Author Topic: Startup help. Freezing. (Read 1554 times)

Enid · « **on:** November 08, 2009, 12:12:48 PM »

I'm having trouble starting up my desktop computer. It properly starts up once in a while. My guess is that the computer is loaded with downloaded crap and malware etc. This is the family computer and I don't supervise any downloads. I need help identifying the problem and getting rid of it. I already unstalled half of the programs. Please help. Im a Dell Dimension E5281.

guestolo · « **Reply #1 on:** November 08, 2009, 12:14:32 PM »

Download [color=\"#FF0000\"]OTL.exe[/color][/url] by OldTimer to your Desktop.

Close all windows and double click on OTL.exe to run it

If you are running Vista
[color=\"#4169E1\"]Close all windows and right click on OTL.exe and choose to "Run as Administrator"[/color]

Click Run Scan and let the program run uninterrupted.
It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
You may need to use two posts to get it all.

NOTE: If you have trouble, or an error message trying to post the logs
Can you upload it to a reply box
In a Reply, select "Browse..." on the bottom right and then navigate to the file and select it
Then click "Upload"

Enid · « **Reply #2 on:** November 08, 2009, 03:48:38 PM »

[color=\"#0000ff\"]OTL logfile created on: 11/8/2009 12:22:13 PM - Run 1
OTL by OldTimer - Version 3.1.4.0 Folder = C:\Users\Nunez\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

957.88 Mb Total Physical Memory | 375.51 Mb Available Physical Memory | 39.20% Memory free
2.13 Gb Paging File | 0.97 Gb Available in Paging File | 45.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.97 Gb Total Space | 76.15 Gb Free Space | 54.79% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.89 Gb Free Space | 58.85% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 232.88 Gb Total Space | 197.46 Gb Free Space | 84.79% Space Free | Partition Type: NTFS

Computer Name: NUNEZ-PC
Current User Name: Nunez
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

[color=\"#E56717\"]========== Processes (SafeList) ==========[/color]

PRC - [2009/11/08 12:21:22 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Users\Nunez\Desktop\OTL.exe
PRC - [2009/11/05 14:48:12 | 02,028,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/10/12 12:01:48 | 02,919,608 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2009/09/25 07:33:11 | 00,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/09/25 07:33:10 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/09/25 07:32:54 | 00,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/09/25 07:32:37 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/09/25 07:32:24 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/09/21 15:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/09/21 15:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/08/28 18:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/08/27 10:20:22 | 00,765,824 | ---- | M] () -- C:\Program Files\SGPSA\ie3sh.exe
PRC - [2008/10/29 01:20:29 | 02,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/04/10 01:15:28 | 00,103,736 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe
PRC - [2008/04/10 01:15:00 | 00,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe
PRC - [2008/01/28 10:43:32 | 00,810,320 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007/08/06 19:05:46 | 00,200,704 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2007/07/25 15:06:30 | 02,027,792 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2007/07/25 15:02:54 | 00,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2007/07/25 15:02:32 | 00,403,728 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2007/07/19 23:40:48 | 00,137,752 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2007/07/19 23:38:54 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2007/07/19 23:38:54 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2007/05/11 09:01:40 | 00,103,344 | ---- | M] (Lexmark International Inc.) -- C:\Program Files\Lexmark 7300 Series\ezprint.exe
PRC - [2007/05/11 08:59:20 | 00,205,744 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 7300 Series\lxcimon.exe
PRC - [2007/02/08 00:16:24 | 00,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\sttray.exe
PRC - [2007/02/08 00:16:22 | 00,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe
PRC - [2007/02/01 21:13:46 | 00,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcicoms.exe
PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/11/12 01:19:46 | 00,446,976 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2006/11/05 10:15:12 | 00,880,640 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
PRC - [2006/11/05 10:13:00 | 00,159,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
PRC - [2006/11/02 07:36:04 | 00,895,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2006/11/02 07:36:04 | 00,201,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2006/11/02 07:35:32 | 00,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2006/11/02 07:35:32 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2006/11/02 07:34:32 | 01,004,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/09/22 08:35:58 | 00,045,056 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2006/08/04 19:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
PRC - [2005/02/16 21:15:20 | 00,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

[color=\"#E56717\"]========== Modules (SafeList) ==========[/color]

MOD - [2009/11/08 12:21:22 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Users\Nunez\Desktop\OTL.exe
MOD - [2009/09/25 07:33:11 | 00,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2006/11/02 04:38:57 | 01,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll

[color=\"#E56717\"]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found -- -- (CLTNetCnService)
SRV - [2009/09/25 07:32:37 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/09/25 07:32:24 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/09/21 15:36:02 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/08/28 18:42:54 | 00,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/08/06 20:12:13 | 00,029,744 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-061008-081103)
SRV - [2008/07/27 13:00:25 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/19 20:18:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/06/19 20:17:50 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/06/19 20:17:49 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/04/10 01:15:28 | 00,103,736 | ---- | M] () -- C:\Windows\System32\PnkBstrB.exe -- (PnkBstrB)
SRV - [2008/04/10 01:15:00 | 00,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA)
SRV - [2008/01/28 10:43:32 | 00,810,320 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2007/08/24 02:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007/07/19 23:42:30 | 00,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/07/19 23:40:48 | 00,137,752 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/07/19 23:38:54 | 00,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2007/05/23 14:35:38 | 00,291,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr)
SRV - [2007/02/08 00:16:22 | 00,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe -- (STacSV)
SRV - [2007/02/01 21:13:46 | 00,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxcicoms.exe -- (lxci_device)
SRV - [2007/01/19 11:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/07 12:27:02 | 00,070,656 | ---- | M] () -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/11/05 10:15:12 | 00,880,640 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2006/11/05 10:13:00 | 00,159,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - [2006/11/02 07:36:04 | 00,895,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2006/11/02 07:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched)
SRV - [2006/11/02 07:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/11/02 07:34:32 | 00,263,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/09/14 13:54:34 | 00,073,728 | ---- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2006/08/04 19:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)

[color=\"#E56717\"]========== Driver Services (SafeList) ==========[/color]

DRV - [2009/09/25 07:33:10 | 00,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/09/25 07:33:10 | 00,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/08/28 18:42:52 | 00,040,448 | ---- | M] (Apple, Inc.) -- C:\Windows\System32\drivers\usbaapl.sys -- (USBAAPL)
DRV - [2009/05/29 18:42:49 | 00,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009/05/18 13:17:00 | 00,026,600 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2007/08/06 19:15:07 | 00,033,052 | ---- | M] (PowerISO Computing, Inc.) -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007/07/19 23:39:50 | 02,142,488 | ---- | M] (Logitech Inc.) -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/07/18 19:44:00 | 00,041,752 | ---- | M] (Logitech Inc.) -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/07/18 19:39:15 | 01,278,104 | ---- | M] (Logitech Inc.) -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI)
DRV - [2007/07/18 19:39:15 | 00,013,848 | ---- | M] (Logitech Inc.) -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
DRV - [2007/07/18 16:42:42 | 00,025,624 | ---- | M] () -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/05/23 14:36:23 | 00,020,152 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007/05/23 14:36:23 | 00,019,128 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2007/05/23 14:36:23 | 00,017,592 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/05/01 07:26:26 | 00,131,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2007/05/01 07:26:26 | 00,102,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/03/05 03:07:46 | 00,045,568 | ---- | M] (Broadcom Corporation) -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2007/02/08 00:16:26 | 00,647,680 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/01/06 00:59:42 | 00,035,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/12/07 23:25:00 | 04,456,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2006/11/02 04:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:55:04 | 00,071,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio)
DRV - [2006/11/02 03:51:31 | 00,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\xnacc.sys -- (xnacc)
DRV - [2006/11/02 03:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid)
DRV - [2006/11/02 03:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:36:43 | 02,028,032 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:55 | 00,200,704 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/11/02 02:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60)
DRV - [2006/11/02 01:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv)
DRV - [2006/10/18 13:09:26 | 00,986,624 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/10/18 13:08:18 | 00,258,048 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/10/18 13:08:04 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/10/05 15:07:28 | 00,004,736 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/17 14:43:52 | 00,007,424 | --S- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\Drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/08/04 19:39:10 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/07/24 02:00:00 | 00,036,528 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006/06/19 16:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\drivers\mdmxsdk.sys -- (mdmxsdk)

[color=\"#E56717\"]========== Standard Registry (SafeList) ==========[/color]

[color=\"#E56717\"]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [/color][color=\"#0000ff\"]http://go.microsoft.com/fwlink/?LinkId=69157[/color]
[color=\"#0000ff\"]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [/color][color=\"#0000ff\"]http://go.microsoft.com/fwlink/?LinkId=54896[/color]
[color=\"#0000ff\"]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [/color][color=\"#0000ff\"]http://go.microsoft.com/fwlink/?LinkId=54896[/color]
[color=\"#0000ff\"]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [/color][color=\"#0000ff\"]http://go.microsoft.com/fwlink/?LinkId=69157[/color]
[color=\"#0000ff\"]IE - HKLM\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFree.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [/color][color=\"#0000ff\"]http://www.msn.com[/color]
[color=\"#0000ff\"]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [/color][color=\"#0000ff\"]www.live.com[/color][color=\"#0000ff\"] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [/color][color=\"#0000ff\"]http://www.msn.com/[/color]
[color=\"#0000ff\"]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFree.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=\"#E56717\"]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "[/color][color=\"#0000ff\"]http://slirsredirect.search.Email Removed/slirs_http/sredir?sredir=2706&invocationType=&query[/color][color=\"#0000ff\"]="
FF - prefs.js..browser.search.selectedEngine: "AIM Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "[/color][color=\"#0000ff\"]http://www.msn.com/?wl=true[/color][color=\"#0000ff\"]"
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.21.1.1
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5
FF - prefs.js..extensions.enabledItems: {038cb5c7-48ea-4af9-94e0-a1646542e62b}:1.5.47.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0
FF - prefs.js..keyword.URL: "[/color][color=\"#0000ff\"]http://slirsredirect.search.Email Removed/slirs_http/sredir?sredir=2706&invocationType=&query[/color][color=\"#0000ff\"]="
FF - prefs.js..browser.search.selectedEngine: "AIM Search"
FF - prefs.js..keyword.URL: "[/color][color=\"#0000ff\"]http://slirsredirect.search.Email Removed/slirs_http/sredir?invocationType=bu10aiminstabie7&sredir=2706&query[/color][color=\"#0000ff\"]="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/11/05 14:54:11 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/27 02:08:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/05 17:34:03 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/11/05 19:59:52 | 00,000,000 | ---D | M]

[2008/06/29 22:38:42 | 00,000,000 | ---D | M] -- C:\Users\Nunez\AppData\Roaming\Mozilla\Extensions
[2008/06/29 22:38:42 | 00,000,000 | ---D | M] -- C:\Users\Nunez\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/11/05 20:01:31 | 00,000,000 | ---D | M] -- C:\Users\Nunez\AppData\Roaming\Mozilla\Firefox\Profiles\z7y6b7y6.default\extensions
[2009/11/05 18:32:41 | 00,000,000 | ---D | M] -- C:\Users\Nunez\AppData\Roaming\Mozilla\Firefox\Profiles\z7y6b7y6.default\extensions\{57cc715d-37ca-44e4-9ec2-8c2cbddb25ec}
[2009/11/07 15:20:58 | 00,000,000 | ---D | M] -- C:\Users\Nunez\AppData\Roaming\Mozilla\Firefox\Profiles\z7y6b7y6.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/11/05 20:00:29 | 00,001,490 | ---- | M] () -- C:\Users\Nunez\AppData\Roaming\Mozilla\Firefox\Profiles\z7y6b7y6.default\searchplugins\AIM Search.xml
[2009/08/20 13:57:15 | 00,000,310 | ---- | M] () -- C:\Users\Nunez\AppData\Roaming\Mozilla\Firefox\Profiles\z7y6b7y6.default\searchplugins\aim-search.xml
[2009/08/20 13:57:00 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/12/17 17:17:22 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}
[2008/06/29 22:37:52 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/05/29 15:09:12 | 00,023,040 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2008/05/29 15:09:13 | 00,134,144 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2008/08/06 20:12:13 | 00,122,880 | ---- | M] (Google) -- C:\Program Files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
[2009/07/07 16:20:42 | 00,061,440 | ---- | M] (AOL LLC) -- C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
[2009/07/07 16:20:42 | 00,065,536 | ---- | M] (AOL LLC) -- C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
[2007/12/19 07:57:38 | 00,310,272 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
[2008/05/29 15:09:14 | 00,065,536 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2007/03/22 18:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2009/10/12 12:01:43 | 00,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2009/10/05 17:34:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/10/05 17:34:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/10/05 17:34:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/10/05 17:34:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/10/05 17:34:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/10/05 17:34:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/10/05 17:34:02 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2007/04/16 12:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2008/05/29 09:24:14 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2008/05/29 09:24:14 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2008/05/29 09:24:14 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2008/05/29 09:24:14 | 00,002,642 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2008/05/29 09:24:14 | 00,001,706 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2008/08/06 20:12:14 | 00,000,686 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\GoogleDesktopMozilla.png
[2008/08/06 20:12:13 | 00,000,531 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\GoogleDesktopMozilla.src
[2008/05/29 09:24:14 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/04/29 13:35:18 | 00,000,787 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (231267 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 [/color][color=\"#0000ff\"]www.007guard.com[/color]
[color=\"#0000ff\"]O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 [/color][color=\"#0000ff\"]www.008k.com[/color]
[color=\"#0000ff\"]O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 [/color][color=\"#0000ff\"]www.00hq.com[/color]
[color=\"#0000ff\"]O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 [/color][color=\"#0000ff\"]www.032439.com[/color]
[color=\"#0000ff\"]O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 [/color][color=\"#0000ff\"]www.1001-search.info[/color]
[color=\"#0000ff\"]O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 [/color][color=\"#0000ff\"]www.100888290cs.com[/color]
[color=\"#0000ff\"]O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 [/color][color=\"#0000ff\"]www.100sexlinks.com[/color]
[color=\"#0000ff\"]O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 [/color][color=\"#0000ff\"]www.10sek.com[/color]
[color=\"#0000ff\"]O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 [/color][color=\"#0000ff\"]www.123topsearch.com[/color]
[color=\"#0000ff\"]O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 [/color][color=\"#0000ff\"]www.132.com[/color]
[color=\"#0000ff\"]O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 [/color][color=\"#0000ff\"]www.136136.net[/color]
[color=\"#0000ff\"]O1 - Hosts: 8107 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFree.dll (Conduit Ltd.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Free Lunch Design Toolbar) - {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - C:\Program Files\Free_Lunch_Design\tbFree.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Free Lunch Design Toolbar) - {57CC715D-37CA-44E4-9EC2-8C2CBDDB25EC} - C:\Program Files\Free_Lunch_Design\tbFree.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe File not found
O4 - HKLM..\Run: [ECenter] c:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 7300 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe ()
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [LXCICATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCItime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxcimon.exe] C:\Program Files\Lexmark 7300 Series\lxcimon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [DeleteDir[CD8] Fast Browser Search] File not found
O4 - HKLM..\RunOnce: [DeleteDir[CD8] Search Guard Plus] File not found
O4 - HKLM..\RunOnce: [DeleteDir[CD8] Search Guard Plus Updater] File not found
O4 - HKLM..\RunOnce: [DeleteDir[CD8] SGPSA] File not found
O4 - Startup: C:\Users\Nunez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\H3 The Shadow of Death(tm).lnk = C:\Program Files\3DO\Heroes3\RegisterSOD\Remind32.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: 31 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 31 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} [/color][color=\"#0000ff\"]http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab[/color][color=\"#0000ff\"] (Facebook Photo Uploader 5 Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [/color][color=\"#0000ff\"]http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab[/color][color=\"#0000ff\"] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

[color=\"#E56717\"]========== Files/Folders - Created Within 30 Days ==========[/color]

[2009/11/08 12:21:00 | 00,528,896 | ---- | C] (OldTimer Tools) -- C:\Users\Nunez\Desktop\OTL.exe
[2009/11/08 11:39:10 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/11/07 12:29:18 | 05,939,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/11/07 12:29:17 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/11/06 22:08:13 | 00,000,000 | ---D | C] -- C:\Windows\CheckSur
[2009/11/05 20:00:27 | 00,000,000 | ---D | C] -- C:\ProgramData\AIM
[2009/11/05 20:00:27 | 00,000,000 | ---D | C] -- C:\ProgramData\AIM
[2009/11/05 20:00:02 | 00,000,000 | ---D | C] -- C:\Program Files\AIM
[2009/11/05 19:59:51 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2009/10/31 14:56:08 | 00,000,000 | ---D | C] -- C:\Program Files\Conduit
[2009/10/31 14:56:04 | 00,000,000 | ---D | C] -- C:\Program Files\Free_Lunch_Design
[2009/10/27 03:54:50 | 00,053,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[2009/10/27 03:54:50 | 00,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2009/10/27 03:54:49 | 02,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2009/10/27 03:54:49 | 01,929,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
[2009/10/27 03:54:11 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2009/10/27 03:54:11 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2009/10/27 03:54:11 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2009/10/27 03:53:56 | 00,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2009/10/27 03:53:56 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2009/10/21 12:15:07 | 00,494,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kerberos.dll
[2009/10/21 12:15:05 | 00,272,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
[2009/10/14 22:00:21 | 00,000,000 | ---D | C] -- C:\Program Files\Search Guard PlusU
[2009/10/14 22:00:21 | 00,000,000 | ---D | C] -- C:\Program Files\Search Guard Plus
[2009/10/14 22:00:18 | 00,000,000 | ---D | C] -- C:\Program Files\SGPSA
[2009/10/14 21:59:52 | 00,000,000 | ---D | C] -- C:\Program Files\Fast Browser Search
[2009/10/14 19:18:55 | 00,000,000 | ---D | C] -- C:\Users\Nunez\AppData\Local\AIM
[2009/10/14 13:31:40 | 00,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll
[2009/10/14 13:31:40 | 00,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdigest.dll
[2009/10/14 13:31:39 | 01,233,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2009/10/14 13:31:38 | 00,408,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecdd.sys
[2009/10/14 13:31:36 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
[2009/10/14 13:31:36 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsass.exe
[2009/10/14 13:31:28 | 03,467,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/10/14 13:31:26 | 03,502,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/10/14 13:30:44 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/10/14 13:30:40 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/10/14 13:30:40 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/10/14 13:30:39 | 00,916,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/10/14 13:30:39 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/10/14 13:30:39 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/10/14 13:30:38 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/10/14 13:30:36 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/10/14 13:30:35 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/10/14 13:30:35 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/10/14 13:30:35 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/10/14 13:30:34 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/10/14 13:30:34 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/10/14 13:30:34 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/10/14 13:30:32 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/10/14 13:30:32 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/10/14 13:30:32 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/10/14 13:30:32 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/10/14 13:30:26 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll
[2009/10/14 13:30:21 | 00,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys
[2009/10/14 13:30:15 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2009/10/12 12:02:08 | 00,000,000 | ---D | C] -- C:\Users\Nunez\AppData\Local\PMB Files
[2009/10/12 12:01:59 | 00,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2009/10/12 12:01:59 | 00,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2009/10/12 12:01:27 | 00,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2007/06/10 19:57:48 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxciinpa.dll
[2007/06/10 19:57:48 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxciiesc.dll
[2007/06/10 19:57:48 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxcihcp.dll
[2007/06/10 19:57:47 | 01,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxciserv.dll
[2007/06/10 19:57:47 | 00,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxciusb1.dll
[2007/06/10 19:57:47 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxciprox.dll
[2007/06/10 19:57:47 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcipplc.dll
[2007/06/10 19:57:46 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcipmui.dll
[2007/06/10 19:57:46 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcilmpm.dll
[2007/06/10 19:57:45 | 00,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxcihbn3.dll
[2007/06/10 19:57:44 | 00,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcicomm.dll
[2007/06/10 19:57:43 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcicomc.dll
[13 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[13 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=\"#E56717\"]========== Files - Modified Within 30 Days ==========[/color]

[2009/11/08 12:29:25 | 05,505,024 | -HS- | M] () -- C:\Users\Nunez\ntuser.dat
[2009/11/08 12:25:47 | 00,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/11/08 12:25:47 | 00,003,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/11/08 12:21:22 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Users\Nunez\Desktop\OTL.exe
[2009/11/08 11:32:51 | 00,716,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/11/08 11:32:51 | 00,618,410 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/11/08 11:32:51 | 00,103,818 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/11/08 11:28:19 | 44,807,895 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2009/11/08 11:28:19 | 00,086,767 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2009/11/08 11:25:47 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/11/08 11:25:42 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/11/08 11:25:22 | 10,050,51904 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/08 03:16:29 | 00,524,288 | -HS- | M] () -- C:\Users\Nunez\ntuser.dat{117a1525-cbc2-11de-a821-001aa041384e}.TMContainer00000000000000000002.regtrans-ms
[2009/11/08 03:16:29 | 00,524,288 | -HS- | M] () -- C:\Users\Nunez\ntuser.dat{117a1525-cbc2-11de-a821-001aa041384e}.TMContainer00000000000000000001.regtrans-ms
[2009/11/08 03:16:29 | 00,065,536 | -HS- | M] () -- C:\Users\Nunez\ntuser.dat{117a1525-cbc2-11de-a821-001aa041384e}.TM.blf
[2009/11/08 03:16:20 | 02,204,469 | -H-- | M] () -- C:\Users\Nunez\AppData\Local\IconCache.db
[2009/11/07 18:34:59 | 00,109,568 | ---- | M] () -- C:\Users\Nunez\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/07 16:10:19 | 00,020,935 | ---- | M] () -- C:\Users\Nunez\Desktop\[isoHunt] Miley Cyrus - The Time Of Our Lives 2009 CDRip [Cov CD][Bubanee].torrent
[2009/11/05 20:00:39 | 00,001,586 | -H-- | M] () -- C:\IPH.PH
[2009/11/05 20:00:26 | 00,001,694 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2009/10/31 14:55:45 | 00,000,729 | ---- | M] () -- C:\Users\Nunez\Desktop\Icy Tower.lnk
[2009/10/27 15:57:52 | 18,065,4057 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/10/24 16:15:32 | 00,002,587 | ---- | M] () -- C:\Users\Nunez\Desktop\Microsoft Office Word 2007.lnk
[2009/10/24 16:15:07 | 00,002,515 | ---- | M] () -- C:\Users\Nunez\Desktop\Microsoft Office Publisher 2003.lnk
[2009/10/24 16:14:06 | 00,002,543 | ---- | M] () -- C:\Users\Nunez\Desktop\Microsoft Office Access 2003.lnk
[2009/10/21 05:40:08 | 05,939,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/10/21 03:19:16 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/10/15 02:36:42 | 00,428,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/10/13 21:23:50 | 00,001,076 | ---- | M] () -- C:\Users\Nunez\Desktop\stress reducers - Shortcut.lnk
[13 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[13 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=\"#E56717\"]========== Files Created - No Company Name ==========[/color]

[2009/11/07 16:10:15 | 00,020,935 | ---- | C] () -- C:\Users\Nunez\Desktop\[isoHunt] Miley Cyrus - The Time Of Our Lives 2009 CDRip [Cov CD][Bubanee].torrent
[2009/11/07 13:10:27 | 00,524,288 | -HS- | C] () -- C:\Users\Nunez\ntuser.dat{117a1525-cbc2-11de-a821-001aa041384e}.TMContainer00000000000000000002.regtrans-ms
[2009/11/07 13:10:27 | 00,524,288 | -HS- | C] () -- C:\Users\Nunez\ntuser.dat{117a1525-cbc2-11de-a821-001aa041384e}.TMContainer00000000000000000001.regtrans-ms
[2009/11/07 13:10:26 | 00,065,536 | -HS- | C] () -- C:\Users\Nunez\ntuser.dat{117a152

guestolo · « **Reply #3 on:** November 09, 2009, 08:33:42 PM »

Right click on OTL.exe and choose to "Run as Administrator"

Under the [color=\"#0000FF\"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
Quote
:OTL
PRC - [2009/08/27 10:20:22 | 00,765,824 | ---- | M] () -- C:\Program Files\SGPSA\ie3sh.exe
SRV - File not found -- -- (CLTNetCnService)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [FBSSA] C:\Program Files\SGPSA\ie3sh.exe ()
O4 - HKLM..\RunOnce: [DeleteDir[CD8] Fast Browser Search] File not found
O4 - HKLM..\RunOnce: [DeleteDir[CD8] Search Guard Plus] File not found
O4 - HKLM..\RunOnce: [DeleteDir[CD8] Search Guard Plus Updater] File not found
O4 - HKLM..\RunOnce: [DeleteDir[CD8] SGPSA] File not found
[2009/10/14 22:00:21 | 00,000,000 | ---D | C] -- C:\Program Files\Search Guard PlusU
[2009/10/14 22:00:21 | 00,000,000 | ---D | C] -- C:\Program Files\Search Guard Plus
[2009/10/14 22:00:18 | 00,000,000 | ---D | C] -- C:\Program Files\SGPSA
[2009/10/14 21:59:52 | 00,000,000 | ---D | C] -- C:\Program Files\Fast Browser Search
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring"=-

:Commands
[EmptyTemp]
[Reboot]
Then click the [color=\"#FF0000\"]Run Fix[/color] button at the top
Let the program run unhindered, reboot the PC when it is done

On startup, Allow OTL to run if prompted
please post the log that OTL produces
A copy of this log can also be found in
C:\_OTL\Moved Files folder

In addition:
download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Enid · « **Reply #4 on:** November 10, 2009, 07:40:54 PM »

[quote name=\'guestolo\' post=\'466183\' date=\'Nov 9 2009, 08:33 PM\']Right click on OTL.exe and choose to "Run as Administrator"

Under the [color=\"#0000ff\"]Custom Scans/Fixes[/color] box at the bottom, copy/paste in the following in the quote box below. don't include the word Quote please
Then click the [color=\"#ff0000\"]Run Fix[/color] button at the top
Let the program run unhindered, reboot the PC when it is done

On startup, Allow OTL to run if prompted
please post the log that OTL produces
A copy of this log can also be found in
C:\_OTL\Moved Files folder

In addition:
download Malwarebytes' Anti-Malware from Here or Here
Save the installer to desktop

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Full Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.[/quote]

ccAll processes killed
========== OTL ==========
No active process named ie3sh.exe was found!
Service CLTNetCnService stopped successfully!
Service CLTNetCnService deleted successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\FBSSA deleted successfully.
C:\Program Files\SGPSA\ie3sh.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\DeleteDir[CD8 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\DeleteDir[CD8 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\DeleteDir[CD8 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\DeleteDir[CD8 not found.
File move failed. C:\Program Files\Search Guard PlusU\ scheduled to be moved on reboot.
File move failed. C:\Program Files\Search Guard Plus\ scheduled to be moved on reboot.
File move failed. C:\Program Files\SGPSA\ scheduled to be moved on reboot.
File move failed. C:\Program Files\Fast Browser Search\ scheduled to be moved on reboot.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Linnette
->Temp folder emptied: 22545903 bytes
->Temporary Internet Files folder emptied: 91651731 bytes
->Java cache emptied: 502552 bytes
->FireFox cache emptied: 3209001 bytes

User: Nunez
->Temp folder emptied: 896901122 bytes
->Temporary Internet Files folder emptied: 619878981 bytes
->Java cache emptied: 25941545 bytes
->FireFox cache emptied: 79281081 bytes

User: Public

User: Rob
->Temp folder emptied: 50833376 bytes
->Temporary Internet Files folder emptied: 177187181 bytes
->FireFox cache emptied: 66418942 bytes

User: Roberto Nunez
->Temp folder emptied: 7627365 bytes
->Temporary Internet Files folder emptied: 260288487 bytes
->Java cache emptied: 723073 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 401462 bytes
Windows Temp folder emptied: 216300906 bytes
RecycleBin emptied: 459299303 bytes

Total Files Cleaned = -1254.98 mb

OTL by OldTimer - Version 3.1.4.0 log created on 11102009_191352

Files\Folders moved on Reboot...
File\Folder C:\Program Files\Search Guard PlusU\ not found!
File\Folder C:\Program Files\Search Guard Plus\ not found!
File\Folder C:\Program Files\SGPSA\ not found!
File\Folder C:\Program Files\Fast Browser Search\ not found!
File\Folder C:\Users\Roberto Nunez\AppData\Local\Temp\hsperfdata_Roberto Nunez\1900 not found!
C:\Windows\temp\JET3C73.tmp moved successfully.
C:\Windows\temp\~ROMFN_00000BCC moved successfully.

Registry entries deleted on Reboot...

guestolo · « **Reply #5 on:** November 10, 2009, 09:32:58 PM »

Just waiting on the log from MalwareBytes
Very sorry about the instructions, I meant to have you perform a Quick Scan, but let the Full scan finish and post the results
NOTE: If you have not done the scan with Malwarebytes Anti-malware yet, do so
But please just do the "Quick Scan"

Enid · « **Reply #6 on:** November 10, 2009, 10:02:09 PM »

[quote name=\'guestolo\' post=\'466197\' date=\'Nov 10 2009, 09:32 PM\']Just waiting on the log from MalwareBytes
Very sorry about the instructions, I meant to have you perform a Quick Scan, but let the Full scan finish and post the results
NOTE: If you have not done the scan with Malwarebytes Anti-malware yet, do so
But please just do the "Quick Scan"[/quote]

That's ok. It just finished. Do you want me to do another scan and make it "Quick"?

Malwarebytes' Anti-Malware 1.41
Database version: 3143
Windows 6.0.6000

11/10/2009 9:56:15 PM
mbam-log-2009-11-10 (21-56-15).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 297846
Time elapsed: 2 hour(s), 3 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e596df5f-4239-4d40-8367-ebadf0165917} (Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AV1 (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\ProgramData\AV1 (Rogue.AV1) -> Quarantined and deleted successfully.
C:\Users\Nunez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anti-Virus-1 (Rogue.AntiVirus1) -> Quarantined and deleted successfully.

Files Infected:
C:\Users\Nunez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anti-Virus-1\Anti-virus-1.lnk (Rogue.AntiVirus1) -> Quarantined and deleted successfully.
C:\Users\Nunez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anti-Virus-1\Uninstall.lnk (Rogue.AntiVirus1) -> Quarantined and deleted successfully.
C:\Users\Nunez\Desktop\Anti-virus-1.lnk (Rogue.AntiVirus1) -> Quarantined and deleted successfully.

guestolo · « **Reply #7 on:** November 10, 2009, 10:10:31 PM »

Quote

Do you want me to do another scan and make it "Quick"?

No, not right now
Can you now let me know how everything is running please

In addition, can you again, right click on OTL.exe and choose to "Run as Admin"
Do a fresh scan and post the contents of the log that opens

TheTechGuide Forum

News:

Author Topic: Startup help. Freezing. (Read 1554 times)

Enid

Startup help. Freezing.

guestolo

Startup help. Freezing.

Enid

Startup help. Freezing.

guestolo

Startup help. Freezing.

Enid

Startup help. Freezing.

guestolo

Startup help. Freezing.

Enid

Startup help. Freezing.

guestolo

Startup help. Freezing.