Solved I keep getting a blue screen!?

[Resolved] I keep getting a blue screen!?

Hello. My name is Michele. I am pretty dumb when it comes to working a computer. I was working on it earlier today when a pop up showed up on my screen that said I had a virus. When followed it's instructions... I gave me a blue screen with a bunch of weird instructions. I can't restart my computer. It won't run in safe mode, safe mode with networking or normally. It also won't start with the most recent known working configuration. Please help me.
Thank you,
Michele.

 

OTL logfile created on: 11/4/2010 7:34:38 PM - Run
OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,022.00 Mb Total Physical Memory | 819.00 Mb Available Physical Memory | 80.00% Memory free
906.00 Mb Paging File | 857.00 Mb Available in Paging File | 95.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 71.05 Gb Total Space | 51.27 Gb Free Space | 72.16% Space Free | Partition Type: NTFS
Drive X: | 434.99 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/11/03 17:41:36 | 000,053,248 | ---- | M] () [Auto] -- C:\WINDOWS\SYSTEM32\6to4v32.dll -- (6to4)
SRV - [2010/11/03 13:24:40 | 000,249,856 | ---- | M] (CJSC Computing Forces) [Auto] -- C:\WINDOWS\SYSTEM32\sshnas21.dll -- (SSHNAS)
SRV - [2010/05/14 11:00:26 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2004/10/25 17:13:32 | 000,421,888 | ---- | M] (Dell) [On_Demand] -- C:\WINDOWS\System32\dlbucoms.exe -- (dlbu_device)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (bvrp_pci)
DRV - [2010/11/03 20:31:23 | 000,760,320 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\rlhzypv.sys -- (rlhzypv)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/04/13 14:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usb8023.sys -- (USB_RNDIS_XP)
DRV - [2008/04/13 14:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 14:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 14:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2007/08/07 20:53:37 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2005/10/06 15:17:34 | 000,280,576 | ---- | M] (Marvell Semiconductor, Inc) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\WG311v3XP.sys -- (W8335XP) NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335)
DRV - [2005/05/27 09:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005/02/23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\afc.sys -- (Afc)
DRV - [2004/12/06 02:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\SYSTEM32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/06 02:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\SYSTEM32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/06 02:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\SYSTEM32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/06 02:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\SYSTEM32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/06 02:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\SYSTEM32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/06 02:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\SYSTEM32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/06 02:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\SYSTEM32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/06 02:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\SYSTEM32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/06 02:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\SYSTEM32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 04:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 03:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto] -- C:\WINDOWS\SYSTEM32\DRIVERS\drvnddm.sys -- (drvnddm)
DRV - [2004/10/08 11:59:12 | 000,326,656 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\Camdrl.sys -- (CamDrL) Logitech QuickCam Pro 3000(CamDrl)
DRV - [2004/09/17 10:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys -- (senfilt)
DRV - [2004/08/03 23:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS -- (nv)
DRV - [2004/07/14 12:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 12:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssrtln.sys -- (ssrtln)
DRV - [2004/06/15 23:52:40 | 000,061,157 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys -- (IntelC53)
DRV - [2004/03/05 23:15:34 | 000,647,929 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys -- (IntelC52)
DRV - [2004/03/05 23:14:42 | 001,233,525 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys -- (IntelC51)
DRV - [2004/03/05 23:13:38 | 000,037,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys -- (mohfilt)
DRV - [2001/08/17 15:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SPARROW.SYS -- (Sparrow)
DRV - [2001/08/17 15:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYM_U3.SYS -- (sym_u3)
DRV - [2001/08/17 15:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYM_HI.SYS -- (sym_hi)
DRV - [2001/08/17 15:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMC8XX.SYS -- (symc8xx)
DRV - [2001/08/17 15:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMC810.SYS -- (symc810)
DRV - [2001/08/17 14:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ULTRA.SYS -- (ultra)
DRV - [2001/08/17 14:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\QL12160.SYS -- (ql12160)
DRV - [2001/08/17 14:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\QL1080.SYS -- (ql1080)
DRV - [2001/08/17 14:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\QL1280.SYS -- (ql1280)
DRV - [2001/08/17 14:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\DAC2W2K.SYS -- (dac2w2k)
DRV - [2001/08/17 14:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\MRAID35X.SYS -- (mraid35x)
DRV - [2001/08/17 14:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ASC.SYS -- (asc)
DRV - [2001/08/17 14:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ASC3550.SYS -- (asc3550)
DRV - [2001/08/17 14:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\ALIIDE.SYS -- (AliIde)
DRV - [2001/08/17 14:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot] -- C:\WINDOWS\SYSTEM32\DRIVERS\CMDIDE.SYS -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Ben_Kace_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Ben_Kace_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\Ben_Kace_ON_C\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - Reg Error: Key error. File not found
IE - HKU\Ben_Kace_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\Michele_D._Diaz_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
IE - HKU\Michele_D._Diaz_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\Michele_D._Diaz_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\Michele_D._Diaz_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=ZUGO&form=ZGAPHP
IE - HKU\Michele_D._Diaz_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\Michele_D._Diaz_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\Michele_D._Diaz_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9A 5D 6B 46 DF EB CA 01 [binary data]
IE - HKU\Michele_D._Diaz_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.msn.com/
IE - HKU\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50370



FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\Firefox [2009/11/14 20:23:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/06/13 15:19:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{4D192C12-712F-4E52-8881-E6E8AE2C2781}: C:\Documents and Settings\Michele D. Diaz\Local Settings\Application Data\{4D192C12-712F-4E52-8881-E6E8AE2C2781} [2010/11/03 12:29:27 | 000,000,000 | ---D | M]

[2008/02/24 11:23:50 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/01/27 09:03:16 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (C:\WINDOWS\system32\k63znmn.dll) - {B6BA40C1-A501-59BD-F413-03B03A2C8952} - C:\WINDOWS\SYSTEM32\k63znmn.dll ()
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (The Weather Channel Toolbar) - {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\WINDOWS\SYSTEM32\TwcToolbarIe7.dll ()
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\Ben_Kace_ON_C\..\Toolbar\WebBrowser: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No CLSID value found.
O3 - HKU\Michele_D._Diaz_ON_C\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\Michele_D._Diaz_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Michele_D._Diaz_ON_C\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [cftmon] C:\WINDOWS\SYSTEM32\oxvzs.exe (MetaQuotes Software Corp.)
O4 - HKLM..\Run: [Dell Photo AIO Printer 942] C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe ()
O4 - HKLM..\Run: [DellMCM] C:\Program Files\Dell Photo AIO Printer 942\memcard.exe ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [HNUIQ/OXRpZ] C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\mdm.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HNUIQ/OXRrxe] C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\system.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HNUIQ_OXRsch] C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\w7mnawxi.exe ()
O4 - HKLM..\Run: [KBStatusLED] C:\WINNT\KBStatusLED.exe File not found
O4 - HKLM..\Run: [KBStatusLED1] C:\WINDOWS\KBStatusLED.exe ()
O4 - HKLM..\Run: [MKcZ] C:\WINDOWS\mdm.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MKdw+] C:\WINDOWS\nvsvc32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files\MSN Toolbar\Platform\4.0.0346.1\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [svchost] C:\Documents and Settings\Michele D. Diaz\Application Data\Microsoft\svchost.exe ()
O4 - HKLM..\Run: [Unukide] C:\WINDOWS\urizetij.DLL (Ask.com)
O4 - HKLM..\Run: [uPc+MV0NseaXms] C:\WINDOWS\System32\ouqvgm.DLL ()
O4 - HKLM..\Run: [UpdateManager] C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe (Sonic Solutions)
O4 - HKU\.DEFAULT..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe File not found
O4 - HKU\.DEFAULT..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe File not found
O4 - HKU\Ben_Kace_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Ben_Kace_ON_C..\Run: [msnmsgr] C:\Program Files\MSN Messenger\msnmsgr.exe File not found
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [Adware_ProNET] C:\Program Files\AdwarePro\Adware_Pro.exe File not found
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [AdwareProMFCT] C:\Program Files\AdwarePro\AdwarePro.exe File not found
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [DnE] C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\winders.exe (MaoLXF)
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [GoogleHelper] C:\Documents and Settings\Michele D. Diaz\Application Data\svchost.exe ()
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [HNUIQ/OXRpZ] C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\mdm.exe (Microsoft Corporation)
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [HNUIQ/OXRrxe] C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\system.exe (Microsoft Corporation)
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [HNUIQ_OXRsch] C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\w7mnawxi.exe ()
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [MKcZ] C:\WINDOWS\mdm.exe (Microsoft Corporation)
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [MKdw+] C:\WINDOWS\nvsvc32.exe (Microsoft Corporation)
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [Myonu] C:\WINDOWS\wrmseE.DLL ()
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [U36VRSFLG6] C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\Cfd.exe (CJSC Computing Forces)
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [uPc+MV0NseaXms] C:\WINDOWS\System32\ouqvgm.DLL ()
O4 - HKU\Michele_D._Diaz_ON_C..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
F3 - HKU\Michele_D._Diaz_ON_C WinNT: Load - (C:\DOCUME~1\MICHEL~1.DIA\LOCALS~1\Temp\dwm.exe) - C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\dwm.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Ben_Kace_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Michele_D._Diaz_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Michele_D._Diaz_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 1
O7 - HKU\Michele_D._Diaz_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: GoogleService = C:\Documents and Settings\Michele D. Diaz\Application Data\svchost.exe ()
O7 - HKU\Michele_D._Diaz_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : The Weather Channel - {2E5E800E-6AC0-411E-940A-369530A35E43} - Reg Error: Value error. File not found
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab (Checkers Class)
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab (StagingUI Object)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/OAS/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-40e1-a617-af65a72a0465/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab (Minesweeper Flags Class)
O16 - DPF: {339234B4-4E14-4280-B8B4-8BAE5AF99063} http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab48295.cab (Chess Object)
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab32846.cab (ZoneBuddy Class)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/binframework/v10/ZPAChat.cab32846.cab (ZonePAChat Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab (Java Plug-in 1.5.0_04)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} http://a532.g.akamai.net/f/532/6712....akamai.com/6712/player/install/installer.exe (Virtools WebPlayer Class)
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/binframework/v10/StProxy.cab41227.cab (StadiumProxy Class)
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab (Solitaire Showdown Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.137,93.188.160.17
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (dfhclfhd.dll) - C:\WINDOWS\System32\dfhclfhd.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (MrvGINA.dll) - C:\WINDOWS\System32\MrvGINA.dll (Marvell(R))
O20 - HKU\Michele_D._Diaz_ON_C Winlogon: Shell - (C:\Documents and Settings\Michele D. Diaz\Application Data\hotfix.exe) - C:\Documents and Settings\Michele D. Diaz\Application Data\hotfix.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: wmpenv - {E9A0DAF5-3CB7-42F2-8266-17E361DE013B} - CLSID or File not found.
O22 - SharedTaskScheduler: {B6BA40C1-A501-59BD-F413-03B03A2C8952} - dfskea98e4iagjiufhg87df87u - C:\WINDOWS\SYSTEM32\k63znmn.dll ()
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/03 17:42:53 | 000,000,000 | ---D | C] -- C:\Program Files\Search Toolbar
[2010/11/03 17:42:32 | 000,060,004 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\nvsvc32.exe
[2010/11/03 17:42:29 | 000,060,004 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\mdm.exe
[2010/11/03 17:42:20 | 000,060,004 | -H-- | C] (Microsoft Corporation) -- C:\WINDOWS\taskmgr.exe
[2010/11/03 17:42:07 | 000,760,320 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\rlhzypv.sys
[2010/11/03 17:41:26 | 000,063,488 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\dfhclfhd.dll
[2010/11/03 13:26:05 | 000,200,704 | ---- | C] (CJSC Computing Forces) -- C:\WINDOWS\Chycua.exe
[2010/11/03 13:24:39 | 000,249,856 | ---- | C] (CJSC Computing Forces) -- C:\WINDOWS\System32\sshnas21.dll
[2010/11/03 13:22:23 | 000,412,160 | ---- | C] (MetaQuotes Software Corp.) -- C:\WINDOWS\System32\oxvzs.exe
[2010/11/03 12:39:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\IETldCache
[2010/11/03 12:29:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michele D. Diaz\Local Settings\Application Data\{4D192C12-712F-4E52-8881-E6E8AE2C2781}
[2010/11/03 12:22:09 | 000,412,160 | ---- | C] (MetaQuotes Software Corp.) -- C:\WINDOWS\System32\qssk.exe
[2010/11/02 16:34:55 | 000,000,000 | ---D | C] -- C:\Program Files\Games
[2010/10/15 22:30:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/10/15 22:30:47 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/10/15 22:30:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michele D. Diaz\Application Data\Skype
[2010/10/13 07:16:37 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2010/10/13 07:16:37 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/10/13 07:16:16 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2007/01/30 09:35:00 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbuiesc.dll
[2007/01/30 09:22:32 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbuinpa.dll
[2007/01/30 09:17:02 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\dlbuhbn3.dll
[2006/01/03 20:00:00 | 000,064,000 | -H-- | C] (Blog do Birungueta) -- C:\Documents and Settings\Michele D. Diaz\Application Data\d16ae85a.exe
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[20 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/03 20:31:23 | 000,760,320 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\WINDOWS\System32\drivers\rlhzypv.sys
[2010/11/03 17:45:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/11/03 17:44:18 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/11/03 17:44:18 | 000,000,266 | -H-- | M] () -- C:\WINDOWS\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010/11/03 17:44:08 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010/11/03 17:43:30 | 000,000,887 | ---- | M] () -- C:\Documents and Settings\Michele D. Diaz\Desktop\ThinkPoint.lnk
[2010/11/03 17:43:30 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\Michele D. Diaz\Application Data\install
[2010/11/03 17:42:42 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At24.job
[2010/11/03 17:42:42 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At23.job
[2010/11/03 17:42:42 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At22.job
[2010/11/03 17:42:32 | 000,060,004 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\nvsvc32.exe
[2010/11/03 17:42:30 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At21.job
[2010/11/03 17:42:30 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At20.job
[2010/11/03 17:42:30 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At19.job
[2010/11/03 17:42:30 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At18.job
[2010/11/03 17:42:30 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At17.job
[2010/11/03 17:42:29 | 000,060,004 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\mdm.exe
[2010/11/03 17:42:20 | 000,060,004 | -H-- | M] (Microsoft Corporation) -- C:\WINDOWS\taskmgr.exe
[2010/11/03 17:42:15 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At9.job
[2010/11/03 17:42:15 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At8.job
[2010/11/03 17:42:13 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At16.job
[2010/11/03 17:42:13 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At15.job
[2010/11/03 17:42:13 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At14.job
[2010/11/03 17:42:13 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At13.job
[2010/11/03 17:42:13 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At12.job
[2010/11/03 17:42:13 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At11.job
[2010/11/03 17:42:13 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At10.job
[2010/11/03 17:41:56 | 000,030,000 | ---- | M] () -- C:\WINDOWS\System32\ouqvgm.dll
[2010/11/03 17:41:56 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At7.job
[2010/11/03 17:41:56 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At6.job
[2010/11/03 17:41:56 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At5.job
[2010/11/03 17:41:56 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2010/11/03 17:41:56 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2010/11/03 17:41:56 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2010/11/03 17:41:56 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2010/11/03 17:41:53 | 000,030,000 | ---- | M] () -- C:\WINDOWS\System32\k63znmn.dll
[2010/11/03 17:41:42 | 000,671,232 | ---- | M] () -- C:\Documents and Settings\Michele D. Diaz\Application Data\hotfix.exe
[2010/11/03 17:41:42 | 000,000,222 | ---- | M] () -- C:\Documents and Settings\Michele D. Diaz\Application Data\dkfjasdfshd.bat
[2010/11/03 17:41:36 | 000,053,248 | ---- | M] () -- C:\WINDOWS\System32\6to4v32.dll
[2010/11/03 17:41:26 | 000,063,488 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\dfhclfhd.dll
[2010/11/03 17:40:07 | 000,000,227 | ---- | M] () -- C:\WINDOWS\System32\winset.ini
[2010/11/03 17:39:34 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/03 17:38:09 | 000,000,300 | -H-- | M] () -- C:\WINDOWS\tasks\d16ae85a.job
[2010/11/03 17:38:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/03 17:37:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/11/03 17:37:52 | 000,000,400 | ---- | M] () -- C:\WINDOWS\tasks\FileCure Startup.job
[2010/11/03 17:31:34 | 000,000,120 | ---- | M] () -- C:\WINDOWS\Xleturejada.dat
[2010/11/03 13:25:48 | 000,200,704 | ---- | M] (CJSC Computing Forces) -- C:\WINDOWS\Chycua.exe
[2010/11/03 13:24:40 | 000,249,856 | ---- | M] (CJSC Computing Forces) -- C:\WINDOWS\System32\sshnas21.dll
[2010/11/03 13:23:14 | 000,064,000 | -H-- | M] (Blog do Birungueta) -- C:\Documents and Settings\Michele D. Diaz\Application Data\d16ae85a.exe
[2010/11/03 13:22:23 | 000,412,160 | ---- | M] (MetaQuotes Software Corp.) -- C:\WINDOWS\System32\oxvzs.exe
[2010/11/03 13:22:23 | 000,000,229 | ---- | M] () -- C:\Documents and Settings\Michele D. Diaz\delme.bat
[2010/11/03 12:34:13 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{5E7A0306-2C4B-43EB-B07C-E1F2D26E39CF}.job
[2010/11/03 12:29:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\Atifu.bin
[2010/11/03 12:22:56 | 000,412,160 | ---- | M] (MetaQuotes Software Corp.) -- C:\WINDOWS\System32\qssk.exe
[2010/11/03 05:49:00 | 000,000,562 | ---- | M] () -- C:\WINDOWS\tasks\CounterSpy.job
[2010/11/03 01:38:00 | 000,000,438 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2010/11/02 23:37:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/11/02 18:00:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2010/11/02 16:34:56 | 000,001,886 | ---- | M] () -- C:\Documents and Settings\Michele D. Diaz\Desktop\Mahjong Towers Eternity.lnk
[2010/11/02 16:34:30 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Michele D. Diaz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/02 04:07:00 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\FileCure.job
[2010/10/27 05:33:33 | 000,074,047 | ---- | M] () -- C:\Documents and Settings\Michele D. Diaz\Desktop\downsized_10271005321.JPG
[2010/10/27 05:33:33 | 000,074,047 | ---- | M] () -- C:\Documents and Settings\Michele D. Diaz\Desktop\Copy of downsized_10271005321.JPG
[2010/10/27 05:33:19 | 000,020,342 | ---- | M] () -- C:\Documents and Settings\Michele D. Diaz\Desktop\downsized_1027100532.jpg
[2010/10/14 15:11:53 | 000,240,736 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 06:12:02 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/07 22:42:48 | 000,464,264 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2010/10/07 22:42:48 | 000,079,556 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[20 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/03 17:43:30 | 000,000,887 | ---- | C] () -- C:\Documents and Settings\Michele D. Diaz\Desktop\ThinkPoint.lnk
[2010/11/03 17:43:30 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Michele D. Diaz\Application Data\install
[2010/11/03 17:42:33 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At24.job
[2010/11/03 17:42:33 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At23.job
[2010/11/03 17:42:31 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At22.job
[2010/11/03 17:42:29 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At21.job
[2010/11/03 17:42:23 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At20.job
[2010/11/03 17:42:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At19.job
[2010/11/03 17:42:21 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At18.job
[2010/11/03 17:42:19 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At17.job
[2010/11/03 17:42:12 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At16.job
[2010/11/03 17:42:12 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At15.job
[2010/11/03 17:42:11 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At14.job
[2010/11/03 17:42:05 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At13.job
[2010/11/03 17:42:04 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At12.job
[2010/11/03 17:42:03 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At11.job
[2010/11/03 17:42:00 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At10.job
[2010/11/03 17:41:59 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At9.job
[2010/11/03 17:41:57 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At8.job
[2010/11/03 17:41:56 | 000,030,000 | ---- | C] () -- C:\WINDOWS\System32\ouqvgm.dll
[2010/11/03 17:41:56 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At7.job
[2010/11/03 17:41:56 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At6.job
[2010/11/03 17:41:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At5.job
[2010/11/03 17:41:55 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At4.job
[2010/11/03 17:41:54 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At3.job
[2010/11/03 17:41:53 | 000,030,000 | ---- | C] () -- C:\WINDOWS\System32\k63znmn.dll
[2010/11/03 17:41:53 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2010/11/03 17:41:53 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2010/11/03 17:41:42 | 000,671,232 | ---- | C] () -- C:\Documents and Settings\Michele D. Diaz\Application Data\hotfix.exe
[2010/11/03 17:41:42 | 000,000,222 | ---- | C] () -- C:\Documents and Settings\Michele D. Diaz\Application Data\dkfjasdfshd.bat
[2010/11/03 17:41:36 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\6to4v32.dll
[2010/11/03 13:26:04 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010/11/03 13:25:59 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/11/03 13:25:51 | 000,000,266 | -H-- | C] () -- C:\WINDOWS\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010/11/03 12:29:43 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Xleturejada.dat
[2010/11/03 12:29:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Atifu.bin
[2010/11/03 12:23:04 | 000,000,300 | -H-- | C] () -- C:\WINDOWS\tasks\d16ae85a.job
[2010/11/03 12:22:09 | 000,000,229 | ---- | C] () -- C:\Documents and Settings\Michele D. Diaz\delme.bat
[2010/11/03 12:22:05 | 000,000,227 | ---- | C] () -- C:\WINDOWS\System32\winset.ini
[2010/11/02 16:34:56 | 000,001,886 | ---- | C] () -- C:\Documents and Settings\Michele D. Diaz\Desktop\Mahjong Towers Eternity.lnk
[2010/10/30 18:07:21 | 000,074,047 | ---- | C] () -- C:\Documents and Settings\Michele D. Diaz\Desktop\Copy of downsized_10271005321.JPG
[2010/10/27 05:33:33 | 000,074,047 | ---- | C] () -- C:\Documents and Settings\Michele D. Diaz\Desktop\downsized_10271005321.JPG
[2010/10/27 05:33:09 | 000,020,342 | ---- | C] () -- C:\Documents and Settings\Michele D. Diaz\Desktop\downsized_1027100532.jpg
[2010/09/13 17:36:19 | 000,006,144 | -HS- | C] () -- C:\Documents and Settings\Michele D. Diaz\Application Data\svchost.exe
[2008/11/03 08:25:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Michele D. Diaz\SchedulePlan.txt
[2008/11/02 06:17:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\MSVolume.dll
[2008/06/06 09:42:06 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\Michele D. Diaz\Local Settings\Application Data\fusioncache.dat
[2008/04/16 03:29:52 | 000,229,447 | ---- | C] () -- C:\WINDOWS\KBHook.dll
[2008/02/18 19:12:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2008/01/04 17:58:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/01/04 17:56:24 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/11/23 16:15:38 | 000,000,246 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/09/18 19:30:31 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\TwcToolbarIe7.dll
[2007/09/18 19:30:31 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\TwcToolbarBho.dll
[2007/04/12 19:35:10 | 000,004,699 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/03/20 17:44:02 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.ini
[2007/02/19 02:32:34 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dlbuinsr.dll
[2007/02/19 02:29:24 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dlbuinsb.dll
[2007/02/19 02:29:20 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dlbucub.dll
[2007/02/19 02:29:10 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\dlbuins.dll
[2007/01/22 08:19:00 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlbucfg.dll
[2006/10/30 10:30:30 | 000,010,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\SBTEDrv.sys
[2005/11/28 16:40:05 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005/10/22 10:54:55 | 000,006,812 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2005/10/22 00:04:02 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Michele D. Diaz\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/08/26 17:10:43 | 000,001,417 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2005/08/26 17:09:39 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\dlbucoin.dll
[2005/08/26 17:09:39 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\dlbusnls.dll
[2005/06/26 19:52:16 | 000,003,305 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2005/05/25 14:07:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\dlbucnv4.dll
[2005/05/15 20:05:52 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/04/25 08:13:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/04/25 08:11:15 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/04/25 07:35:54 | 000,000,370 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/02/02 18:40:24 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\dlbucur.dll
[2005/02/02 18:39:14 | 000,573,440 | ---- | C] () -- C:\WINDOWS\System32\dlbujswr.dll
[2005/02/02 18:03:42 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dlbucu.dll
[2005/02/02 17:49:32 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\dlbuutil.dll
[2005/01/28 09:08:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/10 14:13:12 | 000,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/10 14:03:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/08/04 06:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\wrmseE.dll
[2004/08/04 06:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[2004/06/30 15:04:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\SDelete.dll
[2004/03/07 13:51:00 | 000,024,924 | ---- | C] () -- C:\WINDOWS\System32\openports.dll
[2003/10/08 10:09:46 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbuvs.dll
[1980/01/01 01:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2009/03/18 07:13:09 | 000,000,000 | ---D | M] -- C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Application Data\SACore
[2009/10/16 07:45:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\SACore
[2010/05/01 12:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele D. Diaz\Application Data\CCleanup
[2008/12/14 18:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele D. Diaz\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008/02/12 17:28:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele D. Diaz\Application Data\HotSync
[2005/04/30 14:25:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele D. Diaz\Application Data\Leadertech
[2008/02/23 19:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele D. Diaz\Application Data\LimeWire
[2007/06/12 18:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele D. Diaz\Application Data\Musicmatch
[2010/05/01 13:18:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele D. Diaz\Application Data\Windows Desktop Search
[2010/05/01 20:59:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michele D. Diaz\Application Data\Windows Search
[2010/11/03 17:41:56 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2010/11/03 17:42:13 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At10.job
[2010/11/03 17:42:13 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At11.job
[2010/11/03 17:42:13 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At12.job
[2010/11/03 17:42:13 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At13.job
[2010/11/03 17:42:13 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At14.job
[2010/11/03 17:42:13 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At15.job
[2010/11/03 17:42:13 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At16.job
[2010/11/03 17:42:30 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At17.job
[2010/11/03 17:42:30 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At18.job
[2010/11/03 17:42:30 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At19.job
[2010/11/03 17:41:56 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2010/11/03 17:42:30 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At20.job
[2010/11/03 17:42:30 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At21.job
[2010/11/03 17:42:42 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At22.job
[2010/11/03 17:42:42 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At23.job
[2010/11/03 17:42:42 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At24.job
[2010/11/03 17:41:56 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2010/11/03 17:41:56 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2010/11/03 17:41:56 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At5.job
[2010/11/03 17:41:56 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At6.job
[2010/11/03 17:41:56 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At7.job
[2010/11/03 17:42:15 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At8.job
[2010/11/03 17:42:15 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\At9.job
[2010/11/03 05:49:00 | 000,000,562 | ---- | M] () -- C:\WINDOWS\Tasks\CounterSpy.job
[2010/11/03 17:38:09 | 000,000,300 | -H-- | M] () -- C:\WINDOWS\Tasks\d16ae85a.job
[2010/11/03 17:37:52 | 000,000,400 | ---- | M] () -- C:\WINDOWS\Tasks\FileCure Startup.job
[2010/11/02 04:07:00 | 000,000,384 | ---- | M] () -- C:\WINDOWS\Tasks\FileCure.job
[2010/11/02 18:00:00 | 000,000,464 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration3.job
[2010/11/03 01:38:00 | 000,000,438 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
[2010/11/03 12:34:13 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{5E7A0306-2C4B-43EB-B07C-E1F2D26E39CF}.job
[2010/11/03 17:44:18 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/11/03 17:44:18 | 000,000,266 | -H-- | M] () -- C:\WINDOWS\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010/11/03 17:44:08 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\SOL.EXE:SummaryInformation
< End of report >

 

Yes. The computer boots windows.

Here is the log file you requested...

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\6to4 deleted successfully.
C:\WINDOWS\SYSTEM32\6to4v32.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SSHNAS deleted successfully.
C:\WINDOWS\SYSTEM32\sshnas21.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\rlhzypv deleted successfully.
C:\WINDOWS\SYSTEM32\DRIVERS\rlhzypv.sys moved successfully.
Registry value HKEY_USERS\Ben_Kace_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{4D25F926-B9FE-4682-BF72-8AB8210D6D75} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}\ not found.
HKU\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6BA40C1-A501-59BD-F413-03B03A2C8952}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6BA40C1-A501-59BD-F413-03B03A2C8952}\ deleted successfully.
C:\WINDOWS\SYSTEM32\k63znmn.dll moved successfully.
Registry value HKEY_USERS\Ben_Kace_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\cftmon deleted successfully.
C:\WINDOWS\SYSTEM32\oxvzs.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUIQ/OXRpZ deleted successfully.
C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\mdm.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUIQ/OXRrxe deleted successfully.
C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\system.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HNUIQ_OXRsch deleted successfully.
C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\w7mnawxi.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KBStatusLED deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKcZ deleted successfully.
C:\WINDOWS\mdm.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MKdw+ deleted successfully.
C:\WINDOWS\nvsvc32.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\svchost deleted successfully.
C:\Documents and Settings\Michele D. Diaz\Application Data\Microsoft\svchost.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Unukide deleted successfully.
C:\WINDOWS\urizetij.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\uPc+MV0NseaXms deleted successfully.
C:\WINDOWS\SYSTEM32\ouqvgm.dll moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry value HKEY_USERS\Ben_Kace_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr deleted successfully.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\Adware_ProNET deleted successfully.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\AdwareProMFCT deleted successfully.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\DnE deleted successfully.
C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\winders.exe moved successfully.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleHelper deleted successfully.
C:\Documents and Settings\Michele D. Diaz\Application Data\svchost.exe moved successfully.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUIQ/OXRpZ deleted successfully.
File C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\mdm.exe not found.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUIQ/OXRrxe deleted successfully.
File C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\system.exe not found.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\HNUIQ_OXRsch deleted successfully.
File C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\w7mnawxi.exe not found.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKcZ deleted successfully.
File C:\WINDOWS\mdm.exe not found.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\MKdw+ deleted successfully.
File C:\WINDOWS\nvsvc32.exe not found.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\Myonu deleted successfully.
C:\WINDOWS\wrmseE.dll moved successfully.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\U36VRSFLG6 deleted successfully.
C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\Cfd.exe moved successfully.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\uPc+MV0NseaXms deleted successfully.
File C:\WINDOWS\System32\ouqvgm.DLL not found.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\updateMgr deleted successfully.
C:\Documents and Settings\Michele D. Diaz\Local Settings\Temp\dwm.exe moved successfully.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\DOCUME~1\MICHEL~1.DIA\LOCALS~1\Temp\dwm.exe deleted successfully.
Registry key HKEY_USERS\Michele_D._Diaz_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies \Explorer not found.
Registry key HKEY_USERS\Michele_D._Diaz_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies \Explorer\Run not found.
File C:\Documents and Settings\Michele D. Diaz\Application Data\svchost.exe not found.
Registry key HKEY_USERS\Michele_D._Diaz_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies \System not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2E5E800E-6AC0-411E-940A-369530A35E43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2E5E800E-6AC0-411E-940A-369530A35E43}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2E5E800E-6AC0-411E-940A-369530A35E43}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2E5E800E-6AC0-411E-940A-369530A35E43}\ not found.
Starting removal of ActiveX control {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_USERS\Ben_Kace_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_USERS\Michele_D._Diaz_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error.\ not found.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\\NameServer| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:dfhclfhd.dll deleted successfully.
C:\WINDOWS\SYSTEM32\dfhclfhd.dll moved successfully.
Registry value HKEY_USERS\Michele_D._Diaz_ON_C\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Documents and Settings\Michele D. Diaz\Application Data\hotfix.exe deleted successfully.
C:\Documents and Settings\Michele D. Diaz\Application Data\hotfix.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\wmpenv deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E9A0DAF5-3CB7-42F2-8266-17E361DE013B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{B6BA40C1-A501-59BD-F413-03B03A2C8952} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6BA40C1-A501-59BD-F413-03B03A2C8952}\ not found.
File C:\WINDOWS\SYSTEM32\k63znmn.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\ deleted successfully.
File C:\WINDOWS\nvsvc32.exe not found.
File C:\WINDOWS\mdm.exe not found.
C:\WINDOWS\taskmgr.exe moved successfully.
File C:\WINDOWS\System32\drivers\rlhzypv.sys not found.
File C:\WINDOWS\System32\dfhclfhd.dll not found.
C:\WINDOWS\Chycua.exe moved successfully.
File C:\WINDOWS\System32\sshnas21.dll not found.
File C:\WINDOWS\System32\oxvzs.exe not found.
C:\WINDOWS\SYSTEM32\qssk.exe moved successfully.
C:\Documents and Settings\Michele D. Diaz\Application Data\d16ae85a.exe moved successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET478.tmp deleted successfully.
C:\WINDOWS\System32\SET47A.tmp deleted successfully.
C:\WINDOWS\System32\SET486.tmp deleted successfully.
C:\WINDOWS\System32\SET4CE.tmp deleted successfully.
C:\WINDOWS\003024_.tmp deleted successfully.
C:\WINDOWS\DUMP3d76.tmp deleted successfully.
C:\WINDOWS\DUMP6050.tmp deleted successfully.
C:\WINDOWS\DUMP67a3.tmp deleted successfully.
C:\WINDOWS\DUMP6c46.tmp deleted successfully.
C:\IO96BC~.TMP deleted successfully.
C:\LOG131.tmp deleted successfully.
C:\LOG1415.tmp deleted successfully.
C:\LOG1BC.tmp deleted successfully.
C:\LOG222.tmp deleted successfully.
C:\LOG369.tmp deleted successfully.
C:\LOG3BF5.tmp deleted successfully.
C:\LOG40.tmp deleted successfully.
C:\LOG4AF.tmp deleted successfully.
C:\LOG5F.tmp deleted successfully.
C:\LOG5F4.tmp deleted successfully.
C:\LOG729.tmp deleted successfully.
C:\LOG73.tmp deleted successfully.
C:\LOG731.tmp deleted successfully.
C:\LOG7D.tmp deleted successfully.
C:\LOGA61.tmp deleted successfully.
C:\LOGA9.tmp deleted successfully.
C:\LOGAC.tmp deleted successfully.
C:\LOGAE.tmp deleted successfully.
C:\LOGD5.tmp deleted successfully.
C:\WINDOWS\tasks\At24.job moved successfully.
C:\WINDOWS\tasks\At23.job moved successfully.
C:\WINDOWS\tasks\At22.job moved successfully.
File C:\WINDOWS\nvsvc32.exe not found.
C:\WINDOWS\tasks\At21.job moved successfully.
C:\WINDOWS\tasks\At20.job moved successfully.
C:\WINDOWS\tasks\At19.job moved successfully.
C:\WINDOWS\tasks\At18.job moved successfully.
C:\WINDOWS\tasks\At17.job moved successfully.
File C:\WINDOWS\mdm.exe not found.
File C:\WINDOWS\taskmgr.exe not found.
C:\WINDOWS\tasks\At9.job moved successfully.
C:\WINDOWS\tasks\At8.job moved successfully.
C:\WINDOWS\tasks\At16.job moved successfully.
C:\WINDOWS\tasks\At15.job moved successfully.
C:\WINDOWS\tasks\At14.job moved successfully.
C:\WINDOWS\tasks\At13.job moved successfully.
C:\WINDOWS\tasks\At12.job moved successfully.
C:\WINDOWS\tasks\At11.job moved successfully.
C:\WINDOWS\tasks\At10.job moved successfully.
File C:\WINDOWS\System32\ouqvgm.dll not found.
C:\WINDOWS\tasks\At7.job moved successfully.
C:\WINDOWS\tasks\At6.job moved successfully.
C:\WINDOWS\tasks\At5.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
C:\WINDOWS\tasks\At3.job moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At1.job moved successfully.
File C:\WINDOWS\System32\k63znmn.dll not found.
File C:\Documents and Settings\Michele D. Diaz\Application Data\hotfix.exe not found.
C:\Documents and Settings\Michele D. Diaz\Application Data\dkfjasdfshd.bat moved successfully.
File C:\WINDOWS\System32\6to4v32.dll not found.
File C:\WINDOWS\System32\dfhclfhd.dll not found.
C:\WINDOWS\SYSTEM32\winset.ini moved successfully.
C:\WINDOWS\tasks\d16ae85a.job moved successfully.
C:\WINDOWS\Xleturejada.dat moved successfully.
File C:\WINDOWS\Chycua.exe not found.
File C:\WINDOWS\System32\sshnas21.dll not found.
File C:\Documents and Settings\Michele D. Diaz\Application Data\d16ae85a.exe not found.
File C:\WINDOWS\System32\oxvzs.exe not found.
C:\Documents and Settings\Michele D. Diaz\delme.bat moved successfully.
C:\WINDOWS\Atifu.bin moved successfully.
File C:\WINDOWS\System32\qssk.exe not found.
ADS C:\WINDOWS\System32\SOL.EXE:SummaryInformation deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Ben Kace
->Temp folder emptied: 56843135 bytes
->Temporary Internet Files folder emptied: 180824160 bytes
->Java cache emptied: 818275 bytes
->Flash cache emptied: 1321 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 672531 bytes
->Flash cache emptied: 348 bytes

User: Michele D. Diaz
->Temp folder emptied: 120788998 bytes
->Temporary Internet Files folder emptied: 178855186 bytes
->Java cache emptied: 4395770 bytes
->FireFox cache emptied: 3615263 bytes
->Flash cache emptied: 189002 bytes

User: MICHEL~1~DIA

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 751863 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 171250367 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 77722088 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes

Total Files Cleaned = 760.00 mb


OTLPE by OldTimer - Version 3.1.43.0 log created on 11042010_232401



Thank you for the help so far... I really appreciate it. You've done very well accommodating my computer ignorance.

 

When I try to update Avira... This file comes up. I don't know what it means..

Avira AntiVir Personal - Free Antivirus Updater
Engine/VDF update

Creation time: Fri Nov 05 06:44:27 2010


Operating system:
Windows XP (Service Pack 3) [5.1.2600] 32 bit

Product information:
Product version: 10.0.0.592
Updater: C:\Program Files\Avira\AntiVir Desktop\update.exe 10.0.0.35
Update resource: C:\Program Files\Avira\AntiVir Desktop\updaterc.dll 10.0.9.0
Library: C:\Program Files\Avira\AntiVir Desktop\update.dll 0.1.0.44
Plugin: C:\Program Files\Avira\AntiVir Desktop\updext.dll 10.0.0.8
GUI: C:\Program Files\Avira\AntiVir Desktop\updgui.dll 10.0.2.0

Temp Directory: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\
Backup folder: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\BACKUP\
Installation Directory: C:\Program Files\Avira\AntiVir Desktop\
Updater folder: C:\Program Files\Avira\AntiVir Desktop\
AppData folder: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\

Proxy settings:
System settings used

6:44:28 [UPD] [INFO] Checking whether newer files are available.
6:44:28 [UPD] [INFO] Select update server 'http://personal.avira-update.com/update'.
6:44:28 [UPD] [INFO] Downloading of 'http://personal.avira-update.com/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
6:44:28 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://personal.avira-update.com/update/idx/master.idx' failed. Error: The server name or address could not be resolved
6:44:28 [UPDLIB] [ERROR] Retry...
6:44:28 [UPD] [INFO] Downloading of 'http://personal.avira-update.com/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
6:44:28 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://personal.avira-update.com/update/idx/master.idx' failed. Error: The server name or address could not be resolved
6:44:28 [UPDLIB] [ERROR] Retry...
6:44:28 [UPD] [INFO] Downloading of 'http://personal.avira-update.com/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
6:44:28 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://personal.avira-update.com/update/idx/master.idx' failed. Error: The server name or address could not be resolved
6:44:28 [UPD] [INFO] Select update server 'http://personal.avira-update.net/update'.
6:44:28 [UPD] [INFO] Downloading of 'http://personal.avira-update.net/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
6:44:28 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://personal.avira-update.net/update/idx/master.idx' failed. Error: The server name or address could not be resolved
6:44:28 [UPDLIB] [ERROR] Retry...
6:44:28 [UPD] [INFO] Downloading of 'http://personal.avira-update.net/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
6:44:28 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://personal.avira-update.net/update/idx/master.idx' failed. Error: The server name or address could not be resolved
6:44:28 [UPDLIB] [ERROR] Retry...
6:44:29 [UPD] [INFO] Downloading of 'http://personal.avira-update.net/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
6:44:29 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://personal.avira-update.net/update/idx/master.idx' failed. Error: The server name or address could not be resolved
6:44:29 [UPD] [INFO] Select update server 'http://62.146.66.184/update'.
6:44:29 [UPD] [INFO] Downloading of 'http://62.146.66.184/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
6:44:29 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://62.146.66.184/update/idx/master.idx' failed. Error: A connection with the server could not be established
6:44:29 [UPD] [INFO] Select update server 'http://perspeak.avira-update.com/update'.
6:44:29 [UPD] [INFO] Downloading of 'http://perspeak.avira-update.com/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
6:44:29 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://perspeak.avira-update.com/update/idx/master.idx' failed. Error: The server name or address could not be resolved
6:44:29 [UPDLIB] [ERROR] Retry...
6:44:29 [UPD] [INFO] Downloading of 'http://perspeak.avira-update.com/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
6:44:29 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://perspeak.avira-update.com/update/idx/master.idx' failed. Error: The server name or address could not be resolved
6:44:29 [UPDLIB] [ERROR] Retry...
6:44:29 [UPD] [INFO] Downloading of 'http://perspeak.avira-update.com/update/idx/master.idx' to 'C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
6:44:29 [UPDLIB] [ERROR] Download manager: The function WinINet::HttpSendRequest() 'http://perspeak.avira-update.com/update/idx/master.idx' failed. Error: The server name or address could not be resolved
6:44:29 [UPDLIB] [ERROR] No additional servers found, the update will be canceled.
6:44:29 [UPD] [ERROR] Generation of update structure failed. UpdateLib delivers error 537.


Summary:
********
0 Files downloaded
0 Files installed

Fri Nov 05 06:44:29 2010
The update failed!

 

I tried to update Malwarebytes' anti-malware. It comes up with an error. I seem to not be able to update any program. My internet is working however. I don't understand...

 

ComboFix 10-11-05.05 - Michele D. Diaz 11/05/2010 17:17:05.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.643 [GMT -4:00]
Running from: c:\documents and settings\Michele D. Diaz\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Documents\Server\admin.txt
c:\documents and settings\Michele D. Diaz\Application Data\install
c:\documents and settings\Michele D. Diaz\Application Data\Microsoft\stor.cfg
c:\documents and settings\Michele D. Diaz\Application Data\Microsoft\Windows\shell.exe
c:\documents and settings\Michele D. Diaz\Local Settings\Application Data\{4D192C12-712F-4E52-8881-E6E8AE2C2781}
c:\documents and settings\Michele D. Diaz\Local Settings\Application Data\{4D192C12-712F-4E52-8881-E6E8AE2C2781}\chrome.manifest
c:\documents and settings\Michele D. Diaz\Local Settings\Application Data\{4D192C12-712F-4E52-8881-E6E8AE2C2781}\chrome\content\_cfg.js
c:\documents and settings\Michele D. Diaz\Local Settings\Application Data\{4D192C12-712F-4E52-8881-E6E8AE2C2781}\chrome\content\overlay.xul
c:\documents and settings\Michele D. Diaz\Local Settings\Application Data\{4D192C12-712F-4E52-8881-E6E8AE2C2781}\install.rdf
c:\documents and settings\Michele D. Diaz\Start Menu\Programs\videobox
c:\documents and settings\Michele D. Diaz\Start Menu\Programs\videobox\Uninstall.lnk
c:\program files\Search Toolbar
c:\program files\Search Toolbar\icon.ico
c:\program files\Search Toolbar\SearchToolbar.dll
c:\program files\Search Toolbar\SearchToolbarUninstall.exe
c:\program files\Search Toolbar\SearchToolbarUpdater.exe
c:\program files\videobox
c:\program files\videobox\Uninstall.exe
c:\windows\dat.txt
c:\windows\Downloaded Program Files\ODCTOOLS
c:\windows\MailSwitch.ocx
c:\windows\system32\bszip.dll
c:\windows\system32\ernel32.dll
c:\windows\system32\spool\prtprocs\w32x86\wSK17gM.dll

Infected copy of c:\windows\system32\winlogon.exe was found and disinfected
Restored copy from - c:\windows\ServicePackFiles\i386\winlogon.exe

Infected copy of c:\windows\explorer.exe was found and disinfected
Restored copy from - c:\windows\ServicePackFiles\i386\explorer.exe

.
\\.\PhysicalDrive0 - Bootkit TDL4 was found and disinfected
.
((((((((((((((((((((((((( Files Created from 2010-10-05 to 2010-11-05 )))))))))))))))))))))))))))))))
.

2010-11-05 20:52 . 2010-11-05 20:52 -------- d-----w- c:\documents and settings\Michele D. Diaz\Application Data\Malwarebytes
2010-11-05 20:52 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-05 20:52 . 2010-11-05 20:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-05 20:52 . 2010-11-05 20:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-11-05 20:52 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-05 13:42 . 2010-08-02 20:10 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-11-05 13:42 . 2010-08-02 20:10 126856 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-11-05 13:42 . 2010-06-17 19:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-11-05 13:42 . 2010-06-17 19:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-11-05 13:42 . 2010-11-05 13:42 -------- d-----w- c:\program files\Avira
2010-11-05 13:42 . 2010-11-05 13:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2010-11-05 10:44 . 2010-11-05 10:44 -------- d-----w- c:\documents and settings\Michele D. Diaz\Application Data\Avira
2010-11-05 04:49 . 2010-11-05 04:50 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2010-11-05 03:24 . 2010-11-05 03:24 -------- d-----w- C:\_OTL
2010-11-03 16:39 . 2010-11-03 16:39 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-11-02 20:34 . 2010-11-02 20:34 -------- d-----w- c:\program files\Games
2010-10-16 02:30 . 2010-10-16 02:30 -------- d-----w- c:\program files\Common Files\Skype
2010-10-16 02:30 . 2010-10-16 02:31 -------- d-----r- c:\program files\Skype
2010-10-16 02:30 . 2010-11-05 20:51 -------- d-----w- c:\documents and settings\Michele D. Diaz\Application Data\Skype
2010-10-13 11:16 . 2010-09-18 06:53 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-10-13 11:16 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-13 11:16 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 16:23 . 2004-08-04 10:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-04 10:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2004-08-04 10:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2004-08-04 10:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:58 . 2004-08-04 10:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58 . 2004-08-04 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:51 . 2004-08-04 10:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42 . 2007-04-04 02:51 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02 . 2004-08-04 10:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57 . 2004-08-04 10:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 13:39 . 2004-08-04 10:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-26 12:52 . 2009-04-15 08:16 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12 . 2004-08-04 10:00 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17 . 2010-08-17 13:17 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45 . 2004-08-04 10:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport "= "c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"MsnMsgr "= "c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"DellSupportCenter "= "c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"DW6 "= "c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2010-04-16 818288]
"swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-07 39408]
"Skype "= "c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP "= "c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"IntelMeM "= "c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"UpdateManager "= "c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 110592]
"MMTray "= "c:\program files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2006-01-17 135168]
"dla "= "c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"Dell Photo AIO Printer 942 "= "c:\program files\Dell Photo AIO Printer 942\dlbubmgr.exe" [2005-02-03 294912]
"DellMCM "= "c:\program files\Dell Photo AIO Printer 942\memcard.exe" [2004-07-27 262144]
"mmtask "= "c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2006-01-17 53248]
"dscactivate "= "c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"DellSupportCenter "= "c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"PAC7302_Monitor "= "c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"igfxtray "= "c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd "= "c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers "= "c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"KBStatusLED1 "= "c:\windows\KBStatusLED.exe" [2008-04-30 53248]
"MSN Toolbar "= "c:\program files\MSN Toolbar\Platform\4.0.0346.1\mswinext.exe" [2009-11-01 240992]
"Adobe Reader Speed Launcher "= "c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM "= "c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task "= "c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]
"iTunesHelper "= "c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608]
"avgnt "= "c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
NETGEAR WG311v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG311v3\wlancfg5.exe [2006-1-26 1486848]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2004-11-11 806912]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5} "= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall "= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe "=
"c:\\Program Files\\LimeWire\\LimeWire.exe "=
"%windir%\\Network Diagnostic\\xpnetdiag.exe "=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe "=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe "=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe "=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe "=
"c:\\Program Files\\iTunes\\iTunes.exe "=
"c:\\Program Files\\Skype\\Phone\\Skype.exe "=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe "=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [11/5/2010 9:42 AM 135336]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/7/2010 8:14 AM 135664]
S3 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
.
Contents of the 'Scheduled Tasks' folder

2010-11-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-07 12:14]

2010-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-07 12:14]

2010-11-05 c:\windows\Tasks\User_Feed_Synchronization-{5E7A0306-2C4B-43EB-B07C-E1F2D26E39CF}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Connection Wizard,ShellNext = hxxp://www.dell4me.com/myway
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-MCODS
AddRemove-McAfee.com Privacy Service - c:\progra~1\mcafee.com\shared\mghtml.exe
AddRemove-Registry Cleaner_is1 - c:\program files\Registry Cleaner Trial\unins000.exe
AddRemove-Scholastic's I SPY Fun House - c:\progra~1\SCHOLA~1\ISPYFU~1\UNWISE.EXE
AddRemove-Search Toolbar - c:\program files\Search Toolbar\SearchToolbarUninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-05 17:30
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(796)
c:\windows\system32\MrvGINA.dll

- - - - - - - > 'Explorer.exe'(220)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\SearchIndexer.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\fxssvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wscntfy.exe
c:\program files\Dell Photo AIO Printer 942\dlbubmon.exe
c:\program files\Dell Support Center\gs_agent\dsc.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Messenger\msmsgs.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Completion time: 2010-11-05 17:41:13 - machine was rebooted
ComboFix-quarantined-files.txt 2010-11-05 21:41

Pre-Run: 55,580,913,664 bytes free
Post-Run: 55,576,440,832 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT= "Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug= "do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS= "Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - DA1492ADF16C136D4266C56BD9D20FD9

 

Not sure if I did what I was supposed to but here is a log file of what I did...

Avira AntiVir Personal
Report file date: Friday, November 05, 2010 19:32

Scanning for 3020684 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : D6DBBB71

Version information:
BUILD.DAT : 10.0.0.592 31823 Bytes 8/9/2010 11:00:00
AVSCAN.EXE : 10.0.3.1 434344 Bytes 8/2/2010 20:09:56
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 17:57:04
LUKE.DLL : 10.0.2.3 104296 Bytes 8/2/2010 20:10:00
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 04:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 14:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 00:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 22:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 21:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 16:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 20:10:03
VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 20:10:04
VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 20:10:06
VBASE008.VDF : 7.10.11.133 3454464 Bytes 9/13/2010 23:29:55
VBASE009.VDF : 7.10.13.80 2265600 Bytes 11/2/2010 23:30:12
VBASE010.VDF : 7.10.13.81 2048 Bytes 11/2/2010 23:30:12
VBASE011.VDF : 7.10.13.82 2048 Bytes 11/2/2010 23:30:12
VBASE012.VDF : 7.10.13.83 2048 Bytes 11/2/2010 23:30:13
VBASE013.VDF : 7.10.13.116 147968 Bytes 11/4/2010 23:30:14
VBASE014.VDF : 7.10.13.117 2048 Bytes 11/4/2010 23:30:14
VBASE015.VDF : 7.10.13.118 2048 Bytes 11/4/2010 23:30:14
VBASE016.VDF : 7.10.13.119 2048 Bytes 11/4/2010 23:30:14
VBASE017.VDF : 7.10.13.120 2048 Bytes 11/4/2010 23:30:14
VBASE018.VDF : 7.10.13.121 2048 Bytes 11/4/2010 23:30:14
VBASE019.VDF : 7.10.13.122 2048 Bytes 11/4/2010 23:30:14
VBASE020.VDF : 7.10.13.123 2048 Bytes 11/4/2010 23:30:15
VBASE021.VDF : 7.10.13.124 2048 Bytes 11/4/2010 23:30:15
VBASE022.VDF : 7.10.13.125 2048 Bytes 11/4/2010 23:30:15
VBASE023.VDF : 7.10.13.126 2048 Bytes 11/4/2010 23:30:15
VBASE024.VDF : 7.10.13.127 2048 Bytes 11/4/2010 23:30:15
VBASE025.VDF : 7.10.13.128 2048 Bytes 11/4/2010 23:30:15
VBASE026.VDF : 7.10.13.129 2048 Bytes 11/4/2010 23:30:15
VBASE027.VDF : 7.10.13.130 2048 Bytes 11/4/2010 23:30:15
VBASE028.VDF : 7.10.13.131 2048 Bytes 11/4/2010 23:30:15
VBASE029.VDF : 7.10.13.132 2048 Bytes 11/4/2010 23:30:16
VBASE030.VDF : 7.10.13.133 2048 Bytes 11/4/2010 23:30:16
VBASE031.VDF : 7.10.13.145 130048 Bytes 11/5/2010 23:30:17
Engineversion : 8.2.4.92
AEVDF.DLL : 8.1.2.1 106868 Bytes 8/2/2010 20:09:54
AESCRIPT.DLL : 8.1.3.46 1364347 Bytes 11/5/2010 23:30:38
AESCN.DLL : 8.1.6.1 127347 Bytes 8/2/2010 20:09:53
AESBX.DLL : 8.1.3.1 254324 Bytes 8/2/2010 20:09:53
AERDL.DLL : 8.1.9.2 635252 Bytes 11/5/2010 23:30:35
AEPACK.DLL : 8.2.3.11 471416 Bytes 11/5/2010 23:30:33
AEOFFICE.DLL : 8.1.1.8 201081 Bytes 8/2/2010 20:09:52
AEHEUR.DLL : 8.1.2.38 2990455 Bytes 11/5/2010 23:30:31
AEHELP.DLL : 8.1.14.0 246134 Bytes 11/5/2010 23:30:22
AEGEN.DLL : 8.1.3.24 401781 Bytes 11/5/2010 23:30:21
AEEMU.DLL : 8.1.2.0 393588 Bytes 8/2/2010 20:09:49
AECORE.DLL : 8.1.17.0 196982 Bytes 11/5/2010 23:30:19
AEBB.DLL : 8.1.1.0 53618 Bytes 8/2/2010 20:09:48
AVWINLL.DLL : 10.0.0.0 19304 Bytes 8/2/2010 20:09:56
AVPREF.DLL : 10.0.0.0 44904 Bytes 8/2/2010 20:09:55
AVREP.DLL : 10.0.0.8 62209 Bytes 6/17/2010 19:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 8/2/2010 20:09:55
AVSCPLR.DLL : 10.0.3.1 83816 Bytes 8/2/2010 20:09:56
AVARKT.DLL : 10.0.0.14 227176 Bytes 8/2/2010 20:09:54
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 8/2/2010 20:09:55
SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 19:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 8/2/2010 20:09:56
NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 19:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 18:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 8/2/2010 20:10:08

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Friday, November 05, 2010 19:32

Starting search for hidden objects.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc\Config\Standalone\drivelist
[NOTE] The registry entry is invisible.
c:\windows\explorer.exe
c:\WINDOWS\explorer.exe
[NOTE] The process is not visible.

The scan of running processes will be started
Scan process 'avwsc.exe' - '31' Module(s) have been scanned
Scan process 'rsmsink.exe' - '29' Module(s) have been scanned
Scan process 'ssmarque.scr' - '18' Module(s) have been scanned
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '61' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '70' Module(s) have been scanned
Scan process 'avcenter.exe' - '62' Module(s) have been scanned
Scan process 'iexplore.exe' - '148' Module(s) have been scanned
Scan process 'ctfmon.exe' - '25' Module(s) have been scanned
Scan process 'iexplore.exe' - '73' Module(s) have been scanned
Scan process 'notepad.exe' - '27' Module(s) have been scanned
Scan process 'Explorer.exe' - '103' Module(s) have been scanned
Scan process 'skypePM.exe' - '55' Module(s) have been scanned
Scan process 'iPodService.exe' - '30' Module(s) have been scanned
Scan process 'WindowsSearch.exe' - '66' Module(s) have been scanned
Scan process 'wlancfg5.exe' - '42' Module(s) have been scanned
Scan process 'Skype.exe' - '129' Module(s) have been scanned
Scan process 'dsc.exe' - '46' Module(s) have been scanned
Scan process 'DesktopWeather.exe' - '85' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '103' Module(s) have been scanned
Scan process 'DSAgnt.exe' - '77' Module(s) have been scanned
Scan process 'avgnt.exe' - '51' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '68' Module(s) have been scanned
Scan process 'mswinext.exe' - '72' Module(s) have been scanned
Scan process 'KBStatusLED.exe' - '19' Module(s) have been scanned
Scan process 'igfxpers.exe' - '23' Module(s) have been scanned
Scan process 'hkcmd.exe' - '22' Module(s) have been scanned
Scan process 'sprtcmd.exe' - '59' Module(s) have been scanned
Scan process 'dlbubmon.exe' - '41' Module(s) have been scanned
Scan process 'mmtask.exe' - '20' Module(s) have been scanned
Scan process 'memcard.exe' - '32' Module(s) have been scanned
Scan process 'dlbubmgr.exe' - '20' Module(s) have been scanned
Scan process 'tfswctrl.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'mm_tray.exe' - '30' Module(s) have been scanned
Scan process 'IntelMEM.exe' - '24' Module(s) have been scanned
Scan process 'smax4pnp.exe' - '35' Module(s) have been scanned
Scan process 'wscntfy.exe' - '18' Module(s) have been scanned
Scan process 'alg.exe' - '33' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '15' Module(s) have been scanned
Scan process 'fxssvc.exe' - '36' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '57' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '55' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'sprtsvc.exe' - '58' Module(s) have been scanned
Scan process 'SeaPort.exe' - '47' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '32' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '33' Module(s) have been scanned
Scan process 'avguard.exe' - '55' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'sched.exe' - '54' Module(s) have been scanned
Scan process 'spoolsv.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '168' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '53' Module(s) have been scanned
Scan process 'lsass.exe' - '58' Module(s) have been scanned
Scan process 'services.exe' - '36' Module(s) have been scanned
Scan process 'winlogon.exe' - '72' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '1783' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\Qoobox\Quarantine\MBR_HardDisk0.mbr
[DETECTION] Contains code of the BOO/Alureon.A boot sector virus
C:\Qoobox\Quarantine\C\Documents and Settings\Michele D. Diaz\Application Data\Microsoft\Windows\shell.exe.vir
[DETECTION] Is the TR/Dldr.Agent.uaf.1 Trojan
C:\Qoobox\Quarantine\C\Program Files\VideoBox\Uninstall.exe.vir
[DETECTION] Contains recognition pattern of the ADSPY/FreeVideo.A adware or spyware
C:\Qoobox\Quarantine\C\WINDOWS\explorer.exe.vir
[DETECTION] Is the TR/Spy.1033728.15 Trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\ernel32.dll.vir
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\winlogon.exe.vir
[DETECTION] Is the TR/Spy.507904.67 Trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\SPOOL\PRTPROCS\W32X86\wSK17gM.dll.vir
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Application Data\d16ae85a.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Application Data\hotfix.exe
[DETECTION] Is the TR/Fakealert.cgu.1 Trojan
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Application Data\Microsoft\svchost.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen3 Trojan
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Local Settings\Temp\Cfd.exe
[DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Local Settings\Temp\dwm.exe
[DETECTION] Is the TR/Dldr.Agent.uad Trojan
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Local Settings\Temp\mdm.exe
[DETECTION] Is the TR/Crypt.FKM.Gen Trojan
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Local Settings\Temp\system.exe
[DETECTION] Is the TR/Crypt.FKM.Gen Trojan
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Local Settings\Temp\w7mnawxi.exe
[DETECTION] Is the TR/Downloader.Gen Trojan
--> Object
[DETECTION] Is the TR/Downloader.Gen Trojan
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Local Settings\Temp\winders.exe
[DETECTION] Is the TR/Spy.147456.224 Trojan
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\Chycua.exe
[DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\mdm.exe
[DETECTION] Is the TR/Crypt.FKM.Gen Trojan
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\nvsvc32.exe
[DETECTION] Is the TR/Crypt.FKM.Gen Trojan
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\taskmgr.exe
[DETECTION] Is the TR/Crypt.FKM.Gen Trojan
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\wrmseE.dll
[DETECTION] Is the TR/Hiloti.3.689 Trojan
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\SYSTEM32\6to4v32.dll
[DETECTION] Is the TR/Spy.53248.669 Trojan
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\SYSTEM32\k63znmn.dll
[DETECTION] Is the TR/Downloader.Gen Trojan
--> Object
[DETECTION] Is the TR/Downloader.Gen Trojan
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\SYSTEM32\ouqvgm.dll
[DETECTION] Is the TR/Downloader.Gen Trojan
--> Object
[DETECTION] Is the TR/Downloader.Gen Trojan
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\SYSTEM32\oxvzs.exe
[DETECTION] Is the TR/VB.UU Trojan
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\SYSTEM32\qssk.exe
[DETECTION] Is the TR/VB.UU Trojan
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\SYSTEM32\sshnas21.dll
[DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan

Beginning disinfection:
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\SYSTEM32\sshnas21.dll
[DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
[NOTE] The file was moved to the quarantine directory under the name '47f200ac.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\SYSTEM32\qssk.exe
[DETECTION] Is the TR/VB.UU Trojan
[NOTE] The file was moved to the quarantine directory under the name '5f1e2f0b.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\SYSTEM32\oxvzs.exe
[DETECTION] Is the TR/VB.UU Trojan
[NOTE] The file was moved to the quarantine directory under the name '0d4c7598.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\SYSTEM32\ouqvgm.dll
[DETECTION] Is the TR/Downloader.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '6b743a27.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\SYSTEM32\k63znmn.dll
[DETECTION] Is the TR/Downloader.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '2eb210da.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\SYSTEM32\6to4v32.dll
[DETECTION] Is the TR/Spy.53248.669 Trojan
[NOTE] The file was moved to the quarantine directory under the name '51ed2579.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\wrmseE.dll
[DETECTION] Is the TR/Hiloti.3.689 Trojan
[NOTE] The file was moved to the quarantine directory under the name '1d570935.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\taskmgr.exe
[DETECTION] Is the TR/Crypt.FKM.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '61494976.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\nvsvc32.exe
[DETECTION] Is the TR/Crypt.FKM.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '4c13662c.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\mdm.exe
[DETECTION] Is the TR/Crypt.FKM.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '557d5da4.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_WINDOWS\Chycua.exe
[DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
[NOTE] The file was moved to the quarantine directory under the name '392d7188.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Local Settings\Temp\winders.exe
[DETECTION] Is the TR/Spy.147456.224 Trojan
[NOTE] The file was moved to the quarantine directory under the name '489b481c.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Local Settings\Temp\w7mnawxi.exe
[DETECTION] Is the TR/Downloader.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '46827f15.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Local Settings\Temp\system.exe
[DETECTION] Is the TR/Crypt.FKM.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '03ad01e9.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Local Settings\Temp\mdm.exe
[DETECTION] Is the TR/Crypt.FKM.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '0aa0052f.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Local Settings\Temp\dwm.exe
[DETECTION] Is the TR/Dldr.Agent.uad Trojan
[NOTE] The file was moved to the quarantine directory under the name '52e11c55.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Local Settings\Temp\Cfd.exe
[DETECTION] Is the TR/Crypt.EPACK.Gen2 Trojan
[NOTE] The file was moved to the quarantine directory under the name '7e6c6588.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Application Data\Microsoft\svchost.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen3 Trojan
[NOTE] The file was moved to the quarantine directory under the name '409d0542.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Application Data\hotfix.exe
[DETECTION] Is the TR/Fakealert.cgu.1 Trojan
[NOTE] The file was moved to the quarantine directory under the name '23ec2e38.qua'.
C:\_OTL\MovedFiles\11042010_232401\C_Documents and Settings\Michele D. Diaz\Application Data\d16ae85a.exe
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '056669eb.qua'.
C:\Qoobox\Quarantine\C\WINDOWS\system32\SPOOL\PRTPROCS\W32X86\wSK17gM.dll.vir
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '37e715ab.qua'.
C:\Qoobox\Quarantine\C\WINDOWS\system32\winlogon.exe.vir
[DETECTION] Is the TR/Spy.507904.67 Trojan
[NOTE] The file was moved to the quarantine directory under the name '3dff3efb.qua'.
C:\Qoobox\Quarantine\C\WINDOWS\system32\ernel32.dll.vir
[DETECTION] Is the TR/Crypt.XPACK.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '02ac5ab7.qua'.
C:\Qoobox\Quarantine\C\WINDOWS\explorer.exe.vir
[DETECTION] Is the TR/Spy.1033728.15 Trojan
[NOTE] The file was moved to the quarantine directory under the name '7c8656ea.qua'.
C:\Qoobox\Quarantine\C\Program Files\VideoBox\Uninstall.exe.vir
[DETECTION] Contains recognition pattern of the ADSPY/FreeVideo.A adware or spyware
[NOTE] The file was moved to the quarantine directory under the name '29875257.qua'.
C:\Qoobox\Quarantine\C\Documents and Settings\Michele D. Diaz\Application Data\Microsoft\Windows\shell.exe.vir
[DETECTION] Is the TR/Dldr.Agent.uaf.1 Trojan
[NOTE] The file was moved to the quarantine directory under the name '24152379.qua'.
C:\Qoobox\Quarantine\MBR_HardDisk0.mbr
[DETECTION] Contains code of the BOO/Alureon.A boot sector virus
[NOTE] The file was moved to the quarantine directory under the name '3857374a.qua'.


End of the scan: Friday, November 05, 2010 20:39
Used time: 1:06:38 Hour(s)

The scan has been done completely.

11147 Scanned directories
448622 Files were scanned
27 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
27 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
448595 Files not concerned
9405 Archives were scanned
0 Warnings
27 Notes
436351 Objects were scanned with rootkit scan
2 Hidden objects were found

 

Second log requested..

2010/11/05 20:43:33.0203 TDSS rootkit removing tool 2.4.6.0 Nov 3 2010 10:11:43
2010/11/05 20:43:33.0203 ================================================================================
2010/11/05 20:43:33.0203 SystemInfo:
2010/11/05 20:43:33.0203
2010/11/05 20:43:33.0203 OS Version: 5.1.2600 ServicePack: 3.0
2010/11/05 20:43:33.0203 Product type: Workstation
2010/11/05 20:43:33.0203 ComputerName: D6DBBB71
2010/11/05 20:43:33.0203 UserName: Michele D. Diaz
2010/11/05 20:43:33.0203 Windows directory: C:\WINDOWS
2010/11/05 20:43:33.0203 System windows directory: C:\WINDOWS
2010/11/05 20:43:33.0203 Processor architecture: Intel x86
2010/11/05 20:43:33.0203 Number of processors: 1
2010/11/05 20:43:33.0203 Page size: 0x1000
2010/11/05 20:43:33.0203 Boot type: Normal boot
2010/11/05 20:43:33.0203 ================================================================================
2010/11/05 20:43:34.0390 Initialize success
2010/11/05 20:43:40.0296 ================================================================================
2010/11/05 20:43:40.0296 Scan started
2010/11/05 20:43:40.0296 Mode: Manual;
2010/11/05 20:43:40.0296 ================================================================================
2010/11/05 20:43:41.0703 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2010/11/05 20:43:41.0906 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/11/05 20:43:42.0156 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/11/05 20:43:42.0343 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2010/11/05 20:43:42.0609 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/11/05 20:43:42.0828 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys
2010/11/05 20:43:43.0046 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/11/05 20:43:43.0265 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2010/11/05 20:43:43.0453 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2010/11/05 20:43:43.0656 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2010/11/05 20:43:43.0765 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2010/11/05 20:43:43.0937 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2010/11/05 20:43:44.0140 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2010/11/05 20:43:44.0281 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2010/11/05 20:43:44.0453 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2010/11/05 20:43:44.0640 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2010/11/05 20:43:44.0843 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2010/11/05 20:43:45.0046 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2010/11/05 20:43:45.0234 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2010/11/05 20:43:45.0437 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/11/05 20:43:45.0531 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/11/05 20:43:45.0734 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/11/05 20:43:45.0921 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/11/05 20:43:46.0140 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
2010/11/05 20:43:46.0328 avgntflt (1eb7d72a82f94f7e9496d363fce00b68) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
2010/11/05 20:43:46.0453 avipbb (f8c56231ed5ecf7d1b46b0330880ccef) C:\WINDOWS\system32\DRIVERS\avipbb.sys
2010/11/05 20:43:46.0593 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/11/05 20:43:46.0875 CamDrL (cba8bce5bf67a3c619d5ce540bed9cf7) C:\WINDOWS\system32\DRIVERS\Camdrl.sys
2010/11/05 20:43:47.0093 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2010/11/05 20:43:47.0187 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/11/05 20:43:47.0312 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/11/05 20:43:47.0437 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2010/11/05 20:43:47.0562 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/11/05 20:43:47.0703 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/11/05 20:43:47.0875 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/11/05 20:43:48.0140 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2010/11/05 20:43:48.0296 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2010/11/05 20:43:48.0453 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2010/11/05 20:43:48.0656 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2010/11/05 20:43:48.0765 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/11/05 20:43:48.0968 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/11/05 20:43:49.0187 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/11/05 20:43:49.0359 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/11/05 20:43:49.0484 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/11/05 20:43:49.0656 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2010/11/05 20:43:49.0828 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/11/05 20:43:49.0984 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
2010/11/05 20:43:50.0109 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
2010/11/05 20:43:50.0328 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2010/11/05 20:43:50.0515 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
2010/11/05 20:43:50.0703 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2010/11/05 20:43:51.0015 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/11/05 20:43:51.0296 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/11/05 20:43:51.0484 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/11/05 20:43:51.0750 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/11/05 20:43:51.0921 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/11/05 20:43:52.0125 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2010/11/05 20:43:52.0281 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/11/05 20:43:52.0437 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/11/05 20:43:52.0625 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2010/11/05 20:43:52.0765 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/11/05 20:43:52.0937 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/11/05 20:43:53.0109 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2010/11/05 20:43:53.0296 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/11/05 20:43:53.0578 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2010/11/05 20:43:53.0765 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2010/11/05 20:43:53.0875 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/11/05 20:43:54.0093 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2010/11/05 20:43:54.0375 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/11/05 20:43:54.0562 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2010/11/05 20:43:54.0796 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
2010/11/05 20:43:55.0093 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
2010/11/05 20:43:55.0359 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
2010/11/05 20:43:55.0546 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/11/05 20:43:55.0671 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/11/05 20:43:55.0843 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/11/05 20:43:56.0015 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/11/05 20:43:56.0109 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/11/05 20:43:56.0281 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/11/05 20:43:56.0390 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/11/05 20:43:56.0578 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/11/05 20:43:56.0750 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/11/05 20:43:56.0937 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/11/05 20:43:57.0125 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/11/05 20:43:57.0312 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/11/05 20:43:57.0515 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/11/05 20:43:57.0859 LVUSBSta (c5efbd05a5195402121711a6ebbb271f) C:\WINDOWS\system32\drivers\lvusbsta.sys
2010/11/05 20:43:58.0031 MCSTRM (5bb01b9f582259d1fb7653c5c1da3653) C:\WINDOWS\system32\drivers\MCSTRM.sys
2010/11/05 20:43:58.0234 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/11/05 20:43:58.0421 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/11/05 20:43:58.0625 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2010/11/05 20:43:58.0828 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
2010/11/05 20:43:59.0015 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/11/05 20:43:59.0218 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/11/05 20:43:59.0421 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/11/05 20:43:59.0609 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2010/11/05 20:43:59.0796 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/11/05 20:44:00.0000 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/11/05 20:44:00.0250 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/11/05 20:44:00.0453 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/11/05 20:44:00.0625 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/11/05 20:44:00.0718 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/11/05 20:44:00.0875 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/11/05 20:44:01.0062 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/11/05 20:44:01.0171 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/11/05 20:44:01.0359 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/11/05 20:44:01.0578 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/11/05 20:44:01.0781 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/11/05 20:44:01.0890 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/11/05 20:44:02.0046 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/11/05 20:44:02.0218 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/11/05 20:44:02.0406 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/11/05 20:44:02.0593 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/11/05 20:44:02.0781 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/11/05 20:44:03.0015 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/11/05 20:44:03.0234 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/11/05 20:44:03.0468 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/11/05 20:44:03.0640 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/11/05 20:44:03.0984 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/11/05 20:44:04.0078 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/11/05 20:44:04.0375 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/11/05 20:44:04.0562 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/11/05 20:44:04.0734 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/11/05 20:44:04.0843 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/11/05 20:44:05.0078 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/11/05 20:44:05.0265 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/11/05 20:44:05.0843 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2010/11/05 20:44:06.0015 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2010/11/05 20:44:06.0171 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/11/05 20:44:06.0312 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/11/05 20:44:06.0468 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/11/05 20:44:06.0609 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2010/11/05 20:44:06.0796 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2010/11/05 20:44:06.0984 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2010/11/05 20:44:07.0171 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2010/11/05 20:44:07.0375 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2010/11/05 20:44:07.0578 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2010/11/05 20:44:07.0671 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/11/05 20:44:07.0843 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/11/05 20:44:08.0062 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/11/05 20:44:08.0218 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/11/05 20:44:08.0359 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/11/05 20:44:08.0453 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/11/05 20:44:08.0640 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/11/05 20:44:08.0843 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/11/05 20:44:09.0046 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/11/05 20:44:09.0390 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/11/05 20:44:09.0609 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
2010/11/05 20:44:09.0921 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/11/05 20:44:10.0125 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/11/05 20:44:10.0343 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/11/05 20:44:10.0578 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2010/11/05 20:44:10.0765 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/11/05 20:44:10.0968 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
2010/11/05 20:44:11.0187 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
2010/11/05 20:44:11.0375 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2010/11/05 20:44:11.0578 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/11/05 20:44:11.0781 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/11/05 20:44:12.0000 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/11/05 20:44:12.0265 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
2010/11/05 20:44:12.0375 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
2010/11/05 20:44:12.0609 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
2010/11/05 20:44:12.0812 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/11/05 20:44:13.0000 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/11/05 20:44:13.0203 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/11/05 20:44:13.0390 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2010/11/05 20:44:13.0578 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2010/11/05 20:44:13.0765 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2010/11/05 20:44:13.0984 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2010/11/05 20:44:14.0156 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/11/05 20:44:14.0312 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/11/05 20:44:14.0562 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/11/05 20:44:14.0687 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/11/05 20:44:14.0812 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/11/05 20:44:14.0953 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
2010/11/05 20:44:15.0062 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
2010/11/05 20:44:15.0453 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
2010/11/05 20:44:15.0781 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
2010/11/05 20:44:15.0890 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
2010/11/05 20:44:16.0031 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
2010/11/05 20:44:16.0125 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
2010/11/05 20:44:16.0296 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
2010/11/05 20:44:16.0468 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
2010/11/05 20:44:16.0703 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2010/11/05 20:44:16.0906 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/11/05 20:44:17.0109 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2010/11/05 20:44:17.0453 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/11/05 20:44:17.0937 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys
2010/11/05 20:44:18.0218 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2010/11/05 20:44:18.0406 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/11/05 20:44:18.0796 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/11/05 20:44:18.0984 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/11/05 20:44:19.0171 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/11/05 20:44:19.0359 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/11/05 20:44:19.0562 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/11/05 20:44:19.0750 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/11/05 20:44:19.0921 USB_RNDIS_XP (bee793d4a059caea55d6ac20e19b3a8f) C:\WINDOWS\system32\DRIVERS\usb8023.sys
2010/11/05 20:44:20.0015 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/11/05 20:44:20.0171 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2010/11/05 20:44:20.0296 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2010/11/05 20:44:20.0500 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/11/05 20:44:20.0703 W8335XP (7455b3c11a1d6a844b53febdb58646e9) C:\WINDOWS\system32\DRIVERS\WG311v3XP.sys
2010/11/05 20:44:20.0968 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/11/05 20:44:21.0218 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/11/05 20:44:21.0500 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
2010/11/05 20:44:21.0687 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2010/11/05 20:44:21.0781 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/11/05 20:44:21.0968 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/11/05 20:44:22.0140 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/11/05 20:44:22.0265 ================================================================================
2010/11/05 20:44:22.0265 Scan finished
2010/11/05 20:44:22.0265 ================================================================================

 

You want me to download and run another combofix? And then run rkill after that?

 

So as this scan was running. An error came up in a window that is titles "OTL "

It reads:
"Cannot create file C:\Documents and Settings\Michele D. Diaz\cmd.bat. "


Did I do something wrong?

 

It's hard to tell. At the bottom it has said the same thing for over 5 minutes... Does that mean it has stopped or it's just taking a while?