WiredWX Christian Hobby Weather Tools
Would you like to react to this message? Create an account in a few clicks or log in to continue.

WiredWX Christian Hobby Weather ToolsLog in

 


Microsoft Security Center Virus?

3 posters

descriptionMicrosoft Security Center Virus? EmptyMicrosoft Security Center Virus?1st June 2011, 10:25 pm

more_horiz
Hello-

Recently Microsoft Security Center popped up overnight and the following morning reported multiple viruses were found, firewall disabled, and in order to clean viruses I must purchase a registration key. No programs or shown running in the background on the task bar, only icon is the current time, network status and printer icons. Each time I double click on the icons on the desktop or open up programs on the start menu, the "open with" dialog box opens and I have to browse to search for associated program. Computer is very slow and will "lock up". aswMBR and OTL scan logs posted below. However the security check program would not run and post a log for some reason. Any help?

Thanks in advance,
Keith

aswMBR version 0.9.5.317 Copyright(c) 2011 AVAST Software
Run date: 2011-05-31 21:27:25
-----------------------------
21:27:25.437 OS Version: Windows 5.1.2600 Service Pack 3
21:27:25.437 Number of processors: 1 586 0x207
21:27:25.437 ComputerName: DESKTOP UserName:
21:27:26.312 Initialize success
21:27:36.203 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
21:27:36.203 Disk 0 Vendor: WDC_WD600BB-75CAA0 16.06V16 Size: 57220MB BusType: 3
21:27:36.203 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
21:27:36.203 Disk 1 Vendor: WDC_WD800BB-00CAA1 17.07W17 Size: 76319MB BusType: 3
21:27:38.203 Disk 0 MBR read successfully
21:27:38.218 Disk 0 MBR scan
21:27:38.218 Disk 0 Windows XP default MBR code
21:27:40.218 Disk 0 scanning sectors +117178110
21:27:40.250 Disk 0 scanning C:\WINDOWS\system32\drivers
21:27:49.609 Service scanning
21:27:51.015 Disk 0 trace - called modules:
21:27:51.031 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
21:27:51.031 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87764ab8]
21:27:51.046 3 CLASSPNP.SYS[f766ffd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x877ded98]
21:28:49.125 Unsigned kernel modules:
21:28:49.140 0xf66cf000 C:\WINDOWS\System32\Drivers\pwd_2k.SYS
21:29:01.312 0xf78f7000 C:\WINDOWS\System32\DRIVERS\omci.sys
21:29:01.781 0xf7907000 C:\WINDOWS\System32\Drivers\mmc_2K.SYS
21:29:03.234 0xf7c9f000 C:\WINDOWS\System32\Drivers\Cdr4_xp.SYS
21:29:03.265 0xf7ca1000 C:\WINDOWS\System32\Drivers\Cdralw2k.SYS
21:29:04.921 0xf541e000 C:\WINDOWS\System32\Drivers\cdudf_xp.SYS
21:29:05.500 0xf53d9000 C:\WINDOWS\System32\Drivers\UdfReadr_xp.SYS
21:29:20.687 0xf2dc1000 C:\WINDOWS\System32\Drivers\mrtRate.SYS
21:29:21.109 Scan finished successfully
21:29:32.765 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Michelle Huey\Desktop\MBR.dat"
21:29:32.765 The log file has been saved successfully to "C:\Documents and Settings\Michelle Huey\Desktop\aswMBR.txt"

OTL Extras logfile created on: 6/1/2011 5:57:50 PM - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Michelle Huey\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.00 Mb Total Physical Memory | 462.51 Mb Available Physical Memory | 45.21% Memory free
1.91 Gb Paging File | 1.46 Gb Available in Paging File | 76.83% Paging File free
Paging file location(s): C:\pagefile.sys 1023 1223 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.84 Gb Total Space | 4.16 Gb Free Space | 7.45% Space Free | Partition Type: NTFS
Drive D: | 497.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 74.53 Gb Total Space | 63.66 Gb Free Space | 85.41% Space Free | Partition Type: NTFS

Computer Name: DESKTOP | User Name: Michelle Huey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.exe [@ = exefile] -- "C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\ili.exe" -a "%1" %*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [TVersity] -- "C:\Program Files\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:*:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:*:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player Network Sharing Service
"9322:TCP" = 9322:TCP:*:Enabled:EKDiscovery
"5353:UDP" = 5353:UDP:*:Enabled:Bonjour Port 5353

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\drivers\svchost.exe" = %windir%\system32\drivers\svchost.exe:*:Enabled:svchost

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealOne Player -- (RealNetworks, Inc.)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\WINDOWS\SYSTEM32\mmc.exe" = C:\WINDOWS\SYSTEM32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Hewlett-Packard\HP DreamScreen PC Software\httpsvr.exe" = C:\Program Files\Hewlett-Packard\HP DreamScreen PC Software\httpsvr.exe:*:Enabled:HTTPSVR -- (Hewlett-Packard)
"C:\Program Files\Hewlett-Packard\HP DreamScreen PC Software\pcsw.exe" = C:\Program Files\Hewlett-Packard\HP DreamScreen PC Software\pcsw.exe:*:Enabled:PC Software -- (Hewlett-Packard)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\TVersity\Media Server\MediaServer.exe" = C:\Program Files\TVersity\Media Server\MediaServer.exe:*:Enabled:TVersity Media Server -- ()
"C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe" = C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe:*:Enabled:Kodak.AiO.HomeCenter -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Center\Kodak.Statistics.exe" = C:\Program Files\Kodak\AiO\Center\Kodak.Statistics.exe:*:Enabled:Kodak.AiO.Statistics -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe" = C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe:*:Enabled:Kodak.AiO.SetupUtility -- (Eastman Kodak Company)
"C:\Program Files\Kodak\AiO\Firmware\KodakAiOUpdater.exe" = C:\Program Files\Kodak\AiO\Firmware\KodakAiOUpdater.exe:*:Enabled:Kodak.AiO.FwUpdater -- (Eastman Kodak Company)
"C:\Documents and Settings\All Users\Application Data\Kodak\Installer\Setup.exe" = C:\Documents and Settings\All Users\Application Data\Kodak\Installer\Setup.exe:*:Enabled:Kodak.AiO.Installer -- (Eastman Kodak Company)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0+ (r223)
"{01A4AEDE-F219-49A2-B855-16A016EAF9A4}" = Intel(R) PROSet II
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{074AED0D-DD1C-432A-B38D-F8733604033F}" = aioscnnr
"{10934A28-0CC6-4B98-A14F-76B3546003AF}" = ksDIP
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{13413C6C-C640-40B8-917E-CA3062826B18}" = PIXELA ImageMixer
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{151C555A-A9E7-4A2E-B6D7-165D04A3C956}" = Dell Picture Studio - Dell Image Expert
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184EB198-1DBA-46DB-B728-7A5FC13D5C2B}_is1" = Yahoo! Photos Print-at-Home Tool
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{29D88826-2AB9-11D5-8854-00902761A46D}" = WordPerfect Office 2002
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{34F93E31-E1A0-421C-8E86-BCF7C4193A91}" = LogMeIn
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{609F7AC8-C510-11D4-A788-009027ABA5D0}" = Easy CD Creator 5 Basic
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{64116298-93C5-401D-B06C-39D8E3338508}" = DAO
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{98DF85D9-96C0-4F57-A92E-C3539477EF5E}" = DVDSentry
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{AC76BA86-7AD7-2448-0000-900000000003}" = Chinese Traditional Fonts Support For Adobe Reader 9
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English)
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{BA0F44C2-A883-11D1-AD0A-006097D15E2C}" = Palm Desktop
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF0EDB56-BBF6-3C9F-9C50-2E3B3D444641}" = Google Talk Plugin
"{D1399216-81B2-457C-A0F7-73B9A2EF6902}" = PDFill PDF Editor with FREE Writer and FREE Tools
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E6696A8C-C55A-405C-AFEB-F3880A8BAA45}" = iPod Update 2004-04-28
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F6862CEA-4449-479C-AB45-B123EE35911D}" = HP DreamScreen PC Software
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr
"{FE242C4A-4AF0-4E9F-ABFF-92CA3CEE8761}" = MySpaceIM
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2702" = Conexant SmartHSFi V92 56K DF PCI Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Defraggler" = Defraggler
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell Support Center" = Dell Support Center
"Duplicate Cleaner_is1" = Duplicate Cleaner 1.4.5
"ESET Online Scanner" = ESET Online Scanner v3
"ffdshow_is1" = ffdshow [rev 1723] [2007-12-24]
"hphuni04" = Photosmart 130,230,7150,7345,7350,7550 (Remove only)
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{E6696A8C-C55A-405C-AFEB-F3880A8BAA45}" = iPod Update 2004-04-28
"InstallShield_{F6862CEA-4449-479C-AB45-B123EE35911D}" = HP DreamScreen PC Software
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.8.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"MP3 Rocket" = MP3 Rocket
"Multi-Function Link II" = Multi-Function Link II
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"NVIDIA Display Driver" = NVIDIA Display Driver
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"PROSet" = Intel(R) PRO Ethernet Adapter and Software
"Quicken 2002 New User Edition" = Quicken 2002 New User Edition
"RealPlayer 6.0" = RealPlayer
"Shockwave" = Shockwave
"Snapshot Viewer" = Snapshot Viewer
"Super Winspy_is1" = Super Winspy v3.3
"tcConference" = tcConference
"TomTom HOME" = TomTom HOME 2.7.6.2056
"TreeSize Free_is1" = TreeSize Free V2.2.1
"TVersity Codec Pack" = TVersity Codec Pack 1.4
"TVersity Media Server" = TVersity Media Server 1.9.2
"uTorrent" = µTorrent
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR archiver
"WMCSetup" = Windows Media Connect
"WordPerfect Office 2002" = WordPerfect Office 2002
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Photos Drag-Drop Uploader 1v7" = Yahoo! Photos Easy Upload Tool 1v7
"ymb" = Yahoo! Mail Quick Select Tool (PhotoMail)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/31/2011 4:30:03 PM | Computer Name = DESKTOP | Source = Application Hang | ID = 1001
Description = Fault bucket -1896177309.

Error - 5/31/2011 4:33:49 PM | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 192.168.1.104:5353 17 104.1.168.192.in-addr.arpa.
PTR DESKTOP-2.local.

Error - 5/31/2011 4:33:49 PM | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 15 104.1.168.192.in-addr.arpa.
PTR DESKTOP.local.

Error - 5/31/2011 4:40:20 PM | Computer Name = DESKTOP | Source = Application Hang | ID = 1002
Description = Hanging application AvastUI.exe, version 6.0.1125.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 5/31/2011 5:21:27 PM | Computer Name = DESKTOP | Source = Application Hang | ID = 1001
Description = Fault bucket -1857376669.

Error - 5/31/2011 5:27:19 PM | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 192.168.1.104:5353 17 104.1.168.192.in-addr.arpa.
PTR DESKTOP-2.local.

Error - 5/31/2011 5:27:19 PM | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 15 104.1.168.192.in-addr.arpa.
PTR DESKTOP.local.

Error - 5/31/2011 7:25:04 PM | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Received from 192.168.1.104:5353 17 104.1.168.192.in-addr.arpa.
PTR DESKTOP-2.local.

Error - 5/31/2011 7:25:04 PM | Computer Name = DESKTOP | Source = Bonjour Service | ID = 100
Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 15 104.1.168.192.in-addr.arpa.
PTR DESKTOP.local.

Error - 5/31/2011 9:56:10 PM | Computer Name = DESKTOP | Source = Userenv | ID = 1512
Description = Windows cannot unload your registry file. The memory used by the registry
has not been freed. This is often caused by services running as a user account,
try configuring the services to run in either the LocalService or NetworkService
account. If this problem persists, contact your administrator. DETAIL - Insufficient
system resources exist to complete the requested service.


========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >





descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?1st June 2011, 10:26 pm

more_horiz
OTL logfile created on: 6/1/2011 5:57:50 PM - Run 2
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Documents and Settings\Michelle Huey\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1023.00 Mb Total Physical Memory | 462.51 Mb Available Physical Memory | 45.21% Memory free
1.91 Gb Paging File | 1.46 Gb Available in Paging File | 76.83% Paging File free
Paging file location(s): C:\pagefile.sys 1023 1223 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.84 Gb Total Space | 4.16 Gb Free Space | 7.45% Space Free | Partition Type: NTFS
Drive D: | 497.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 74.53 Gb Total Space | 63.66 Gb Free Space | 85.41% Space Free | Partition Type: NTFS

Computer Name: DESKTOP | User Name: Michelle Huey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/31 21:32:34 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michelle Huey\Desktop\OTL.com
PRC - [2011/05/23 00:55:37 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/03/09 13:29:16 | 000,366,000 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2011/03/03 07:50:18 | 002,510,848 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\EKIJ5000MUI.exe
PRC - [2010/12/15 12:16:59 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2010/12/15 12:16:48 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010/12/08 12:17:21 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/08/24 05:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/07/25 02:26:02 | 000,884,736 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe


========== Modules (SafeList) ==========

MOD - [2011/05/31 21:32:34 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michelle Huey\Desktop\OTL.com
MOD - [2011/05/10 08:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [Disabled | Stopped] -- -- (AppMgmt)
SRV - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/03/09 13:29:16 | 000,366,000 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2010/12/15 12:16:59 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2010/12/15 12:16:48 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010/12/08 12:17:21 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/08/24 05:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/07/25 02:26:02 | 000,884,736 | ---- | M] () [Auto | Running] -- C:\Program Files\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2002/11/22 12:49:22 | 000,077,824 | ---- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\hphipm11.exe -- (Pml Driver HPH11)
SRV - [2002/10/10 05:18:36 | 001,118,208 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\NMSSvc.Exe -- (NMSSvc) Intel(R)


========== Driver Services (SafeList) ==========

DRV - [2011/05/10 08:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 08:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 08:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 08:02:25 | 000,102,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/05/10 07:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 07:59:37 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/05/10 07:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/12/15 12:16:50 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009/11/22 00:15:26 | 000,015,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\PeerBlock\pbfilter.sys -- (pbfilter)
DRV - [2008/08/11 13:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/08/11 13:41:00 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/04/10 15:02:00 | 000,162,816 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\RT25USBAP.SYS -- (RT25USBAP)
DRV - [2005/11/03 03:00:00 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2005/11/03 03:00:00 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2004/08/04 01:29:49 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/04 01:29:47 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/04 01:29:45 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/04 01:29:43 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/04 01:29:42 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/04 01:29:41 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/04 01:29:37 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/04 01:29:37 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/04 01:29:37 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004/08/04 01:29:36 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2003/04/14 14:11:39 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2003/04/14 14:11:39 | 000,143,834 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003/04/14 14:11:39 | 000,030,630 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003/04/14 14:11:39 | 000,025,898 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2002/12/17 13:27:32 | 000,241,152 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp)
DRV - [2002/11/22 12:49:22 | 000,050,896 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hphid411.sys -- (Dot4 HPH11)
DRV - [2002/11/22 12:49:22 | 000,050,276 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hphs2k11.sys -- (Dot4Storage HPH11) Storage Class Driver for IEEE-1284.4 (HPH11)
DRV - [2002/11/22 12:49:22 | 000,018,928 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hphius11.sys -- (Dot4Usb HPH11)
DRV - [2002/11/22 12:49:22 | 000,016,112 | ---- | M] (HP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\hphipr11.sys -- (Dot4Print HPH11)
DRV - [2002/10/10 05:18:58 | 000,009,868 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NMSCFG.SYS -- (NMSCFG)
DRV - [2002/10/09 12:50:52 | 000,170,499 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2002/10/09 12:50:16 | 001,175,536 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2002/10/09 12:44:10 | 000,604,240 | ---- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2002/07/19 11:22:08 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2001/08/17 13:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [2001/08/03 20:22:00 | 000,182,896 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NAVAP.SYS -- (NAVAP)
DRV - [2001/06/12 16:52:06 | 000,012,270 | ---- | M] (Palm, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\PalmUSBD.sys -- (PalmUSBD)
DRV - [2001/02/28 11:42:44 | 000,034,712 | ---- | M] (Marimba, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MrtRate.sys -- (mrtRate)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/23 00:55:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/23 00:55:45 | 000,000,000 | ---D | M]

[2011/03/10 15:59:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle Huey\Application Data\Mozilla\Extensions
[2008/08/22 07:20:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle Huey\Application Data\Mozilla\Extensions\home2@tomtom.com
[2011/05/19 00:22:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michelle Huey\Application Data\Mozilla\Firefox\Profiles\i5adjgi8.default\extensions
[2011/03/11 21:33:46 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Michelle Huey\Application Data\Mozilla\Firefox\Profiles\i5adjgi8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/19 00:22:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2010/07/04 20:01:46 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/05/23 00:55:36 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/05/23 00:55:40 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/05/31 17:41:26 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Conime] C:\WINDOWS\SYSTEM32\conime.exe (Microsoft Corporation)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.)
O9 - Extra Button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe (PlotSoft LLC)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} http://supportsoft.adelphia.net/sdccommon/download/tgctlins.cab (Reg Error: Key error.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {0D136D67-D293-4626-8C93-D12CF78E4590} http://67.19.231.218/ivocalize/tc4.cab (tcConference Setup)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab (Reg Error: Key error.)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Reg Error: Key error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137378223951 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} http://h30155.www3.hp.com/ediags/dd/install/guidedsolutions.cab (Reg Error: Key error.)
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx (Reg Error: Key error.)
O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} http://www.trendmicro.com/spyware-scan/as4web.cab (Reg Error: Key error.)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab (Reg Error: Key error.)
O16 - DPF: {C77FB8C0-8B6D-440E-AC26-2BD39E97E8F2} http://speedtest.adelphia.net/customerdiag/speedtest/SPEEDTESTACTIVEX.CAB (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O16 - DPF: {DBA8E419-0D5F-439B-A3CC-D01C768D9B51} http://www.sonypictures.com/games/thedavincicode/DVCDownloaderControl.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220 76.85.229.110
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/09/03 09:59:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/05/25 06:33:22 | 000,000,128 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\ili.exe" -a "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\ili.exe" -a "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: MCODS -
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: MCODS -
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {057997dd-71e4-43cc-b161-3f8180691a9e} - Q824145
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608555} - Internet Explorer Classes for Java
ActiveX: {0E9A3196-39EA-409D-8EB4-20D7FABC191A} - Microsoft .NET Framework 1.0 Hotfix (KB928367)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {14303301-758B-402B-9A0D-2C6A591680DB} - Microsoft .NET Framework 1.0 Service Pack 3 (KB867461)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 9.0
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {2298d453-bcae-4519-bf33-1cbf3faf1524} - Q867801
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 9.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} -
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {377483c2-e4b4-4ee8-b577-9aed264c8735} - Q822925
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {78705f0d-e8db-4b2d-8193-982bdda15ecd} - .NET Framework
ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
ActiveX: {81B52903-4C11-11D6-B6E1-00B0D049139F} - Microsoft .NET Framework 1.0 Service Pack 2 (KB867461)
ActiveX: {871F8A30-15A2-11D6-8711-0002B3281F8B} - Microsoft .NET Framework 1.0 Service Pack 1 (KB867461)
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {96543d59-497a-4801-a1f3-5936aacaf7b1} - Q828750
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {BAC01377-73DD-4796-854D-2A8997E3D68A} - Reg Error: Value error.
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Yahoo! Messenger
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: {f5de1b93-9d38-416b-b09e-aa85a8e84309} - Q818529
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\System32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\L3CODECX.ACM (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\TSSOFT32.ACM (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\IR32_32.DLL ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)


descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?1st June 2011, 10:26 pm

more_horiz
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56308606093492224)

========== Files/Folders - Created Within 30 Days ==========

[2011/05/31 21:40:07 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/05/31 21:32:16 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Michelle Huey\Desktop\OTL.com
[2011/05/31 21:26:09 | 000,586,240 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Michelle Huey\Desktop\aswMBR.exe
[2011/05/31 17:46:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/05/31 17:35:27 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/05/31 17:35:27 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/05/31 17:35:27 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/05/31 17:35:27 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/05/31 17:33:23 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/05/31 16:27:48 | 000,441,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/27 11:29:04 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/05/24 16:07:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michelle Huey\Application Data\Dell
[2011/05/21 22:04:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michelle Huey\Start Menu\Programs\BrowserPlus
[2011/05/21 22:04:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\Yahoo!
[2011/05/12 14:13:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michelle Huey\Recent
[2011/05/11 12:19:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michelle Huey\Desktop\pdf_temp
[2003/05/25 11:05:25 | 008,839,120 | ---- | C] (InstallShield Software Corporation) -- C:\Program Files\AcroReader51_ENU.exe
[6 C:\Documents and Settings\All Users\Documents\*.tmp files -> C:\Documents and Settings\All Users\Documents\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/01 17:56:03 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/01 17:33:04 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3522966352-991782971-1210456705-1006UA.job
[2011/06/01 08:16:12 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/01 07:33:01 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3522966352-991782971-1210456705-1006Core.job
[2011/06/01 07:11:16 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2011/06/01 07:10:22 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2011/06/01 07:07:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2011/06/01 07:07:47 | 1072,766,976 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/31 21:32:34 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Michelle Huey\Desktop\OTL.com
[2011/05/31 21:29:32 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Michelle Huey\Desktop\MBR.dat
[2011/05/31 21:28:27 | 000,879,092 | ---- | M] () -- C:\Documents and Settings\Michelle Huey\Desktop\SecurityCheck.exe
[2011/05/31 21:26:12 | 000,586,240 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Michelle Huey\Desktop\aswMBR.exe
[2011/05/31 17:41:26 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2011/05/31 16:27:48 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/05/31 09:11:38 | 000,017,610 | -HS- | M] () -- C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\245337r41f060nm5sc34053da45p08wb8sf13d412u
[2011/05/31 09:11:38 | 000,017,610 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\245337r41f060nm5sc34053da45p08wb8sf13d412u
[2011/05/30 02:40:10 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\Defraggler Volume C Task.job
[2011/05/28 21:11:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/05/27 11:29:04 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/05/24 16:07:08 | 000,000,564 | ---- | M] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2011/05/21 21:54:45 | 000,049,787 | ---- | M] () -- C:\Documents and Settings\Michelle Huey\Desktop\missing_0.jpg
[2011/05/16 23:48:49 | 000,075,776 | ---- | M] () -- C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/12 14:13:43 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/05/10 08:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/05/10 08:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/05/10 08:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/05/10 08:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/05/10 08:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/05/10 08:02:25 | 000,102,616 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/05/10 08:02:22 | 000,096,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/05/10 07:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/05/10 07:59:37 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/05/10 07:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[6 C:\Documents and Settings\All Users\Documents\*.tmp files -> C:\Documents and Settings\All Users\Documents\*.tmp -> ]
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/31 21:29:32 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Michelle Huey\Desktop\MBR.dat
[2011/05/31 21:28:22 | 000,879,092 | ---- | C] () -- C:\Documents and Settings\Michelle Huey\Desktop\SecurityCheck.exe
[2011/05/31 19:24:11 | 1072,766,976 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/31 17:35:27 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/05/31 17:35:27 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/05/31 17:35:27 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/05/31 17:35:27 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/05/31 17:35:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/05/28 22:55:26 | 000,017,610 | -HS- | C] () -- C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\245337r41f060nm5sc34053da45p08wb8sf13d412u
[2011/05/28 22:55:26 | 000,017,610 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\245337r41f060nm5sc34053da45p08wb8sf13d412u
[2011/05/24 16:07:07 | 000,000,564 | ---- | C] () -- C:\WINDOWS\tasks\PCDoctorBackgroundMonitorTask.job
[2011/05/23 00:55:50 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/21 21:59:53 | 000,049,787 | ---- | C] () -- C:\Documents and Settings\Michelle Huey\Desktop\missing_0.jpg
[2011/05/12 14:13:43 | 000,001,729 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/03/05 04:17:50 | 000,337,208 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/12/10 19:41:19 | 000,000,026 | ---- | C] () -- C:\WINDOWS\MINIvue.INI
[2009/10/28 12:46:53 | 000,048,920 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/05/14 15:29:30 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2009/05/10 16:35:20 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/05/10 16:35:16 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/05/10 16:35:16 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/05/10 16:35:16 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/05/10 16:35:14 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/12/24 21:31:52 | 000,000,043 | ---- | C] () -- C:\WINDOWS\INSTALL.INI
[2008/11/22 17:19:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini
[2008/11/22 17:19:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini
[2008/09/29 19:58:09 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll
[2008/09/29 19:58:09 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\unrar3.dll
[2008/09/29 19:58:09 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll
[2008/09/29 19:58:09 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll
[2008/01/07 00:51:41 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2007/11/03 14:39:59 | 000,009,728 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/07/05 19:39:19 | 000,000,594 | ---- | C] () -- C:\Documents and Settings\Michelle Huey\Application Data\AutoGK.ini
[2006/07/31 18:44:54 | 000,001,136 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2006/06/17 23:38:02 | 000,003,021 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/04/12 07:59:50 | 000,107,134 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2006/04/12 07:57:05 | 000,003,473 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/02/11 16:05:18 | 000,000,034 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2005/11/28 12:47:54 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/02/04 00:40:40 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\FAXMON.DLL
[2005/02/04 00:40:35 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\PRNMON.DLL
[2005/02/04 00:40:35 | 000,000,508 | ---- | C] () -- C:\WINDOWS\SMSI.INI
[2004/12/22 00:45:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcfriend.INI
[2004/12/13 21:36:28 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2004/10/11 21:48:50 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/06/15 01:00:00 | 000,077,321 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2004/03/16 23:38:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TEXTART.INI
[2004/02/03 19:20:37 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/10/06 16:16:00 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll
[2003/09/25 20:26:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2003/09/14 09:26:45 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2003/09/07 17:08:38 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/08/24 13:47:41 | 000,000,021 | ---- | C] () -- C:\WINDOWS\DVDSentry.ini
[2003/08/14 21:21:24 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2003/08/03 00:18:27 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI
[2003/08/03 00:14:19 | 000,000,588 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2003/06/21 22:20:28 | 000,000,133 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2003/06/21 22:20:17 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2003/04/26 19:37:04 | 000,005,829 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2003/04/21 13:08:05 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Michelle Huey\Application Data\PFP100JPR.{PB
[2003/04/21 13:08:05 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Michelle Huey\Application Data\PFP100JCM.{PB
[2003/04/20 17:37:44 | 000,075,776 | ---- | C] () -- C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/04/17 07:57:12 | 000,004,094 | ---- | C] () -- C:\WINDOWS\System32\rtcsses.dll
[2003/04/17 07:57:12 | 000,004,094 | ---- | C] () -- C:\WINDOWS\System32\dimces.dll
[2003/04/14 14:13:22 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2003/04/14 14:10:38 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2003/04/14 14:03:12 | 000,000,185 | ---- | C] () -- C:\WINDOWS\intuprof.ini
[2003/04/14 14:03:08 | 000,000,797 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2003/04/14 14:03:07 | 000,007,406 | ---- | C] () -- C:\WINDOWS\ICOADB32.DAT
[2003/04/14 13:56:54 | 000,000,882 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2003/04/14 13:50:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\BOOTSTAT.DAT
[2003/04/14 13:48:40 | 000,434,566 | ---- | C] () -- C:\WINDOWS\System32\PERFH009.DAT
[2003/04/14 13:48:40 | 000,068,470 | ---- | C] () -- C:\WINDOWS\System32\PERFC009.DAT
[2003/04/14 13:37:28 | 000,000,550 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2002/11/22 12:50:06 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\hpodinet.dll
[2002/11/22 12:49:18 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[2002/11/22 12:48:32 | 000,004,760 | ---- | C] () -- C:\WINDOWS\hphmdl11.dat
[2002/09/03 10:05:08 | 000,203,328 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/09/03 09:59:14 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/03 09:56:30 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/09/03 09:31:46 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.BIN
[2002/09/03 09:31:44 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\OEMBIOS.DAT
[2002/08/29 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\MLANG.DAT
[2002/08/29 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\PERFI009.DAT
[2002/08/29 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\DSSEC.DAT
[2002/08/29 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\MIB.BIN
[2002/08/29 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\PERFD009.DAT
[2002/08/29 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/08/29 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2002/02/06 10:04:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\NMSInst.dll
[2002/01/21 15:17:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PROInst.dll
[2001/08/03 20:22:00 | 000,182,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAVAP.SYS
[2000/01/06 20:00:00 | 000,024,448 | ---- | C] () -- C:\WINDOWS\sysgtime.dll
[2000/01/06 20:00:00 | 000,024,448 | ---- | C] () -- C:\WINDOWS\System32\proclsvr.drv

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >
[2007/07/02 20:34:07 | 000,001,610 | -H-- | M] () -- C:\Documents and Settings\Michelle Huey\Application Data\Microsoft\LastFlashConfig.WFC

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2011/05/31 21:26:12 | 000,586,240 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Michelle Huey\Desktop\aswMBR.exe
[2011/04/18 21:08:49 | 009,577,776 | ---- | M] (PlotSoft LLC) -- C:\Documents and Settings\Michelle Huey\Desktop\PDFill.exe
[2011/05/31 21:28:27 | 000,879,092 | ---- | M] () -- C:\Documents and Settings\Michelle Huey\Desktop\SecurityCheck.exe
[2009/12/15 22:47:18 | 014,270,003 | ---- | M] () -- C:\Documents and Settings\Michelle Huey\Desktop\TVersitySetup_1_7_2_1.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/05/23 00:55:36 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011/05/23 00:55:37 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/05/23 00:55:40 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/05/23 00:55:41 | 000,261,080 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2002/08/29 06:00:00 | 000,127,213 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\SYSTEM32\EGA.CPI
[2002/09/03 09:53:38 | 000,000,000 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\SYSTEM32\H323LOG.TXT
[2008/04/13 11:42:06 | 000,016,896 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SYSTEM32\stdole2.tlb
[2009/12/15 22:49:28 | 000,000,000 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\SYSTEM32\TVersityMediaServer.log
[4 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2008/01/07 01:10:38 | 000,000,000 | ---D | M] -- C:\Program Files\Acro Software
[2009/01/11 19:35:55 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2008/06/08 13:34:00 | 000,000,000 | ---D | M] -- C:\Program Files\AIM
[2004/05/26 22:22:38 | 000,000,000 | ---D | M] -- C:\Program Files\AIM95
[2010/09/04 23:33:52 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2008/06/04 09:30:23 | 000,000,000 | ---D | M] -- C:\Program Files\aod
[2008/06/08 13:33:23 | 000,000,000 | ---D | M] -- C:\Program Files\AOL
[2010/12/06 19:50:34 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2007/05/18 14:20:33 | 000,000,000 | ---D | M] -- C:\Program Files\Audacity
[2010/03/20 20:31:20 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2007/07/06 06:17:04 | 000,000,000 | ---D | M] -- C:\Program Files\AviSynth 2.5
[2004/06/17 20:54:13 | 000,000,000 | ---D | M] -- C:\Program Files\AWS
[2010/12/06 19:47:17 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2006/11/12 15:44:16 | 000,000,000 | ---D | M] -- C:\Program Files\Britannica
[2010/07/21 13:06:28 | 000,000,000 | ---D | M] -- C:\Program Files\Brother
[2011/03/02 17:11:11 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2010/10/06 00:36:33 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2003/04/14 13:36:24 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2003/04/14 13:47:36 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2003/04/14 14:06:56 | 000,000,000 | ---D | M] -- C:\Program Files\Corel
[2010/08/02 08:52:25 | 000,000,000 | ---D | M] -- C:\Program Files\Coupons
[2003/04/14 14:00:50 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2010/07/11 17:00:25 | 000,000,000 | ---D | M] -- C:\Program Files\Defraggler
[2005/11/17 04:14:03 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2003/04/14 14:03:41 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Computer
[2011/05/24 16:06:57 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2007/04/10 22:48:24 | 000,000,000 | ---D | M] -- C:\Program Files\DellSupport
[2003/04/14 14:00:35 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2008/08/17 18:46:31 | 000,000,000 | ---D | M] -- C:\Program Files\Disney
[2008/03/14 18:19:40 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2010/05/02 17:07:18 | 000,000,000 | ---D | M] -- C:\Program Files\Duplicate Cleaner
[2009/10/05 04:07:15 | 000,000,000 | ---D | M] -- C:\Program Files\Easy Video Splitter
[2010/07/07 07:39:15 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2009/12/19 02:03:25 | 000,000,000 | ---D | M] -- C:\Program Files\Executive Software
[2008/09/30 16:57:12 | 000,000,000 | ---D | M] -- C:\Program Files\Exterminate It!
[2008/03/14 18:19:41 | 000,000,000 | ---D | M] -- C:\Program Files\FaceOnBody
[2010/07/05 12:13:36 | 000,000,000 | ---D | M] -- C:\Program Files\Free Offers from Freeze.com
[2007/07/06 06:17:25 | 000,000,000 | ---D | M] -- C:\Program Files\Gabest
[2010/01/29 21:28:34 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/01/06 20:29:38 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2005/03/07 21:41:26 | 000,000,000 | ---D | M] -- C:\Program Files\HOTLLAMA MEDIA
[2006/02/11 15:59:13 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2006/02/11 16:03:27 | 000,000,000 | ---D | M] -- C:\Program Files\HP Photosmart 11
[2010/01/06 20:29:47 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2003/04/14 13:58:25 | 000,000,000 | ---D | M] -- C:\Program Files\intel
[2003/09/25 20:26:42 | 000,000,000 | ---D | M] -- C:\Program Files\InterActual
[2011/04/14 03:11:09 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2009/09/27 12:11:42 | 000,000,000 | ---D | M] -- C:\Program Files\iPhone Configuration Utility
[2011/01/09 13:13:58 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2004/06/09 15:14:58 | 000,000,000 | ---D | M] -- C:\Program Files\iSilo
[2011/01/09 13:14:56 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2009/03/14 00:20:26 | 000,000,000 | ---D | M] -- C:\Program Files\JAM Software
[2003/04/14 14:02:21 | 000,000,000 | ---D | M] -- C:\Program Files\Jasc Software Inc
[2010/08/30 20:25:48 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2008/03/14 18:19:41 | 000,000,000 | ---D | M] -- C:\Program Files\Juno6
[2009/05/10 16:58:23 | 000,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack
[2011/04/28 17:15:37 | 000,000,000 | ---D | M] -- C:\Program Files\Kodak
[2010/10/06 00:36:28 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2010/12/16 12:24:47 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn
[2011/05/11 22:56:05 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/08/31 16:00:54 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2003/09/07 17:07:43 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2006/05/01 21:33:11 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft AntiSpyware
[2007/05/09 03:12:38 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2003/04/14 13:36:26 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2010/04/26 12:00:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/04/21 03:00:53 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2008/03/14 18:19:48 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Helper
[2010/08/11 03:02:44 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/05/23 00:58:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/07/05 01:37:04 | 000,000,000 | ---D | M] -- C:\Program Files\MP3 Rocket
[2007/07/05 08:25:08 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2010/04/26 11:59:37 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2009/10/04 13:52:19 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2006/04/18 00:07:37 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Games
[2003/04/14 13:36:24 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2006/10/14 03:03:17 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2007/08/15 03:12:26 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2006/11/12 15:43:09 | 000,000,000 | ---D | M] -- C:\Program Files\Multi-Function Link II
[2008/05/20 07:31:04 | 000,000,000 | ---D | M] -- C:\Program Files\MUSICMATCH
[2010/10/12 18:50:40 | 000,000,000 | ---D | M] -- C:\Program Files\MySpace
[2008/08/31 15:41:52 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2006/02/26 15:46:01 | 000,000,000 | ---D | M] -- C:\Program Files\OfficeUpdate11
[2003/04/14 13:36:24 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2011/01/22 20:34:36 | 000,000,000 | ---D | M] -- C:\Program Files\OurBabyMaker_27EI
[2010/12/16 04:00:38 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2011/01/13 12:13:23 | 000,000,000 | ---D | M] -- C:\Program Files\PeerBlock
[2009/12/09 20:30:24 | 000,000,000 | ---D | M] -- C:\Program Files\PeerGuardian2
[2003/09/14 09:52:52 | 000,000,000 | ---D | M] -- C:\Program Files\PIXELA
[2011/04/18 21:10:53 | 000,000,000 | ---D | M] -- C:\Program Files\PlotSoft
[2007/02/04 19:22:29 | 000,000,000 | ---D | M] -- C:\Program Files\Project64 1.6
[2008/11/22 17:19:48 | 000,000,000 | ---D | M] -- C:\Program Files\QUICKENW
[2011/01/09 13:04:14 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2009/12/12 11:45:26 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2007/07/05 08:15:28 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2008/10/12 17:22:30 | 000,000,000 | ---D | M] -- C:\Program Files\RogueRemover FREE
[2003/04/14 14:11:33 | 000,000,000 | ---D | M] -- C:\Program Files\Roxio
[2011/01/09 13:06:40 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2006/07/27 22:31:52 | 000,000,000 | ---D | M] -- C:\Program Files\SmartDraw 7
[2011/01/13 18:57:36 | 000,000,000 | ---D | M] -- C:\Program Files\Snapshot Viewer
[2010/10/06 00:38:40 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2005/11/17 21:12:43 | 000,000,000 | ---D | M] -- C:\Program Files\Support.com
[2008/03/14 18:19:50 | 000,000,000 | ---D | M] -- C:\Program Files\tcConference
[2006/11/12 15:45:50 | 000,000,000 | ---D | M] -- C:\Program Files\The Weather Channel FW
[2007/12/09 16:40:49 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom DesktopSuite
[2009/03/21 20:36:49 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom HOME 2
[2009/03/21 20:37:57 | 000,000,000 | ---D | M] -- C:\Program Files\TomTom International B.V
[2010/12/09 14:51:40 | 000,000,000 | ---D | M] -- C:\Program Files\Tracker Software
[2006/06/20 08:25:03 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2009/01/11 17:41:27 | 000,000,000 | ---D | M] -- C:\Program Files\Trojan Remover
[2009/12/15 22:48:22 | 000,000,000 | ---D | M] -- C:\Program Files\TVersity
[2010/09/26 21:51:35 | 000,000,000 | ---D | M] -- C:\Program Files\TVersity Codec Pack
[2007/11/03 14:39:34 | 000,000,000 | ---D | M] -- C:\Program Files\Uniblue
[2004/09/07 13:11:27 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2009/03/08 17:02:51 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2010/12/09 15:44:04 | 000,000,000 | ---D | M] -- C:\Program Files\VeryPDF PDF Editor v2.6
[2009/01/11 12:37:58 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2009/01/11 19:30:55 | 000,000,000 | ---D | M] -- C:\Program Files\WildTangent
[2006/12/06 09:00:17 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2008/08/31 15:41:43 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/08/31 15:41:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2006/01/16 00:16:24 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2007/11/03 14:30:45 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2011/05/31 18:55:21 | 000,000,000 | ---D | M] -- C:\Program Files\Winspy
[2007/06/10 09:25:52 | 000,000,000 | ---D | M] -- C:\Program Files\Wise Registry Cleaner
[2003/10/07 21:47:54 | 000,000,000 | ---D | M] -- C:\Program Files\WS_FTP
[2003/04/14 13:36:26 | 000,000,000 | ---D | M] -- C:\Program Files\XEROX
[2009/05/11 03:32:20 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid
[2006/11/11 10:57:20 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!


< MD5 for: AGP440.SYS >
[2004/10/12 21:54:51 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:AGP440.sys
[2008/08/31 15:24:30 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp3.cab:AGP440.sys
[2004/10/12 21:54:51 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008/08/31 15:24:30 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SYSTEM32\DRIVERS\agp440.sys
[2001/08/17 14:58:00 | 000,025,472 | ---- | M] (Microsoft Corporation) MD5=65880045C51AA36184841CEE915A61DF -- C:\I386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2002/08/29 06:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\I386\sp1.cab:atapi.sys
[2002/08/29 06:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp1.cab:atapi.sys
[2004/10/12 21:54:51 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:atapi.sys
[2008/08/31 15:24:30 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp3.cab:atapi.sys
[2004/10/12 21:54:51 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008/08/31 15:24:30 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002/10/16 18:31:10 | 000,087,040 | ---- | M] (Microsoft Corporation) MD5=3DF589B9A15FF9EF4AA499F98C1C16D5 -- C:\I386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys

< MD5 for: DISK.SYS >
[2002/08/29 06:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\I386\sp1.cab:disk.sys
[2002/08/29 06:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp1.cab:disk.sys
[2004/10/12 21:54:51 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp2.cab:disk.sys
[2008/08/31 15:24:30 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\I386\sp3.cab:disk.sys
[2004/10/12 21:54:51 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys
[2008/08/31 15:24:30 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SYSTEM32\DRIVERS\disk.sys
[2002/08/29 06:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) MD5=D1B16340CEACEECBF52340A0CBDF43E1 -- C:\I386\DISK.SYS

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SYSTEM32\netlogon.dll
[2002/08/29 06:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=3ADD563ED7A1C66E6F5E0F7A661AA96D -- C:\I386\NETLOGON.DLL

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-05-31 23:29:58

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/23 00:55:41 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/23 00:55:41 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/23 00:55:41 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\ili.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe"
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/23 00:55:37 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\ili.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\ili.exe" -a "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" [2002/08/29 06:00:00 | 000,094,208 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2010/11/03 20:11:24 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2010/11/03 20:11:24 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2010/11/03 20:11:24 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2010/11/03 20:11:24 | 002,388,264 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/23 00:55:41 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/23 00:55:41 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/23 00:55:41 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: "C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\ili.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe"
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/23 00:55:37 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\ili.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/02/18 07:49:53 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\ili.exe" -a "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\MSN Explorer\shell\open\command\\: "C:\Program Files\MSN\MSNCoreFiles\MSN6.EXE" [2002/08/29 06:00:00 | 000,094,208 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2010/11/03 20:11:24 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2010/11/03 20:11:24 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2010/11/03 20:11:24 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2010/11/03 20:11:24 | 002,388,264 | ---- | M] (Apple Inc.)

========== Alternate Data Streams ==========

@Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9

< End of report >

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?1st June 2011, 10:31 pm

more_horiz
okay, security check finally finished after 3rd try...


Results of screen317's Security Check version 0.99.12
Windows XP Service Pack 3
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
avast! Free Antivirus
ESET Online Scanner v3
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
Duplicate Cleaner 1.4.5
Java(TM) 6 Update 21
Out of date Java installed!
Adobe Flash Player 10.3.181.14
Adobe Reader 9.4.4
Chinese Traditional Fonts Support For Adobe Reader 9
Out of date Adobe Reader installed!
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSMpEng.exe
Windows Defender MsMpEng.exe
Alwil Software Avast5 AvastSvc.exe
``````````End of Log````````````

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?5th June 2011, 2:09 pm

more_horiz
Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
    O35 - HKCU\..exefile [open] -- "C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\ili.exe" -a "%1" %*
    O37 - HKCU\...exe [@ = exefile] -- "C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\ili.exe" -a "%1" %*
    [2011/05/31 09:11:38 | 000,017,610 | -HS- | M] () -- C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\245337r41f060nm5sc34053da45p08wb8sf13d412u
    [2011/05/31 09:11:38 | 000,017,610 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\245337r41f060nm5sc34053da45p08wb8sf13d412u


  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Microsoft Security Center Virus? DXwU4
Microsoft Security Center Virus? VvYDg

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?5th June 2011, 4:49 pm

more_horiz
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Classes\exefile\shell\open\command\\'' updated successfully.
File "C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\ili.exe" -a "%1" %* not found.
Registry key HKEY_CURRENT_USER\Software\Classes\.exe\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Classes\exefile\ deleted successfully.
HKEY_LOCAL_MACHINE\Software\Classes\.exe\\|exefile /E : value set successfully!
C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\245337r41f060nm5sc34053da45p08wb8sf13d412u moved successfully.
C:\Documents and Settings\All Users\Application Data\245337r41f060nm5sc34053da45p08wb8sf13d412u moved successfully.

OTL by OldTimer - Version 3.2.23.0 log created on 06052011_124819

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?6th June 2011, 8:35 pm

more_horiz
Hello.

  • Download combofix from here
    Link 1

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:

    Microsoft Security Center Virus? CF_download_FF

    Microsoft Security Center Virus? CF_download_rename

    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See HERE for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.

    Microsoft Security Center Virus? Cf410

  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes

    Microsoft Security Center Virus? Cf510

  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Microsoft Security Center Virus? DXwU4
Microsoft Security Center Virus? VvYDg

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?7th June 2011, 1:48 am

more_horiz
ComboFix 11-06-06.02 - Michelle Huey 06/06/2011 20:21:10.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.423 [GMT -4:00]
Running from: c:\documents and settings\Michelle Huey\Desktop\Combo-Fix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\PCDr\5830\Downloads\7dbfef1a-6148-4748-a1b3-71627763a45a.dll
c:\documents and settings\All Users\Application Data\PCDr\5830\Downloads\bf647bd7-dfb5-4746-a6b4-b7c2fdbbf3b1.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-05-07 to 2011-06-07 )))))))))))))))))))))))))))))))
.
.
2011-06-05 16:48 . 2011-06-05 16:48 -------- d-----w- C:\_OTL
2011-06-03 06:30 . 2011-05-09 20:46 6962000 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{0D0D878E-54AF-4BB8-8436-271E5470B6A6}\mpengine.dll
2011-06-02 14:14 . 2011-06-02 14:14 -------- d-----w- c:\program files\Common Files\Java
2011-06-02 14:14 . 2011-04-14 09:08 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-05-31 21:31 . 2011-05-31 21:31 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2011-05-31 20:27 . 2011-05-10 12:03 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-27 15:29 . 2011-06-06 02:30 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-24 20:07 . 2011-05-24 20:07 -------- d-----w- c:\documents and settings\Michelle Huey\Application Data\Dell
2011-05-23 04:55 . 2011-05-23 04:55 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-05-23 04:55 . 2011-05-23 04:55 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-05-23 04:55 . 2011-05-23 04:55 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-05-23 04:55 . 2011-05-23 04:55 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-05-23 04:55 . 2011-05-23 04:55 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-05-23 04:55 . 2011-05-23 04:55 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-05-23 04:55 . 2011-05-23 04:55 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-05-23 04:55 . 2011-05-23 04:55 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-05-22 02:04 . 2011-05-22 02:04 -------- d-----w- c:\documents and settings\Michelle Huey\Local Settings\Application Data\Yahoo!
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-29 13:11 . 2009-01-11 18:01 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-29 13:11 . 2009-01-11 18:01 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-10 12:10 . 2010-09-05 03:33 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2010-09-05 03:33 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:03 . 2010-09-05 03:34 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2010-09-05 03:34 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 12:02 . 2010-09-05 03:34 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-05-10 12:02 . 2010-09-05 03:34 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-05-10 11:59 . 2010-09-05 03:34 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2010-09-05 03:34 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-05-10 11:59 . 2010-09-05 03:34 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-09 20:46 . 2006-05-02 01:50 6962000 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-04-14 09:07 . 2010-05-02 16:10 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-14 06:40 . 2010-07-05 00:02 73728 ----a-w- c:\windows\system32\javacpl.cpl
2003-05-25 15:46 . 2003-05-25 15:05 8839120 ----a-w- c:\program files\AcroReader51_ENU.exe
2011-05-23 04:55 . 2011-05-23 04:55 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-31 68856]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2010-08-24 247144]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2003-10-06 741376]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-10-06 5058560]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"Conime"="c:\windows\system32\conime.exe" [2008-04-14 27648]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]
"EKIJ5000StatusMonitor"="c:\windows\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe" [2011-03-03 2510848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-12-15 16:16 87424 ----a-w- c:\windows\SYSTEM32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\SYSTEM32\\mmc.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Hewlett-Packard\\HP DreamScreen PC Software\\httpsvr.exe"=
"c:\\Program Files\\Hewlett-Packard\\HP DreamScreen PC Software\\pcsw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\TVersity\\Media Server\\MediaServer.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\Michelle Huey\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\AiOHomeCenter.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\Kodak.Statistics.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\NetworkPrinterDiscovery.exe"=
"c:\\Program Files\\Kodak\\AiO\\Firmware\\KodakAiOUpdater.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kodak\\Installer\\Setup.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1900:UDP"= 1900:UDP:@xpsp2res.dll,-22007
"2869:TCP"= 2869:TCP:@xpsp2res.dll,-22008
"9322:TCP"= 9322:TCP:EKDiscovery
"5353:UDP"= 5353:UDP:Bonjour Port 5353
.
R1 aswSnx;aswSnx;c:\windows\SYSTEM32\DRIVERS\aswSnx.sys [5/31/2011 4:27 PM 441176]
R1 aswSP;aswSP;c:\windows\SYSTEM32\DRIVERS\aswSP.sys [9/4/2010 11:34 PM 307928]
R2 aswFsBlk;aswFsBlk;c:\windows\SYSTEM32\DRIVERS\aswFsBlk.sys [9/4/2010 11:34 PM 19544]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\Kodak\AiO\Center\EKAiOHostService.exe [3/9/2011 1:29 PM 366000]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [10/23/2010 8:23 PM 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [8/11/2008 1:41 PM 12856]
R2 mrtRate;mrtRate;c:\windows\SYSTEM32\DRIVERS\MrtRate.sys [4/14/2003 2:03 PM 34712]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [8/24/2010 5:38 AM 92008]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/29/2010 9:28 PM 135664]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/29/2010 9:28 PM 135664]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [1/10/2010 10:50 AM 15960]
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 16:50]
.
2011-06-06 c:\windows\Tasks\Defraggler Volume C Task.job
- c:\program files\Defraggler\df.exe [2010-06-18 18:47]
.
2011-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 01:28]
.
2011-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 01:28]
.
2011-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3522966352-991782971-1210456705-1006Core.job
- c:\documents and settings\Michelle Huey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-05 12:45]
.
2011-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3522966352-991782971-1210456705-1006UA.job
- c:\documents and settings\Michelle Huey\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-01-05 12:45]
.
2011-06-06 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 23:20]
.
2011-05-24 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-05-16 22:16]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 208.67.222.222 208.67.220.220 76.85.229.110
TCP: Interfaces\{B2544E4D-4581-4C6D-B2E4-D742F7589491}: NameServer = 208.67.222.222,208.67.220.220
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {0D136D67-D293-4626-8C93-D12CF78E4590} - hxxp://67.19.231.218/ivocalize/tc4.cab
DPF: {C77FB8C0-8B6D-440E-AC26-2BD39E97E8F2} - hxxp://speedtest.adelphia.net/customerdiag/speedtest/SPEEDTESTACTIVEX.CAB
FF - ProfilePath - c:\documents and settings\Michelle Huey\Application Data\Mozilla\Firefox\Profiles\i5adjgi8.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-06 20:33
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(692)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
Completion time: 2011-06-06 20:39:58
ComboFix-quarantined-files.txt 2011-06-07 00:39
ComboFix2.txt 2011-05-31 21:46
ComboFix3.txt 2010-09-04 01:48
.
Pre-Run: 3,706,388,480 bytes free
Post-Run: 4,079,329,280 bytes free
.
Current=1 Default=1 Failed=4 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 8B66AC845B4EC5E291AD7C62B37390F9

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?7th June 2011, 6:16 pm

more_horiz
Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Microsoft Security Center Virus? DXwU4
Microsoft Security Center Virus? VvYDg

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?9th June 2011, 1:45 pm

more_horiz
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6526
# api_version=3.0.2
# EOSSerial=2115ca037578c84687f4ae0a671c49e9
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-06-09 01:40:44
# local_time=2011-06-09 09:40:44 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 155895470 155895470 0 0
# compatibility_mode=768 16777215 100 0 23044141 23044141 0 0
# compatibility_mode=1024 16777215 100 0 37570293 37570293 0 0
# compatibility_mode=6143 16777215 0 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 28199018 28199018 0 0
# scanned=96061
# found=0
# cleaned=0
# scan_time=3511

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?9th June 2011, 3:44 pm

more_horiz
Hello.

I see that you are running µTorrent.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    µTorrent
    Adobe Reader 9.4.4
    Java(TM) 6 Update 21

Updating Java:

  • Download the latest version of Java SE Runtime Environment (JRE) 6 Update 26.
  • Click the "Download JRE" button to the right.
  • In the Window that opens, select your platform, check the "agree" box, and click Continue.
  • Click on the link to download Windows Offline Installation and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Then from your desktop double-click on jre-6u26-windows-i586.exe that you downloaded to install the newest version.

Then download and install Adobe Reader X

How is the machine running now?

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Microsoft Security Center Virus? DXwU4
Microsoft Security Center Virus? VvYDg

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?10th June 2011, 7:19 am

more_horiz
Machine was running perfectly until I removed Adobe Reader 9.4.4. Now I can't open .pdf files. Also, tried to update JRE to Update 26 and process continued to fail and wound not update. System tray icons were present before all of this and after a restart they are missing again. Seems like I'm back to square one with same and different problems now.

the error code for the JRE update is: internal error 2753 regutils.dll


Last edited by pklong on 10th June 2011, 7:28 am; edited 1 time in total (Reason for editing : forgot to add error code for JRE)

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?10th June 2011, 1:32 pm

more_horiz
Did you install Adobe Reader X? you should be able to open pdf files once you install that.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
Microsoft Security Center Virus? DXwU4
Microsoft Security Center Virus? VvYDg

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?21st June 2011, 3:14 pm

more_horiz
sorry for the delayed response, my computer monitor died so i'm just now getting back online. yes, i installed adobe reader x and cannot open .pdf's. system tray icons are missing, and computer is back to same issues again. computer was normal until uninstalling adobe. ideas?

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?22nd June 2011, 1:20 am

more_horiz
Hi,

What do you get when you try to open .pdfs?

............................................................................................

I'm livin' life in the fast lane.

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?22nd June 2011, 1:58 am

more_horiz
decided to uninstall and re-install adobe reader-x to rule out corruption and now can open .pdf files. however the system tray/task bar icons are still missing.

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?23rd June 2011, 4:56 am

more_horiz
Try this:

1. Back up the Registry by creating a restore point.
2. Go to Start > Run (or Windows-key + R), type in regedit and hit OK.
3. Navigate to the key HKEY_CURRENT_USER\Software\Cla sses\Local Settings\Software\Microsoft\Wi ndows\CurrentVersion \TrayNotify.
4. Delete the values IconStreams and PastIconsStream.
5. Open up the Task Manager (Ctrl + Shift + Esc), go to the Processes tab, select explorer.exe and click End Process.
6. Open the Applications tab and click New Task at the bottom-right of the window.
7. In the message box that pops up type in explorer.exe and hit OK.
8. Explorer.exe will reload, and the missing icons should now be back in the system-tray where they belong.
9. Then if the volume bar isnt there, go to taskbar properties (where the volume was gray) and simply tick the box.

this should work, did for me!

From here: http://en.kioskea.net/forum/affich-31257-how-to-recover-lost-missing-system-tray-icon

............................................................................................

I'm livin' life in the fast lane.

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?23rd June 2011, 11:17 pm

more_horiz
awesome, finally back to normal function!! thanks so much!

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?24th June 2011, 6:35 am

more_horiz
You're welcome, glad to help. Smile...

............................................................................................

I'm livin' life in the fast lane.

descriptionMicrosoft Security Center Virus? EmptyRe: Microsoft Security Center Virus?

more_horiz
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum