToAssist [On_Demand \| Stopped]) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.) SRV - (IAANTMON [Auto \| Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation) SRV - (idsvc [Unknown \| Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (iPod Service [On_Demand \| Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) SRV - (Macromedia Licensing Service [On_Demand \| Stopped]) -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe () SRV - (McciCMService [Auto \| Running]) -- C:\Program Files\Common Files\Motive\McciCMService.exe (Motive Communications, Inc.) SRV - (NetTcpPortSharing [Disabled \| Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (nvsvc [Auto \| Running]) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) SRV - (odserv [On_Demand \| Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose [On_Demand \| Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (PCLEPCI [Auto \| Stopped]) -- C:\Windows\System32\drivers\pclepci.sys (Pinnacle Systems GmbH) SRV - (RapiMgr [Auto \| Running]) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (RoxLiveShare10 [Auto \| Stopped]) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (Sonic Solutions) SRV - (RoxMediaDB10 [On_Demand \| Stopped]) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions) SRV - (RoxWatch10 [Auto \| Stopped]) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe (Sonic Solutions) SRV - (SessionLauncher [Auto \| Stopped]) -- File not found SRV - (STacSV [Auto \| Running]) -- C:\Windows\System32\STacSV.exe (IDT, Inc.) SRV - (stllssvr [On_Demand \| Stopped]) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.) SRV - (usnjsvc [On_Demand \| Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation) SRV - (Viewpoint Manager Service [Auto \| Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) SRV - (WcesComm [Auto \| Running]) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (WinDefend [Auto \| Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (wltrysvc [Auto \| Running]) -- C:\Windows\System32\WLTRYSVC.EXE () SRV - (WMPNetworkSvc [Auto \| Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) Standard Registry (SafeList) Internet Explorer IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = .local FireFox FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.1 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/27 22:13:33 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/07/10 20:56:43 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/10 22:53:11 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/10 22:28:22 \| 00,000,000 \| ---D \| M] [2009/07/10 22:53:12 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Extensions [2009/07/10 22:53:12 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/02/08 16:53:40 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Extensions\uploadr@flickr.com [2009/07/10 22:57:03 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Firefox\Profiles\2g7yej1l.default\extensions [2009/07/10 22:57:03 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Firefox\Profiles\2g7yej1l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/07/10 22:28:23 \| 00,000,000 \| ---D \| M] -- C:\Program Files\mozilla firefox\extensions [2009/07/10 22:28:23 \| 00,000,000 \| ---D \| M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2008/07/02 18:52:45 \| 00,023,040 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2008/07/02 18:52:46 \| 00,134,144 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2009/07/07 21:36:18 \| 00,122,880 \| ---- \| M] (Google) -- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll [2009/02/24 12:34:32 \| 01,044,480 \| ---- \| M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll [2007/04/10 17:21:08 \| 00,163,256 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2009/02/24 12:34:14 \| 01,337,648 \| ---- \| M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll [2009/02/24 12:34:22 \| 00,098,304 \| ---- \| M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2008/07/02 18:52:47 \| 00,065,536 \| ---- \| M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2006/10/26 20:12:16 \| 00,016,192 \| ---- \| M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2008/10/14 22:33:30 \| 00,095,600 \| ---- \| M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2009/06/28 17:44:05 \| 00,143,360 \| ---- \| M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2009/06/28 17:44:05 \| 00,143,360 \| ---- \| M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2009/06/28 17:44:05 \| 00,143,360 \| ---- \| M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2009/06/28 17:44:05 \| 00,143,360 \| ---- \| M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2009/06/28 17:44:05 \| 00,143,360 \| ---- \| M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2009/06/28 17:44:06 \| 00,143,360 \| ---- \| M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2009/06/28 17:44:06 \| 00,143,360 \| ---- \| M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2007/04/16 10:07:12 \| 00,180,293 \| ---- \| M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll [2009/02/24 12:34:32 \| 00,200,704 \| ---- \| M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll [2008/07/02 09:31:38 \| 00,001,394 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml [2008/07/02 09:31:38 \| 00,002,193 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml [2008/07/02 09:31:38 \| 00,001,534 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml [2008/07/02 09:31:38 \| 00,002,642 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml [2008/07/02 09:31:38 \| 00,001,706 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2008/07/02 09:31:38 \| 00,001,178 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml [2008/07/02 09:31:38 \| 00,000,792 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml O1 HOSTS File: (291222 bytes) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 10029 more lines... O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.) O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( ) O4 - HKLM..\Run: [Google Desktop Search] File not found O4 - HKLM..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe () O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files\HP\HP UT\bin\hppusg.exe ( ) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe File not found O4 - HKLM..\Run: [Nitro PDF Printer Monitor] C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [PrintUtil] C:\Program Files\HP\HP Print Utility\PrintUtil.exe File not found O4 - HKLM..\Run: [PSQLLauncher] File not found O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems) O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation) O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found O4 - HKCU..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe (Pinnacle Systems) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoBackup Launcher.lnk = C:\Program Files\Seagate\AutoBackup\MemeoLauncher.exe (Memeo Inc.) O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080800 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080804 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080808 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat101355 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat102727 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114630 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114631 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115456 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115458 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115503 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120757 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120805 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120823 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120828 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120829 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120830 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120831 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat175419 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180812 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180816 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280820 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280824 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280828 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380832 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380836 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480743 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480840 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480845 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480849 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580756 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580853 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580857 AM.bat () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\0 7 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites) O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: 64 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll (Installation Support) O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab (MSN Games Texas Holdem Poker) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/...k.cab102118.cab (MSN Games - Installer) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\program) - File not found O20 - AppInit_DLLs: (c:\progra~1\google\google~1\goec62~1.dll) - c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/08/08 19:17:50 \| 00,000,121 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009/05/22 12:25:20 \| 00,000,096 \| -HS- \| M] () - G:\AUTORUN.INF -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: () - File not found Files/Folders - Created Within 7 Days [2009/07/11 18:32:36 \| 00,000,000 \| ---D \| C] -- C:\_OTL [2009/07/11 15:36:45 \| 00,000,000 \| ---D \| C] -- C:\Program Files\SopCast [2009/07/11 15:31:36 \| 04,528,668 \| -H-- \| C] () -- C:\Users\Luis\AppData\Local\IconCache.db [2009/07/11 14:58:22 \| 00,000,000 \| ---D \| C] -- C:\Rooter$ [2009/07/11 14:57:18 \| 00,513,536 \| ---- \| C] (OldTimer Tools) -- C:\Users\Luis\Desktop\OTL.exe [2009/07/11 14:57:18 \| 00,173,119 \| ---- \| C] (Eric_71) -- C:\Users\Luis\Desktop\Rooter.exe [2009/07/11 14:39:05 \| 00,000,000 \| ---D \| C] -- C:\Windows\ERDNT [2009/07/11 14:38:53 \| 00,000,915 \| ---- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2009/07/11 14:38:35 \| 00,000,000 \| ---D \| C] -- C:\Program Files\ERUNT [2009/07/11 14:22:24 \| 00,265,216 \| ---- \| C] (OldTimer Tools) -- C:\Users\Luis\Desktop\TFC.exe [2009/07/11 14:22:15 \| 00,794,112 \| ---- \| C] () -- C:\Users\Luis\Desktop\The_Comedian.exe [2009/07/11 13:12:46 \| 00,000,000 \| R--D \| C] -- C:\Users\Luis\Desktop\hijackthis [2009/07/11 13:07:52 \| 00,000,000 \| ---D \| C] -- C:\Program Files\SpywareBlaster [2009/07/11 12:53:07 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Alwil Software [2009/07/10 22:57:41 \| 00,068,487 \| ---- \| C] () -- C:\Users\Luis\Desktop\bookmarks.html [2009/07/10 22:53:14 \| 00,000,000 \| ---- \| C] () -- C:\Windows\nsreg.dat [2009/07/10 21:54:24 \| 00,000,000 \| ---D \| C] -- C:\ProgramData\SUPERAntiSpyware.com [2009/07/10 21:53:55 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\AppData\Roaming\SUPERAntiSpyware.com [2009/07/10 21:53:55 \| 00,000,000 \| ---D \| C] -- C:\Program Files\SUPERAntiSpyware [2009/07/10 21:37:25 \| 00,002,085 \| ---- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoBackup Launcher.lnk [2009/07/10 21:37:25 \| 00,001,828 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ultrawideband Control Center.lnk [2009/07/10 21:37:25 \| 00,001,031 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk [2009/07/10 21:12:06 \| 00,000,000 \| ---D \| C] -- C:\Windows\pss [2009/07/10 21:05:17 \| 00,000,000 \| -H-D \| C] -- C:\$AVG8.VAULT$ [2009/07/10 20:56:57 \| 00,011,952 \| ---- \| C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll [2009/07/10 20:56:56 \| 00,108,552 \| ---- \| C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys [2009/07/10 20:56:52 \| 38,072,861 \| ---- \| C] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2009/07/10 20:56:52 \| 06,061,540 \| ---- \| C] () -- C:\Windows\System32\drivers\Avg\avi7.avg [2009/07/10 20:56:52 \| 00,463,779 \| ---- \| C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg [2009/07/10 20:56:52 \| 00,335,752 \| ---- \| C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys [2009/07/10 20:56:52 \| 00,025,155 \| ---- \| C] () -- C:\Windows\System32\drivers\Avg\microavi.avg [2009/07/10 20:56:52 \| 00,000,000 \| ---D \| C] -- C:\Windows\System32\drivers\Avg [2009/07/10 20:56:42 \| 00,000,000 \| ---D \| C] -- C:\ProgramData\avg8 [2009/07/10 20:56:42 \| 00,000,000 \| ---D \| C] -- C:\Program Files\AVG [2009/07/10 20:45:52 \| 00,027,784 \| ---- \| C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys [2009/07/10 20:45:48 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Grisoft [2009/07/10 08:08:57 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580857 AM.bat [2009/07/10 08:08:53 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580853 AM.bat [2009/07/10 08:08:49 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480849 AM.bat [2009/07/10 08:08:45 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480845 AM.bat [2009/07/10 08:08:40 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480840 AM.bat [2009/07/10 08:08:36 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380836 AM.bat [2009/07/10 08:08:32 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380832 AM.bat [2009/07/10 08:08:28 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280828 AM.bat [2009/07/10 08:08:24 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280824 AM.bat [2009/07/10 08:08:20 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280820 AM.bat [2009/07/10 08:08:16 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180816 AM.bat [2009/07/10 08:08:12 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180812 AM.bat [2009/07/10 08:08:08 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080808 AM.bat [2009/07/10 08:08:04 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080804 AM.bat [2009/07/10 08:08:00 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080800 AM.bat [2009/07/10 08:07:56 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580756 AM.bat [2009/07/10 08:07:43 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480743 AM.bat [2009/07/10 07:54:19 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat175419 AM.bat [2009/07/10 00:08:31 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120831 AM.bat [2009/07/10 00:08:30 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120830 AM.bat [2009/07/10 00:08:29 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120829 AM.bat [2009/07/10 00:08:28 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120828 AM.bat [2009/07/10 00:08:23 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120823 AM.bat [2009/07/10 00:08:05 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120805 AM.bat [2009/07/10 00:07:57 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120757 AM.bat [2009/07/09 23:55:03 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115503 PM.bat [2009/07/09 23:54:58 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115458 PM.bat [2009/07/09 23:54:57 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115456 PM.bat [2009/07/09 23:46:31 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114631 PM.bat [2009/07/09 23:46:30 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114630 PM.bat [2009/07/09 22:29:57 \| 00,005,016 \| -HS- \| C] () -- C:\Windows\E88D4.exe [2009/07/09 22:27:27 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat102727 PM.bat [2009/07/09 22:18:23 \| 00,000,000 \| ---D \| C] -- C:\Program Files\ARAX Disk Doctor Data Recovery [2009/07/09 22:13:55 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat101355 PM.bat [2009/07/09 21:54:13 \| 00,193,061 \| ---- \| C] () -- C:\Windows\System32\AdobeFnt.lst [2009/07/09 21:51:08 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\Desktop\Arax Disk Doctor Data Recovery v3.1.036 + Crack [RH] [2009/07/09 21:26:09 \| 00,068,232 \| ---- \| C] (JGsoft - Just Great Software) -- C:\Windows\UnDeployV.exe [2009/07/07 21:36:53 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\Documents\My Google Gadgets [2009/07/07 21:36:09 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Google Files - Modified Within 7 Days [2009/07/11 18:34:51 \| 00,088,616 \| ---- \| M] () -- C:\ProgramData\nvModes.001 [2009/07/11 18:34:14 \| 00,003,616 \| -H-- \| M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/07/11 18:34:14 \| 00,003,616 \| -H-- \| M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/07/11 18:34:14 \| 00,000,006 \| -H-- \| M] () -- C:\Windows\tasks\SA.DAT [2009/07/11 18:34:10 \| 00,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2009/07/11 17:50:22 \| 38,072,861 \| ---- \| M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2009/07/11 17:50:22 \| 00,025,155 \| ---- \| M] () -- C:\Windows\System32\drivers\Avg\microavi.avg [2009/07/11 17:22:24 \| 00,000,416 \| -H-- \| M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D1CAD405-44FD-4870-A5EA-E558523335D5}.job [2009/07/11 17:07:03 \| 00,751,146 \| ---- \| M] () -- C:\Windows\System32\PerfStringBackup.INI [2009/07/11 17:07:03 \| 00,636,992 \| ---- \| M] () -- C:\Windows\System32\perfh009.dat [2009/07/11 17:07:03 \| 00,118,088 \| ---- \| M] () -- C:\Windows\System32\perfc009.dat [2009/07/11 16:59:53 \| 04,528,668 \| -H-- \| M] () -- C:\Users\Luis\AppData\Local\IconCache.db [2009/07/11 14:50:24 \| 00,513,536 \| ---- \| M] (OldTimer Tools) -- C:\Users\Luis\Desktop\OTL.exe [2009/07/11 14:49:52 \| 00,173,119 \| ---- \| M] (Eric_71) -- C:\Users\Luis\Desktop\Rooter.exe [2009/07/11 14:38:53 \| 00,000,915 \| ---- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2009/07/11 14:22:52 \| 00,265,216 \| ---- \| M] (OldTimer Tools) -- C:\Users\Luis\Desktop\TFC.exe [2009/07/11 14:22:20 \| 00,794,112 \| ---- \| M] () -- C:\Users\Luis\Desktop\The_Comedian.exe [2009/07/11 12:53:34 \| 00,002,577 \| ---- \| M] () -- C:\Windows\System32\config.nt [2009/07/10 22:56:14 \| 00,068,487 \| ---- \| M] () -- C:\Users\Luis\Desktop\bookmarks.html [2009/07/10 22:53:14 \| 00,000,000 \| ---- \| M] () -- C:\Windows\nsreg.dat [2009/07/10 22:49:18 \| 00,291,222 \| R--- \| M] () -- C:\Windows\System32\drivers\etc\hosts [2009/07/10 21:00:56 \| 00,463,779 \| ---- \| M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg [2009/07/10 20:56:57 \| 00,011,952 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll [2009/07/10 20:56:56 \| 00,108,552 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys [2009/07/10 20:56:52 \| 06,061,540 \| ---- \| M] () -- C:\Windows\System32\drivers\Avg\avi7.avg [2009/07/10 20:56:52 \| 00,335,752 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys [2009/07/10 20:56:52 \| 00,027,784 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys [2009/07/10 08:08:57 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580857 AM.bat [2009/07/10 08:08:53 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580853 AM.bat [2009/07/10 08:08:49 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480849 AM.bat [2009/07/10 08:08:45 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480845 AM.bat [2009/07/10 08:08:40 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480840 AM.bat [2009/07/10 08:08:36 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380836 AM.bat [2009/07/10 08:08:32 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380832 AM.bat [2009/07/10 08:08:28 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280828 AM.bat [2009/07/10 08:08:24 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280824 AM.bat [2009/07/10 08:08:20 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280820 AM.bat [2009/07/10 08:08:16 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180816 AM.bat [2009/07/10 08:08:12 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180812 AM.bat [2009/07/10 08:08:08 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080808 AM.bat [2009/07/10 08:08:04 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080804 AM.bat [2009/07/10 08:08:00 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080800 AM.bat [2009/07/10 08:07:56 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580756 AM.bat [2009/07/10 08:07:43 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480743 AM.bat [2009/07/10 07:54:19 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat175419 AM.bat [2009/07/10 00:08:31 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120831 AM.bat [2009/07/10 00:08:30 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120830 AM.bat [2009/07/10 00:08:29 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120829 AM.bat [2009/07/10 00:08:28 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120828 AM.bat [2009/07/10 00:08:23 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120823 AM.bat [2009/07/10 00:08:05 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120805 AM.bat [2009/07/10 00:07:57 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120757 AM.bat [2009/07/09 23:55:03 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115503 PM.bat [2009/07/09 23:55:03 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115458 PM.bat [2009/07/09 23:54:58 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115456 PM.bat [2009/07/09 23:46:31 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114631 PM.bat [2009/07/09 23:46:30 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114630 PM.bat [2009/07/09 22:30:37 \| 00,005,016 \| -HS- \| M] () -- C:\Windows\E88D4.exe [2009/07/09 22:27:27 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat102727 PM.bat [2009/07/09 22:18:02 \| 00,000,349 \| ---- \| M] () -- C:\Users\Public\Documents\PCLECHAL.INI [2009/07/09 22:13:55 \| 00,000,142 \| -HS- \| M] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat101355 PM.bat [2009/07/09 21:54:13 \| 00,193,061 \| ---- \| M] () -- C:\Windows\System32\AdobeFnt.lst [2009/07/08 02:50:43 \| 00,173,568 \| ---- \| M] () -- C:\Users\Luis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/07/05 15:16:44 \| 00,088,616 \| ---- \| M] () -- C:\ProgramData\nvModes.dat Alternate Data Streams


	Is this a work PC ? They could be related to that


	No, this is my home PC. The fact that I can make the browsers work when I start the computer in safe mode, does that make it a start up problem?


	Hi Run OTL Under the Custom Scans/Fixes box at the bottom, paste in the following CODE :OTL O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080800 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080804 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080808 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat101355 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat102727 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114630 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114631 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115456 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115458 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115503 PM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120757 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120805 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120823 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120828 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120829 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120830 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120831 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat175419 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180812 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180816 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280820 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280824 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280828 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380832 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380836 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480743 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480840 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480845 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480849 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580756 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580853 AM.bat () O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580857 AM.bat () [2009/07/10 08:08:57 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580857 AM.bat [2009/07/10 08:08:53 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580853 AM.bat [2009/07/10 08:08:49 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480849 AM.bat [2009/07/10 08:08:45 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480845 AM.bat [2009/07/10 08:08:40 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480840 AM.bat [2009/07/10 08:08:36 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380836 AM.bat [2009/07/10 08:08:32 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat380832 AM.bat [2009/07/10 08:08:28 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280828 AM.bat [2009/07/10 08:08:24 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280824 AM.bat [2009/07/10 08:08:20 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat280820 AM.bat [2009/07/10 08:08:16 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180816 AM.bat [2009/07/10 08:08:12 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat180812 AM.bat [2009/07/10 08:08:08 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080808 AM.bat [2009/07/10 08:08:04 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080804 AM.bat [2009/07/10 08:08:00 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat080800 AM.bat [2009/07/10 08:07:56 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat580756 AM.bat [2009/07/10 08:07:43 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat480743 AM.bat [2009/07/10 07:54:19 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat175419 AM.bat [2009/07/10 00:08:31 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120831 AM.bat [2009/07/10 00:08:30 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120830 AM.bat [2009/07/10 00:08:29 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120829 AM.bat [2009/07/10 00:08:28 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120828 AM.bat [2009/07/10 00:08:23 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120823 AM.bat [2009/07/10 00:08:05 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120805 AM.bat [2009/07/10 00:07:57 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat120757 AM.bat [2009/07/09 23:55:03 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115503 PM.bat [2009/07/09 23:54:58 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115458 PM.bat [2009/07/09 23:54:57 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat115456 PM.bat [2009/07/09 23:46:31 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114631 PM.bat [2009/07/09 23:46:30 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat114630 PM.bat [2009/07/09 22:29:57 \| 00,005,016 \| -HS- \| C] () -- C:\Windows\E88D4.exe [2009/07/09 22:27:27 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat102727 PM.bat [2009/07/09 22:13:55 \| 00,000,142 \| -HS- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mel.bat101355 PM.bat [2009/07/09 21:51:08 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\Desktop\Arax Disk Doctor Data Recovery v3.1.036 + Crack [RH] :Services :Reg :Files :Commands [purity] [emptytemp] [Reboot] Then click the Run Fix button at the top Let the program run unhindered, reboot the PC when it is done Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.


	Thanks. Here we go: OTL logfile created on: 7/12/2009 11:17:41 AM - Run 3 OTL by OldTimer - Version 3.0.7.1 Folder = C:\Users\Luis\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 2.00 Gb Total Physical Memory \| 1.80 Gb Available Physical Memory \| 89.80% Memory free 4.00 Gb Paging File \| 4.00 Gb Available in Paging File \| 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files Drive C: \| 285.50 Gb Total Space \| 158.85 Gb Free Space \| 55.64% Space Free \| Partition Type: NTFS Drive D: \| 10.00 Gb Total Space \| 5.31 Gb Free Space \| 53.13% Space Free \| Partition Type: NTFS E: Drive not present or media not loaded Drive F: \| 247.20 Mb Total Space \| 246.37 Mb Free Space \| 99.66% Space Free \| Partition Type: FAT Drive G: \| 7.46 Gb Total Space \| 2.66 Gb Free Space \| 35.63% Space Free \| Partition Type: FAT32 H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LUISPC Current User Name: Luis Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: On Skip Microsoft Files: On File Age = 7 Days Output = Minimal Quick Scan Processes (SafeList) PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation) PRC - C:\Program Files\Fingerprint Reader Suite\upeksvr.exe (UPEK Inc.) PRC - C:\Windows\System32\WLTRYSVC.EXE () PRC - C:\Windows\System32\bcmwltry.exe (Dell Inc.) PRC - C:\Windows\Explorer.EXE (Microsoft Corporation) PRC - C:\Program Files\Seagate\SystemTray\StxMenuMgr.exe (Seagate LLC) PRC - C:\Windows\System32\aestsrv.exe (Andrea Electronics Corporation) PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation) PRC - C:\Program Files\Common Files\Motive\McciCMService.exe (Motive Communications, Inc.) PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Windows\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE (Software 2000 Limited) PRC - C:\Windows\System32\STacSV.exe (IDT, Inc.) PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation) PRC - C:\Windows\notepad.exe (Microsoft Corporation) PRC - C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe () PRC - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Winamp\winampa.exe () PRC - C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH) PRC - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) PRC - C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe () PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files\HP\HP UT\bin\hppusg.exe ( ) PRC - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Fingerprint Reader Suite\psqltray.exe (UPEK Inc.) PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation) PRC - C:\Users\Luis\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) PRC - C:\Program Files\Dell\Dell WUSB\WQ_Tray2.exe (WiQuest Communications, Inc.) PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) PRC - C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Program Files\DellTPad\Apntex.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\DellTPad\HidFind.exe (Alps Electric Co., Ltd.) PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) PRC - C:\Windows\System32\mobsync.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) PRC - C:\Program Files\Internet Explorer\ieuser.exe (Microsoft Corporation) PRC - C:\Users\Luis\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Windows\System32\wbem\WMIADAP.EXE (Microsoft Corporation) PRC - C:\Windows\System32\wbem\wmiprvse.exe (Microsoft Corporation) PRC - C:\Users\Luis\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Users\Luis\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Users\Luis\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Users\Luis\Desktop\OTL.exe (OldTimer Tools) Win32 Services (SafeList) SRV - (AESTFilters [Auto \| Running]) -- C:\Windows\System32\aestsrv.exe (Andrea Electronics Corporation) SRV - (Apple Mobile Device [Auto \| Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (aspnet_state [On_Demand \| Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation) SRV - (avg8wd [Auto \| Running]) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (Bonjour Service [Auto \| Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) SRV - (clr_optimization_v2.0.50727_32 [On_Demand \| Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (DockLoginService [Auto \| Running]) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation) SRV - (ehRecvr [On_Demand \| Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation) SRV - (ehSched [On_Demand \| Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation) SRV - (ehstart [Auto \| Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation) SRV - (Eventlog [Auto \| Running]) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation) SRV - (FontCache3.0.0.0 [On_Demand \| Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (GoogleDesktopManager-092308-165331 [On_Demand \| Stopped]) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) SRV - (GoToAssist [On_Demand \| Stopped]) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.) SRV - (IAANTMON [Auto \| Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation) SRV - (idsvc [Unknown \| Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (iPod Service [On_Demand \| Running]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) SRV - (Macromedia Licensing Service [On_Demand \| Stopped]) -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe () SRV - (McciCMService [Auto \| Running]) -- C:\Program Files\Common Files\Motive\McciCMService.exe (Motive Communications, Inc.) SRV - (NetTcpPortSharing [Disabled \| Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (nvsvc [Auto \| Running]) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) SRV - (odserv [On_Demand \| Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose [On_Demand \| Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (PCLEPCI [Auto \| Stopped]) -- C:\Windows\System32\drivers\pclepci.sys (Pinnacle Systems GmbH) SRV - (RapiMgr [Auto \| Running]) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (RoxLiveShare10 [Auto \| Stopped]) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe (Sonic Solutions) SRV - (RoxMediaDB10 [On_Demand \| Stopped]) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe (Sonic Solutions) SRV - (RoxWatch10 [Auto \| Stopped]) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe (Sonic Solutions) SRV - (SessionLauncher [Auto \| Stopped]) -- File not found SRV - (STacSV [Auto \| Running]) -- C:\Windows\System32\STacSV.exe (IDT, Inc.) SRV - (stllssvr [On_Demand \| Stopped]) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.) SRV - (usnjsvc [On_Demand \| Stopped]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation) SRV - (Viewpoint Manager Service [Auto \| Running]) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation) SRV - (WcesComm [Auto \| Running]) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (WinDefend [Auto \| Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (wltrysvc [Auto \| Running]) -- C:\Windows\System32\WLTRYSVC.EXE () SRV - (WMPNetworkSvc [Auto \| Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) Standard Registry (SafeList) Internet Explorer IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&cl...amp;ibd=0080724 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = .local FireFox FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.1 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/27 22:13:33 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/07/10 20:56:43 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/07/11 23:37:15 \| 00,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/07/11 23:37:13 \| 00,000,000 \| ---D \| M] [2009/07/10 22:53:12 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Extensions [2009/07/10 22:53:12 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009/02/08 16:53:40 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Extensions\uploadr@flickr.com [2009/07/10 22:57:03 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Firefox\Profiles\2g7yej1l.default\extensions [2009/07/10 22:57:03 \| 00,000,000 \| ---D \| M] -- C:\Users\Luis\AppData\Roaming\mozilla\Firefox\Profiles\2g7yej1l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009/07/11 23:37:13 \| 00,000,000 \| ---D \| M] -- C:\Program Files\mozilla firefox\extensions [2009/07/11 23:37:13 \| 00,000,000 \| ---D \| M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2008/07/02 18:52:45 \| 00,023,040 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll [2008/07/02 18:52:46 \| 00,134,144 \| ---- \| M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll [2008/07/02 18:52:47 \| 00,065,536 \| ---- \| M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll [2008/07/02 09:31:38 \| 00,001,394 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml [2008/07/02 09:31:38 \| 00,002,193 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml [2008/07/02 09:31:38 \| 00,001,534 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml [2008/07/02 09:31:38 \| 00,002,642 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml [2008/07/02 09:31:38 \| 00,001,706 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml [2008/07/02 09:31:38 \| 00,001,178 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml [2008/07/02 09:31:38 \| 00,000,792 \| ---- \| M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml O1 HOSTS File: (291222 bytes) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 10029 more lines... O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation) O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.) O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( ) O4 - HKLM..\Run: [Google Desktop Search] File not found O4 - HKLM..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe () O4 - HKLM..\Run: [HPUsageTracking] C:\Program Files\HP\HP UT\bin\hppusg.exe ( ) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe File not found O4 - HKLM..\Run: [Nitro PDF Printer Monitor] C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.) O4 - HKLM..\Run: [PrintUtil] C:\Program Files\HP\HP Print Utility\PrintUtil.exe File not found O4 - HKLM..\Run: [PSQLLauncher] File not found O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.) O4 - HKLM..\Run: [USB2Check] C:\Windows\System32\PCLECoInst.DLL (Pinnacle Systems) O4 - HKLM..\Run: [USBToolTip] C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation) O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation) O4 - HKCU..\Run: [Google Update] C:\Users\Luis\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe File not found O4 - HKCU..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe (Pinnacle Systems) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) O4 - Startup: C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoBackup Launcher.lnk = C:\Program Files\Seagate\AutoBackup\MemeoLauncher.exe (Memeo Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0 O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\0 7 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone. O15 - HKCU\..Trusted Domains: 56 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll (Installation Support) O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} http://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab (MSN Games Texas Holdem Poker) O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/...k.cab102118.cab (MSN Games - Installer) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\program) - File not found O20 - AppInit_DLLs: (c:\progra~1\google\google~1\goec62~1.dll) - c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (vrlogon.dll) - C:\Windows\System32\vrlogon.dll (UPEK Inc.) O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com) O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.) O20 - Winlogon\Notify\psfus: DllName - C:\Windows\system32\psqlpwd.dll - C:\Windows\System32\psqlpwd.dll (UPEK Inc.) O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008/08/08 19:17:50 \| 00,000,121 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009/05/22 12:25:20 \| 00,000,096 \| -HS- \| M] () - G:\AUTORUN.INF -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: () - File not found Files/Folders - Created Within 7 Days [2009/07/11 23:37:16 \| 00,001,726 \| ---- \| C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2009/07/11 23:37:12 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Mozilla Firefox [2009/07/11 21:40:23 \| 00,000,000 \| R--D \| C] -- C:\Users\Luis\Desktop\Favorites [2009/07/11 21:29:19 \| 02,676,863 \| -H-- \| C] () -- C:\Users\Luis\AppData\Local\IconCache.db [2009/07/11 21:22:05 \| 00,002,085 \| ---- \| C] () -- C:\Users\Luis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoBackup Launcher.lnk [2009/07/11 21:22:05 \| 00,001,828 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ultrawideband Control Center.lnk [2009/07/11 21:22:05 \| 00,001,031 \| ---- \| C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk [2009/07/11 21:21:13 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\Documents\Downloads [2009/07/11 21:21:01 \| 00,002,039 \| ---- \| C] () -- C:\Users\Luis\Desktop\Google Chrome.lnk [2009/07/11 21:20:07 \| 00,000,852 \| ---- \| C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1714148476-2385143438-1770491188-1000Core.job [2009/07/11 18:32:36 \| 00,000,000 \| ---D \| C] -- C:\_OTL [2009/07/11 14:58:22 \| 00,000,000 \| ---D \| C] -- C:\Rooter$ [2009/07/11 14:57:18 \| 00,513,536 \| ---- \| C] (OldTimer Tools) -- C:\Users\Luis\Desktop\OTL.exe [2009/07/11 14:57:18 \| 00,173,119 \| ---- \| C] (Eric_71) -- C:\Users\Luis\Desktop\Rooter.exe [2009/07/11 14:39:05 \| 00,000,000 \| ---D \| C] -- C:\Windows\ERDNT [2009/07/11 14:22:24 \| 00,265,216 \| ---- \| C] (OldTimer Tools) -- C:\Users\Luis\Desktop\TFC.exe [2009/07/11 14:22:15 \| 00,794,112 \| ---- \| C] () -- C:\Users\Luis\Desktop\The_Comedian.exe [2009/07/11 13:12:46 \| 00,000,000 \| R--D \| C] -- C:\Users\Luis\Desktop\hijackthis [2009/07/11 13:07:52 \| 00,000,000 \| ---D \| C] -- C:\Program Files\SpywareBlaster [2009/07/10 22:57:41 \| 00,068,487 \| ---- \| C] () -- C:\Users\Luis\Desktop\bookmarks.html [2009/07/10 22:53:14 \| 00,000,000 \| ---- \| C] () -- C:\Windows\nsreg.dat [2009/07/10 21:54:24 \| 00,000,000 \| ---D \| C] -- C:\ProgramData\SUPERAntiSpyware.com [2009/07/10 21:53:55 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\AppData\Roaming\SUPERAntiSpyware.com [2009/07/10 21:53:55 \| 00,000,000 \| ---D \| C] -- C:\Program Files\SUPERAntiSpyware [2009/07/10 21:12:06 \| 00,000,000 \| ---D \| C] -- C:\Windows\pss [2009/07/10 21:05:17 \| 00,000,000 \| -H-D \| C] -- C:\$AVG8.VAULT$ [2009/07/10 20:56:57 \| 00,011,952 \| ---- \| C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll [2009/07/10 20:56:56 \| 00,108,552 \| ---- \| C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys [2009/07/10 20:56:52 \| 38,089,105 \| ---- \| C] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2009/07/10 20:56:52 \| 06,061,540 \| ---- \| C] () -- C:\Windows\System32\drivers\Avg\avi7.avg [2009/07/10 20:56:52 \| 00,463,779 \| ---- \| C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg [2009/07/10 20:56:52 \| 00,335,752 \| ---- \| C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys [2009/07/10 20:56:52 \| 00,025,283 \| ---- \| C] () -- C:\Windows\System32\drivers\Avg\microavi.avg [2009/07/10 20:56:52 \| 00,000,000 \| ---D \| C] -- C:\Windows\System32\drivers\Avg [2009/07/10 20:56:42 \| 00,000,000 \| ---D \| C] -- C:\ProgramData\avg8 [2009/07/10 20:56:42 \| 00,000,000 \| ---D \| C] -- C:\Program Files\AVG [2009/07/10 20:45:52 \| 00,027,784 \| ---- \| C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys [2009/07/09 21:54:13 \| 00,193,061 \| ---- \| C] () -- C:\Windows\System32\AdobeFnt.lst [2009/07/09 21:26:09 \| 00,068,232 \| ---- \| C] (JGsoft - Just Great Software) -- C:\Windows\UnDeployV.exe [2009/07/07 21:36:53 \| 00,000,000 \| ---D \| C] -- C:\Users\Luis\Documents\My Google Gadgets [2009/07/07 21:36:09 \| 00,000,000 \| ---D \| C] -- C:\Program Files\Google Files - Modified Within 7 Days [2009/07/12 11:17:10 \| 00,751,146 \| ---- \| M] () -- C:\Windows\System32\PerfStringBackup.INI [2009/07/12 11:17:10 \| 00,636,992 \| ---- \| M] () -- C:\Windows\System32\perfh009.dat [2009/07/12 11:17:10 \| 00,118,088 \| ---- \| M] () -- C:\Windows\System32\perfc009.dat [2009/07/12 11:14:05 \| 00,088,616 \| ---- \| M] () -- C:\ProgramData\nvModes.001 [2009/07/12 11:10:40 \| 00,003,616 \| -H-- \| M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/07/12 11:10:40 \| 00,003,616 \| -H-- \| M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/07/12 11:10:39 \| 00,000,006 \| -H-- \| M] () -- C:\Windows\tasks\SA.DAT [2009/07/12 11:10:36 \| 00,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2009/07/12 09:39:36 \| 38,089,105 \| ---- \| M] () -- C:\Windows\System32\drivers\Avg\incavi.avm [2009/07/12 09:39:36 \| 00,025,283 \| ---- \| M] () -- C:\Windows\System32\drivers\Avg\microavi.avg [2009/07/11 23:37:16 \| 00,001,726 \| ---- \| M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2009/07/11 23:31:16 \| 00,000,349 \| ---- \| M] () -- C:\Users\Public\Documents\PCLECHAL.INI [2009/07/11 21:29:19 \| 02,676,863 \| -H-- \| M] () -- C:\Users\Luis\AppData\Local\IconCache.db [2009/07/11 21:21:01 \| 00,002,039 \| ---- \| M] () -- C:\Users\Luis\Desktop\Google Chrome.lnk [2009/07/11 21:20:07 \| 00,000,852 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1714148476-2385143438-1770491188-1000Core.job [2009/07/11 17:22:24 \| 00,000,416 \| -H-- \| M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D1CAD405-44FD-4870-A5EA-E558523335D5}.job [2009/07/11 14:50:24 \| 00,513,536 \| ---- \| M] (OldTimer Tools) -- C:\Users\Luis\Desktop\OTL.exe [2009/07/11 14:49:52 \| 00,173,119 \| ---- \| M] (Eric_71) -- C:\Users\Luis\Desktop\Rooter.exe [2009/07/11 14:22:52 \| 00,265,216 \| ---- \| M] (OldTimer Tools) -- C:\Users\Luis\Desktop\TFC.exe [2009/07/11 14:22:20 \| 00,794,112 \| ---- \| M] () -- C:\Users\Luis\Desktop\The_Comedian.exe [2009/07/11 12:53:34 \| 00,002,577 \| ---- \| M] () -- C:\Windows\System32\config.nt [2009/07/10 22:56:14 \| 00,068,487 \| ---- \| M] () -- C:\Users\Luis\Desktop\bookmarks.html [2009/07/10 22:53:14 \| 00,000,000 \| ---- \| M] () -- C:\Windows\nsreg.dat [2009/07/10 22:49:18 \| 00,291,222 \| R--- \| M] () -- C:\Windows\System32\drivers\etc\hosts [2009/07/10 21:00:56 \| 00,463,779 \| ---- \| M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg [2009/07/10 20:56:57 \| 00,011,952 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll [2009/07/10 20:56:56 \| 00,108,552 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys [2009/07/10 20:56:52 \| 06,061,540 \| ---- \| M] () -- C:\Windows\System32\drivers\Avg\avi7.avg [2009/07/10 20:56:52 \| 00,335,752 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys [2009/07/10 20:56:52 \| 00,027,784 \| ---- \| M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys [2009/07/09 21:54:13 \| 00,193,061 \| ---- \| M] () -- C:\Windows\System32\AdobeFnt.lst [2009/07/08 02:50:43 \| 00,173,568 \| ---- \| M] () -- C:\Users\Luis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/07/05 15:16:44 \| 00,088,616 \| ---- \| M] () -- C:\ProgramData\nvModes.dat Alternate Data Streams


	Hi Download TFC to your desktop Open the file and close any other windows. It will close all programs itself when run, make sure to let it run uninterrupted. Click the Start button to begin the process. The program should not take long to finish its job Once its finished it should reboot your machine , if not, do this yourself to ensure a complete clean Please download Malwarebytes' Anti-Malware from Here Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware , then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select " Perform Quick Scan ", then click Scan . The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked , and click Remove Selected . When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly. Go to Kaspersky website and perform an online antivirus scan. Read through the requirements and privacy statement and click on Accept button. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run . When the downloads have finished, click on Settings . Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs Archives Mail databases Click on My Computer under Scan . Once the scan is complete, it will display the results. Click on View Scan Report . You will see a list of infected items there. Click on Save Report As... . Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.


	The logs for Malwarebytes' Anti-Malware and Kaspersky follow this brief message. I could only run Kaspersky with my computer in safe mode because neither IE or Mozilla are connecting to the internet unless the computer is booted in safe mode. Chrome works fine after a regular boot, but I am not being able to make Kaspersky run in Chrome even after following specific instructions for such. Therefore I ask: is it OK that I ran Kaspersky in IE with the computer booted in safe mode? Here are the logs and again, thank you for your assistance. ***Malwarebytes' Anti-Malware: Malwarebytes' Anti-Malware 1.38 Database version: 2413 Windows 6.0.6001 Service Pack 1 7/12/2009 3:47:33 PM mbam-log-2009-07-12 (15-47-33).txt Scan type: Full Scan (C:\\|) Objects scanned: 246841 Time elapsed: 1 hour(s), 3 minute(s), 5 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 33 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_CLASSES_ROOT\CLSID\{46c166aa-3108-11d4-9348-00c04f8eeb71}\inprocserver32\(default) (Hijack.Hnetcfg) -> Bad: (\\?\globalroot\systemroot\installer\fc9a5.msi) Good: (hnetcfg.dll) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: c:\program files\Megacubo\bin\sopcore.exe (Rogue.Installer) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat080800 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat080804 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat080808 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat101355 PM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat102727 PM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat114630 PM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat114631 PM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat115456 PM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat115458 PM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat115503 PM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat120757 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat120805 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat120823 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat120828 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat120829 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat120830 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat120831 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat175419 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat180812 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat180816 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat280820 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat280824 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat280828 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat380832 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat380836 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat480743 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat480840 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat480845 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat480849 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat580756 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat580853 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. c:\Users\Luis\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\mel.bat580857 AM.bat (Trojan.Agent.M1) -> Quarantined and deleted successfully. KASPERSKY ONLINE SCANNER 7.0 REPORT Sunday, July 12, 2009 Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001) Kaspersky Online Scanner version: 7.0.26.13 Program database last update: Monday, July 13, 2009 03:24:00 Records in database: 2464318

Discussion Title: Internet Explorer/Mozilla Firefox not connecting to internet
Title Keywords: Internet Explorer/Mozilla Firefox connecting internet Piriform Community Forums

Omgili Home

About

FAQ

Plugins

Usenet

Internet Explorer/Mozilla Firefox not connecting to internet - Piriform Community Forums