Avira finds virus or hidden virus or unwanted prog. Rescue CD?

View previous topic View next topic Go down

Avira finds virus or hidden virus or unwanted prog. Rescue CD?

Post by Chic_Bowdrie on Sun 09 Oct 2011, 2:44 am

My Dell Dimension 8100 (formerly Millenium, now XP Home) has Avira detecting "One or more hidden objects that indicate a hidden virus or unwanted program were found." Then it says, "An analysis of ˙our computer with the Avira rescue CD is necessary for exact identification and repair. Do you want to cancel the scan?"

I don't know, should I? I don't have an Avira rescue CD.

This happened immediately after being redirected from a, well let's say, politically volatile local website to a porn site. Other website visiters got the same redirect I hear.

Chic_Bowdrie

Newbie Surfer
Newbie Surfer

Posts : 18
Joined : 2009-09-26
Operating System : Windows XP Home

View user profile

Back to top Go down

Re: Avira finds virus or hidden virus or unwanted prog. Rescue CD?

Post by Chic_Bowdrie on Wed 12 Oct 2011, 11:09 pm

I completed the Avira scan and ran OTL, etc. Here are the scans. Is there a potential threat here?

OTL logfile created on: 10/11/2011 11:18:24 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\jim\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy

767.02 Mb Total Physical Memory | 510.04 Mb Available Physical Memory | 66.50% Memory free
1.83 Gb Paging File | 1.30 Gb Available in Paging File | 71.14% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 6.98 Gb Free Space | 18.72% Space Free | Partition Type: FAT32
Drive D: | 232.83 Gb Total Space | 192.03 Gb Free Space | 82.48% Space Free | Partition Type: FAT32
Drive E: | 178.20 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 232.88 Gb Total Space | 118.16 Gb Free Space | 50.74% Space Free | Partition Type: NTFS

Computer Name: JIMS8100 | User Name: jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/07 09:25:28 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jim\Desktop\OTL.exe
PRC - [2011/10/06 16:32:26 | 000,136,584 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\ramaint.exe
PRC - [2011/10/06 16:32:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2011/09/23 18:08:20 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/09/23 18:01:10 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/09/23 11:38:22 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/09/16 02:34:44 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/08/11 19:15:58 | 003,297,624 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASC.exe
PRC - [2011/08/09 16:56:40 | 000,417,112 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
PRC - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2011/07/20 12:19:46 | 000,820,568 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2010/11/08 12:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
PRC - [2010/09/17 15:40:06 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008/04/13 19:12:20 | 001,033,728 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
PRC - [2006/07/19 11:45:12 | 000,595,632 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
PRC - [2005/01/12 08:22:58 | 000,380,928 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\Tracker Software\PDF-XChange 3 Pro\pdfSaver\pdfSaver3.exe
PRC - [2001/08/17 22:36:42 | 000,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\SYSTEM32\devldr32.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/16 02:06:00 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011/08/11 15:15:00 | 000,851,800 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\Scan.dll
MOD - [2011/08/09 16:41:02 | 000,564,712 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\sqlite3.dll
MOD - [2011/08/09 16:40:00 | 000,058,712 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\NtfsData.dll
MOD - [2011/08/09 16:39:16 | 000,026,456 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 4\DiskMap.dll
MOD - [2009/02/06 16:13:50 | 000,094,720 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2005/01/12 08:23:20 | 000,008,192 | ---- | M] () -- C:\Program Files\Tracker Software\PDF-XChange 3 Pro\pdfSaver\fm30xmf.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/10/06 16:32:26 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2011/10/06 16:32:14 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2011/09/23 18:08:20 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/09/23 18:01:10 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011/07/20 12:19:46 | 000,820,568 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2010/12/10 22:44:30 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/11/08 12:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010/10/31 01:45:18 | 000,107,296 | ---- | M] (Kepware Technologies) [On_Demand | Stopped] -- C:\Program Files\Kepware\KEPServerEX 5\server_eventlog.exe -- (KEPServerEXLoggerV5)
SRV - [2010/10/31 01:44:48 | 000,184,096 | ---- | M] (Kepware Technologies) [On_Demand | Stopped] -- C:\Program Files\Kepware\KEPServerEX 5\server_runtime.exe -- (KEPServerEXV5)
SRV - [2009/02/05 03:04:08 | 000,139,488 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\OpcEnum.exe -- (OpcEnum)
SRV - [2008/12/16 14:01:18 | 001,251,720 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2008/01/29 17:38:32 | 000,583,048 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2007/01/09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice Ex)
SRV - [2007/01/09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/01/09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/01/09 22:59:32 | 000,108,648 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006/12/15 13:36:28 | 000,750,720 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService)
SRV - [2006/07/19 11:45:12 | 000,595,632 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe -- (GBPoll)
SRV - [2006/06/13 15:02:50 | 000,239,264 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2006/02/27 12:32:18 | 000,083,616 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe -- (ccPwdSvc)
SRV - [2005/11/03 19:08:02 | 000,095,832 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE -- (NProtectService)
SRV - [2005/11/03 18:44:58 | 000,176,193 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Norton SystemWorks\Norton Utilities\Speed Disk\NOPDB.exe -- (Speed Disk service)
SRV - [2005/08/12 17:37:50 | 001,504,256 | ---- | M] (Cisco Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)


========== Driver Services (SafeList) ==========

DRV - [2011/09/18 08:39:28 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avipbb.sys -- (avipbb)
DRV - [2011/09/15 23:55:06 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avkmgr.sys -- (avkmgr)
DRV - [2011/09/15 23:55:04 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avgntflt.sys -- (avgntflt)
DRV - [2011/07/06 16:32:48 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll.000.bak -- (LMIRfsClientNP)
DRV - [2010/09/17 15:40:06 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2010/09/17 15:40:06 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2010/06/17 15:14:28 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ssmdrv.sys -- (ssmdrv)
DRV - [2009/09/26 01:30:18 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/04/13 13:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2007/09/04 07:18:54 | 000,112,688 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2007/08/31 04:00:00 | 000,395,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2007/06/14 18:34:00 | 000,457,856 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\PAC7302.SYS -- (PAC7302)
DRV - [2006/12/04 21:10:22 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\symlcbrd.sys -- (symlcbrd)
DRV - [2006/08/18 08:47:10 | 000,406,672 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2006/07/19 11:45:12 | 000,117,760 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\GoBack2k.sys -- (GoBack2K)
DRV - [2006/07/19 11:45:12 | 000,015,360 | R--- | M] (Symantec Corporation) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\GBFSHook.sys -- (GBFSHook)
DRV - [2006/07/19 11:45:12 | 000,005,632 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\GBDevice.sys -- (GBDevice)
DRV - [2005/11/03 18:56:06 | 000,081,748 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NPDRIVER.SYS -- (NPDriver)
DRV - [2005/11/03 18:43:42 | 000,090,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SdDriver.SYS -- (SDdriver)
DRV - [2005/08/12 17:35:56 | 000,305,739 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2005/05/17 04:51:34 | 000,005,315 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\CVirtA.sys -- (CVirtA)
DRV - [2005/03/02 07:10:00 | 000,028,216 | ---- | M] (SafeNet, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\SNTNLUSB.SYS -- (SNTNLUSB)
DRV - [2005/01/26 05:22:20 | 000,280,344 | ---- | M] (Zone Labs LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\vsdatant.sys -- (vsdatant)
DRV - [2005/01/25 20:28:08 | 000,033,307 | ---- | M] (Service & Quality Technology.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Capt905c.sys -- (SQTECH905C)
DRV - [2004/11/03 12:07:24 | 000,146,888 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\dne2000.sys -- (DNE)
DRV - [2004/03/05 17:09:02 | 000,003,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\CheckIt\Diagnostics\MAPMEM.SYS -- (MAPMEM)
DRV - [2004/03/05 17:09:00 | 000,003,744 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\CheckIt\Diagnostics\BCMNTIO.SYS -- (BCMNTIO)
DRV - [2003/04/08 20:47:02 | 000,034,568 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\sunkfilt.sys -- (SunkFilt)
DRV - [2001/08/17 12:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001/08/17 12:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001/08/17 12:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001/08/17 12:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctljystk.sys -- (ctljystk)
DRV - [2001/08/17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\el90xbc5.sys -- (EL90XBC)
DRV - [2000/02/09 03:55:12 | 000,010,379 | R--- | M] (OLYMPUS Optical Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\olcamudp.sys -- (OlCamudp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Use Search Asst = no
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.71\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.71\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\5.0.1423.0\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/12/21 10:49:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/14 00:18:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.2\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2004/10/10 15:53:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.2\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2004/10/10 15:31:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.2\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2004/10/10 15:53:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.2\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2004/10/10 15:31:22 | 000,000,000 | ---D | M]

[2011/09/14 00:19:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\jim\Application Data\Mozilla\Extensions
[2011/09/20 08:51:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\jim\Application Data\Mozilla\Firefox\Profiles\6avo2q2r.default\extensions
[2011/09/20 08:54:58 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\jim\Application Data\Mozilla\Firefox\Profiles\6avo2q2r.default\extensions\LogMeInClient@logmein.com
[2011/09/14 00:18:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/04/02 14:00:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/10/02 09:25:52 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/02 09:25:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

========== Chrome ==========

CHR - default_search_provider: Yahoo! Search ()
CHR - default_search_provider: search_url = [You must be registered and logged in to see this link.]
CHR - default_search_provider: suggest_url =

O1 HOSTS File: ([2008/12/14 01:09:10 | 000,289,183 | R--- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123haustiereundmehr.com
O1 - Hosts: 9985 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1808648B-3102-4293-8AD3-06AF71D3321B} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - Reg Error: Value error. File not found
O2 - BHO: (PnIEBrowserHelperObj Class) - {4B5F2E08-6F39-479a-B547-B2026E4C7EDF} - C:\Program Files\EarthLink TotalAccess\PnEL.dll (EarthLink, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - Reg Error: Value error. File not found
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - Reg Error: Value error. File not found
O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\14.0.835.202\npchrome_frame.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Pop-Up Blocker) - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll (EarthLink, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {38D8BEB0-8E9C-48E2-B36E-759615F9930F} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Pop-Up Blocker) - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll (EarthLink, Inc.)
O3:HKU - HKCU\..\Toolbar\ShellBrowser: (EarthLink Toolbar) - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll (EarthLink, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Radio) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM32\msdxm.ocx ()
O3 - HKCU\..\Toolbar\WebBrowser: (Pop-Up Blocker) - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll (EarthLink, Inc.)
O3:HKU - HKCU\..\Toolbar\WebBrowser: (EarthLink Toolbar) - {D7F30B62-8269-41AF-9539-B2697FA7D77E} - C:\Program Files\EarthLink TotalAccess\PnEL.dll (EarthLink, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O9 - Extra Button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk ()
O9 - Extra 'Tools' menuitem : Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk ()
O15 - HKCU\..Trusted Domains: huffingtonpost.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: windowsupdate.com ([[You must be registered and logged in to see this link.] http in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} [You must be registered and logged in to see this link.] (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} [You must be registered and logged in to see this link.] (Musicnotes Viewer)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} [You must be registered and logged in to see this link.] (Symantec AntiVirus scanner)
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} [You must be registered and logged in to see this link.] (Cult3D ActiveX Player)
O16 - DPF: {32564D57-0000-0010-8000-00AA00389B71} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {32564D57-9980-0010-8000-00AA00389B71} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} [You must be registered and logged in to see this link.] (Symantec RuFSI Utility Class)
O16 - DPF: {65E7DB1D-0101-4100-BD66-C5C78C917F93} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [You must be registered and logged in to see this link.] (MUWebControl Class)
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} [You must be registered and logged in to see this link.] (Groove Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} [You must be registered and logged in to see this link.] (DmiReader Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} [You must be registered and logged in to see this link.] (ScorchPlugin Class)
O16 - DPF: {AF087E66-838E-4A97-8A0B-0DDDA5DEA239} [You must be registered and logged in to see this link.] (OTAutoInstall Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} [You must be registered and logged in to see this link.] (ZoneIntro Class)
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} [You must be registered and logged in to see this link.] (Symantec RuFSI Registry Information Class)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_20)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {D4FC3BED-35BF-45D0-8BB4-56586370053B} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} [You must be registered and logged in to see this link.] (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Value error.)
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} [You must be registered and logged in to see this link.] (HeartbeatCtl Class)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} [You must be registered and logged in to see this link.] (Performance Viewer Activex Control)
O16 - DPF: DirectAnimation Java Classes [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 204.186.110.76 216.144.187.37 216.144.187.199
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB0C3F53-A796-4DF4-AC03-808B4BF85BA4}: DhcpNameServer = 204.186.110.76 216.144.187.37 216.144.187.199
O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\14.0.835.202\npchrome_frame.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\jim\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\jim\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2000/08/09 10:26:38 | 000,000,079 | -HS- | M] () - C:\AUTOEXEC.DOS -- [ FAT32 ]
O32 - AutoRun File - [2004/01/08 14:13:50 | 000,000,271 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/01/08 14:13:50 | 000,000,271 | -HS- | M] () - C:\AUTOEXEC.BAK -- [ FAT32 ]
O32 - AutoRun File - [2001/08/18 13:12:22 | 000,000,194 | ---- | M] () - C:\AUTOEXEC.LNS -- [ FAT32 ]
O32 - AutoRun File - [2002/01/14 00:33:32 | 000,000,224 | ---- | M] () - C:\AUTOEXEC.001 -- [ FAT32 ]
O32 - AutoRun File - [2003/10/13 02:06:24 | 000,000,060 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{2ec1c344-41eb-11d8-86c1-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{2ec1c344-41eb-11d8-86c1-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2ec1c344-41eb-11d8-86c1-806d6172696f}\Shell\AutoRun\command - "" = E:\SetupWizard.exe -- [2004/10/22 04:55:52 | 002,785,280 | R--- | M] (Linksys)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\NCDSTART.EXE
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: Ip6FwHlp - File not found

MsConfig - Services: "Automatic LiveUpdate Scheduler"
MsConfig - Services: "Speed Disk service"
MsConfig - Services: "ose"
MsConfig - Services: "NProtectService"
MsConfig - Services: "MSSQL$ERSQLEXPRESS"
MsConfig - Services: "LiveUpdate"
MsConfig - Services: "CLTNetCnService"
MsConfig - Services: "ccSetMgr"
MsConfig - Services: "ccPwdSvc"
MsConfig - Services: "ccProxy"
MsConfig - Services: "ccEvtMgr"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Norton GoBack.lnk - C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe - (Symantec Corporation)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Office Startup.lnk - - File not found
MsConfig - StartUpReg: Ad-Watch - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Advanced SystemCare 3 - hkey= - key= - File not found
MsConfig - StartUpReg: Advanced SystemCare 4 - hkey= - key= - C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
MsConfig - StartUpReg: KEPServerEX 5.4 - hkey= - key= - C:\Program Files\Kepware\KEPServerEX 5\server_admin.exe (Kepware Technologies)
MsConfig - StartUpReg: Microsoft Default Manager - hkey= - key= - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
MsConfig - StartUpReg: nwiz - hkey= - key= - File not found
MsConfig - StartUpReg: PAC7302_Monitor - hkey= - key= - C:\WINDOWS\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: SystemTray - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: IMFservice - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - File not found
SafeBootNet: nm.sys - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: ^RNA - rundll rnasetup.dll,installoptionalcomponent rna
ActiveX: {057997dd-71e4-43cc-b161-3f8180691a9e} - Q824145
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0e} - Internet Explorer ReadMe
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {10e511f5-37fc-4755-9d24-01791bc762cd} - UpdatePkg
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {16f41c69-09f5-41d2-8cd8-3c08c47bc8a8} - Background copy queue manager
ActiveX: {20D949A5-2A8D-4cee-8C6A-43728AD58711} -
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Microsoft NetShow Player
ActiveX: {2298d453-bcae-4519-bf33-1cbf3faf1524} - Q867801
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Macromedia Shockwave Director 10.1.1
ActiveX: {2757B1D6-0367-4663-877C-93ECC5C01BF6} - Q324929
ActiveX: {2806b4d1-cadf-4568-99df-1c8836a6b4bc} - Windows Millennium Edition Q823559 Update
ActiveX: {280ad020-daec-11d2-83c7-0000f8051539} - Mobile processor update
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {28FD0F82-4A73-4453-84A6-2F4F62702A3F} - Background copy downloader
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {34718640-ecfa-11d2-b5da-00a0c90833e8} - Windows 98 Second Edition
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015D} - DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {47f67d00-9e55-11d1-baef-00c04fc2d130} - AOL Support Files
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {50daafc0-e217-11d2-83c7-0000f8051539} - Continuous windows operation fix
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - Internet Connection Wizard
ActiveX: {5cc28b05-024f-4194-aa40-9aaca85e93b3} - Windows Millennium Edition Q329048 Update
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {632b4e05-ec51-49e9-a94d-fa8d0db9cdb6} - Windows Millennium Edition Q278633 Update
ActiveX: {639A91D2-85C8-F72D-BF77-309DF87495F9} - Internet Explorer ReadMe
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {76C19B50-F0C8-11cf-87CC-0020AFEECF20} - Language Auto-Selection
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {795d0712-722c-43ec-906a-fc5e678eada9} - Q831167
ActiveX: {7F222F9D-469C-66E7-D04E-5216CD2EEEBC} - Q867801
ActiveX: {893c7200-9dd-11d2-b0d6-00c04f777f0c} - Microsoft Libraries update
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4395} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {8d84e56e-fbac-4e09-af5e-6cde8294b998} - Windows Millennium Edition Q273991 Update
ActiveX: {8e877e70-0313-4578-852e-4b2687a9917e} - Windows Millennium Edition Q323172 Update
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {96543d59-497a-4801-a1f3-5936aacaf7b1} - Q828750
ActiveX: {96ff9e49-fb06-487a-8387-1104b13ac161} - Windows Millennium Edition Q329115 Update
ActiveX: {9EF0045A-CDD9-438e-95E6-02B9AFEC8E11} - C:\WINDOWS\SYSTEM32\updcrl.exe -e -u C:\WINDOWS\SYSTEM\verisignpub1.crl
ActiveX: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - Industry Update Control
ActiveX: {A0C51F80-12E9-4434-A7DB-8EAD52104135} - Windows Millennium Edition Q323255 Update
ActiveX: {a541db6a-b02b-46f0-8ea3-826eb939543c} - Windows Millennium Edition Q272016 Update
ActiveX: {abcdf74f-9a64-4e6e-b8eb-6e5a41de6550} -
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {b59c7da0-daea-11d2-83c7-0000f8051539} - Registration wizard update
ActiveX: {B9A1063C-F9CC-11D1-8E01-0020AFE53FCF} - Active accessibility update
ActiveX: {BC4D15E2-66F9-40CB-8AE1-E1405D3D08B9} - q269368
ActiveX: {BDA7A94B-496C-AE1A-B6A2-2DEA93844824} - Macromedia Shockwave Director 10.1
ActiveX: {bddca085-1928-4215-aa65-c6af5eee8ef6} - Windows Millennium Edition Q812709 Update
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C5973BFE-8891-4c24-903E-3907A15AC223} - Windows Millennium Edition Q811630 Update
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CA0A4247-44BE-11d1-A005-00805F8ABE06} - RunDLL setupx.dll,InstallHinfSection PowerCfg.user 0 powercfg.inf
ActiveX: {cac8c219-e6b7-422c-89ee-77028aa3ac18} - Windows Millennium Edition Q825119 Update
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {ce3a4089-cd35-4358-b5c7-36625717011b} - Windows Millennium Edition Q299014 Update
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {d6234cda-9e48-4060-990e-e92872d33286} - Windows Millennium Edition Q287564 Update
ActiveX: {DBB3C81D-3C91-4a1e-BDDF-905B61C7CEDF} - Security Update for the Microsoft VM
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {dfb341b5-0389-4479-8b5b-6a55d363240f} - Windows Millennium Edition Q273017 Update
ActiveX: {e6efec7d-797a-45ee-8eb4-afdb90c0d644} - Windows Millennium Edition Q314757 Update
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: {f502aef4-a754-4c82-9f12-a5149f71ea89} - Windows Millennium Edition Q290700 Update
ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: {F9B342B3-6606-49a2-AAAC-240A7E62C4D7} - IEAudioUpdate
ActiveX: {fe845bbb-92c4-4e89-b1c1-1e8f2d0bcd77} - Windows Millennium Edition Q318307 Update
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: aux - C:\WINDOWS\System32\ctwdm32.dll (Creative Technology Ltd.)
Drivers32: msacm.iac2 - C:\WINDOWS\SYSTEM32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecx.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\WINDOWS\System32\LHACM.ACM (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: VIDC.IV50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.VDOM - vdowave.drv File not found
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/10/07 13:29:34 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\jim\Desktop\aswMBR.exe
[2011/10/07 09:25:48 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jim\Desktop\OTL.exe
[2011/10/04 16:18:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/10/04 10:39:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jim\Application Data\Avira
[2011/10/04 10:38:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira
[2011/10/04 10:38:18 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011/10/04 10:38:15 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2011/10/04 10:38:14 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/10/04 10:38:14 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/10/04 10:38:12 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/10/04 10:38:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Avira
[2011/10/01 15:51:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\All Users\Documents\user2
[2011/09/27 10:57:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\All Users\Documents\System Integration
[2011/09/21 13:52:02 | 000,000,000 | ---D | C] -- C:\Alarms
[2011/09/14 00:18:07 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2001/06/15 10:14:23 | 000,059,392 | ---- | C] ( ) -- C:\WINDOWS\System32\A3D.DLL
[8 C:\Documents and Settings\jim\Desktop\exwife\My Documents\*.tmp files -> C:\Documents and Settings\jim\Desktop\exwife\My Documents\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2303 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/12 00:28:02 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{298B464F-F838-4510-A79E-E8C56E72ACEB}.job
[2011/10/12 00:26:02 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\LiveUpdate - Norton AntiVirus.job
[2011/10/12 00:00:02 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\Symantec Drmc.job
[2011/10/11 23:42:02 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/11 23:37:52 | 000,000,360 | ---- | M] () -- C:\WINDOWS\tasks\PCHealth Scheduler for Data Collection.job
[2011/10/11 17:00:02 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_AutoUpdate.job
[2011/10/11 16:42:02 | 000,000,876 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/10 12:00:02 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
[2011/10/10 01:00:04 | 000,000,484 | ---- | M] () -- C:\WINDOWS\tasks\Maintenance-Defragment programs.job
[2011/10/09 20:41:02 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/10/08 10:41:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/10/07 17:00:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_AutoCare.job
[2011/10/07 13:29:46 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\jim\Desktop\aswMBR.exe
[2011/10/07 09:25:28 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jim\Desktop\OTL.exe
[2011/10/07 09:19:46 | 001,008,092 | ---- | M] () -- C:\WINDOWS\All Users\Documents\rkill.exe
[2011/10/06 16:32:16 | 000,083,360 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIRfsClientNP.dll
[2011/10/06 16:32:14 | 000,087,424 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIinit.dll
[2011/10/06 16:32:14 | 000,030,592 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\LMIport.dll
[2011/10/06 00:01:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/04 10:38:50 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk
[2011/10/04 10:34:46 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/10/04 10:31:14 | 000,000,260 | ---- | M] () -- C:\WINDOWS\tasks\EarlyResponse.job
[2011/10/04 10:30:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/04 10:29:36 | 804,347,904 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/04 09:41:00 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011/10/02 20:52:40 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/10/02 20:52:40 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/10/01 00:30:02 | 000,000,522 | ---- | M] () -- C:\WINDOWS\tasks\Maintenance-Disk cleanup.job
[2011/09/28 20:46:48 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2011/09/26 23:06:00 | 000,000,217 | -HS- | M] () -- C:\boot.ini
[2011/09/26 05:15:24 | 000,007,602 | ---- | M] () -- C:\WINDOWS\All Users\Documents\Concept print.pdf
[2011/09/26 04:31:12 | 000,122,807 | ---- | M] () -- C:\WINDOWS\All Users\Documents\VillaWatchSound.pdf
[2011/09/26 04:28:18 | 000,083,861 | ---- | M] () -- C:\WINDOWS\All Users\Documents\server tags.pdf
[2011/09/26 04:23:42 | 000,080,262 | ---- | M] () -- C:\WINDOWS\All Users\Documents\KEPware.pdf
[2011/09/26 04:20:50 | 000,048,572 | ---- | M] () -- C:\WINDOWS\All Users\Documents\Graphworks.pdf
[2011/09/25 21:59:00 | 000,007,136 | ---- | M] () -- C:\WINDOWS\All Users\Documents\In engineering.rtf
[2011/09/19 13:11:34 | 000,000,217 | ---- | M] () -- C:\Documents and Settings\jim\Desktop\boot.ini
[2011/09/18 08:39:28 | 000,134,344 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/09/15 23:55:06 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2011/09/15 23:55:04 | 000,074,640 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/09/14 00:18:16 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[8 C:\Documents and Settings\jim\Desktop\exwife\My Documents\*.tmp files -> C:\Documents and Settings\jim\Desktop\exwife\My Documents\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2303 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]


Chic_Bowdrie

Newbie Surfer
Newbie Surfer

Posts : 18
Joined : 2009-09-26
Operating System : Windows XP Home

View user profile

Back to top Go down

Re: Avira finds virus or hidden virus or unwanted prog. Rescue CD?

Post by Chic_Bowdrie on Wed 12 Oct 2011, 11:13 pm

========== Files Created - No Company Name ==========

[2011/10/07 09:19:47 | 001,008,092 | ---- | C] () -- C:\WINDOWS\All Users\Documents\rkill.exe
[2011/10/04 10:38:47 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira Control Center.lnk
[2011/10/02 20:52:39 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/10/02 20:52:39 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/09/26 05:15:21 | 000,007,602 | ---- | C] () -- C:\WINDOWS\All Users\Documents\Concept print.pdf
[2011/09/26 04:30:25 | 000,122,807 | ---- | C] () -- C:\WINDOWS\All Users\Documents\VillaWatchSound.pdf
[2011/09/26 04:28:07 | 000,083,861 | ---- | C] () -- C:\WINDOWS\All Users\Documents\server tags.pdf
[2011/09/26 04:23:39 | 000,080,262 | ---- | C] () -- C:\WINDOWS\All Users\Documents\KEPware.pdf
[2011/09/26 04:20:45 | 000,048,572 | ---- | C] () -- C:\WINDOWS\All Users\Documents\Graphworks.pdf
[2011/09/25 21:58:59 | 000,007,136 | ---- | C] () -- C:\WINDOWS\All Users\Documents\In engineering.rtf
[2011/09/20 11:15:41 | 001,943,040 | ---- | C] () -- C:\WINDOWS\All Users\Documents\Villa_Doors_080812.vsd
[2011/09/19 13:11:31 | 000,000,217 | ---- | C] () -- C:\Documents and Settings\jim\Desktop\boot.ini
[2011/09/14 00:18:15 | 000,000,634 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/09/14 00:18:15 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/01/11 12:17:31 | 000,000,141 | ---- | C] () -- C:\WINDOWS\asym.ini
[2011/01/04 21:29:01 | 000,000,038 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2010/09/06 12:11:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PTWebCam.INI
[2010/09/04 21:20:37 | 000,000,322 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2009/09/08 18:37:04 | 000,001,013 | ---- | C] () -- C:\WINDOWS\DKAAE2DD.ini
[2009/04/15 23:59:24 | 000,000,057 | ---- | C] () -- C:\WINDOWS\TaxACT08.ini
[2009/04/15 19:31:56 | 000,000,074 | ---- | C] () -- C:\WINDOWS\TaxACT07.ini
[2009/03/31 12:29:31 | 000,000,674 | ---- | C] () -- C:\WINDOWS\CheckIt.INI
[2007/05/22 19:14:58 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2007/04/26 18:05:52 | 000,000,014 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007/03/31 14:54:39 | 000,000,077 | ---- | C] () -- C:\WINDOWS\TONKA.INI
[2007/03/20 16:44:02 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.ini
[2006/11/23 15:55:30 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2006/11/23 15:55:30 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2006/11/23 15:55:30 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2006/03/19 01:15:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Webspace.INI
[2005/12/23 14:06:11 | 000,000,058 | ---- | C] () -- C:\WINDOWS\Cloud9.ini
[2005/12/20 15:16:12 | 000,000,118 | ---- | C] () -- C:\WINDOWS\photoimpression.ini
[2005/09/01 14:32:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\webica.ini
[2005/08/12 17:38:00 | 000,181,176 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2005/08/12 17:37:46 | 000,189,440 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2005/06/18 10:34:34 | 000,001,682 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/06/18 10:34:34 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\518545332E.sys
[2005/05/30 13:52:15 | 000,000,233 | ---- | C] () -- C:\WINDOWS\ka.ini
[2005/05/30 13:00:08 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\Clifford Uninstall.exe
[2005/04/21 14:35:07 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/04/17 20:45:02 | 000,001,126 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2005/04/17 20:41:28 | 000,001,265 | ---- | C] () -- C:\WINDOWS\ipconfig.dat
[2005/02/28 21:49:24 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\EarlyResponse.dll
[2004/10/26 18:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/10/10 15:54:33 | 000,105,168 | ---- | C] () -- C:\WINDOWS\NSUninst.exe
[2004/10/10 15:50:51 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2004/10/10 15:31:31 | 000,017,422 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2004/10/02 19:20:20 | 000,000,037 | ---- | C] () -- C:\WINDOWS\Viewer.ini
[2004/09/28 18:27:58 | 000,001,227 | ---- | C] () -- C:\WINDOWS\HME95.INI
[2004/08/29 11:17:45 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/06/13 09:02:31 | 000,000,019 | ---- | C] () -- C:\WINDOWS\MSMAIL32.INI
[2004/05/18 22:03:48 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2004/03/19 08:30:48 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2004/03/19 08:29:48 | 000,000,021 | ---- | C] () -- C:\WINDOWS\CS_setup.ini
[2004/03/14 16:18:52 | 000,000,086 | ---- | C] () -- C:\WINDOWS\install.ini
[2004/03/14 16:14:40 | 000,000,094 | ---- | C] () -- C:\WINDOWS\CuriousP.INI
[2004/03/09 18:13:28 | 000,000,033 | ---- | C] () -- C:\WINDOWS\HKBFn.ini
[2004/02/08 20:20:33 | 000,000,058 | ---- | C] () -- C:\WINDOWS\ed100.dll
[2004/02/07 00:18:05 | 000,000,122 | ---- | C] () -- C:\WINDOWS\ALBUM.INI
[2004/02/05 15:50:29 | 000,000,421 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2004/01/25 09:15:36 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.exwife.ini
[2004/01/20 10:25:33 | 000,000,030 | ---- | C] () -- C:\WINDOWS\TaskPanl.INI
[2004/01/19 11:17:55 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\jim\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2004/01/17 10:22:59 | 000,290,919 | ---- | C] () -- C:\WINDOWS\System32\pythoncom21.dll
[2004/01/17 10:22:59 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes21.dll
[2004/01/17 10:20:29 | 000,096,768 | ---- | C] () -- C:\WINDOWS\SlantAdj.dll
[2004/01/17 10:20:29 | 000,003,136 | ---- | C] () -- C:\WINDOWS\Ade001.bin
[2004/01/17 10:20:29 | 000,000,072 | ---- | C] () -- C:\WINDOWS\System32\epDPE.ini
[2004/01/15 08:48:47 | 000,000,023 | ---- | C] () -- C:\WINDOWS\Edmark.ini
[2004/01/13 18:15:27 | 000,000,944 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2004/01/10 13:25:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2004/01/08 15:26:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/01/08 15:19:12 | 000,000,351 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/01/08 15:19:09 | 000,002,176 | ---- | C] () -- C:\WINDOWS\LnkStub.dat
[2004/01/08 15:13:26 | 000,172,128 | ---- | C] () -- C:\WINDOWS\BI.INI
[2004/01/08 15:13:26 | 000,003,793 | ---- | C] () -- C:\WINDOWS\disney.ini
[2004/01/08 15:13:26 | 000,000,609 | ---- | C] () -- C:\WINDOWS\Tcd_FD8B807.ini
[2004/01/08 15:13:26 | 000,000,401 | ---- | C] () -- C:\WINDOWS\dialer.ini
[2004/01/08 15:13:26 | 000,000,285 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2004/01/08 15:13:26 | 000,000,219 | ---- | C] () -- C:\WINDOWS\encore_launcher.ini
[2004/01/08 15:13:26 | 000,000,206 | ---- | C] () -- C:\WINDOWS\EPSON 1260_1660 Installer.ini
[2004/01/08 15:13:26 | 000,000,190 | ---- | C] () -- C:\WINDOWS\KPCMS.INI
[2004/01/08 15:13:26 | 000,000,184 | ---- | C] () -- C:\WINDOWS\PROFILER.INI
[2004/01/08 15:13:26 | 000,000,094 | ---- | C] () -- C:\WINDOWS\EZPHOTO.INI
[2004/01/08 15:13:26 | 000,000,039 | ---- | C] () -- C:\WINDOWS\UPDATEMGR.INI
[2004/01/08 15:13:26 | 000,000,035 | ---- | C] () -- C:\WINDOWS\EARTHLINK.INI
[2004/01/08 15:13:26 | 000,000,032 | ---- | C] () -- C:\WINDOWS\SUPERPAC.INI
[2004/01/08 15:13:26 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2004/01/08 15:13:26 | 000,000,026 | ---- | C] () -- C:\WINDOWS\MSOFFICE.INI
[2004/01/08 15:13:26 | 000,000,026 | ---- | C] () -- C:\WINDOWS\EREGCLNT.INI
[2004/01/08 15:13:26 | 000,000,011 | ---- | C] () -- C:\WINDOWS\mathadv.ini
[2004/01/08 15:13:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
[2004/01/08 15:13:25 | 000,012,484 | ---- | C] () -- C:\WINDOWS\IOS.INI
[2004/01/08 15:13:25 | 000,007,885 | ---- | C] () -- C:\WINDOWS\NETDET.INI
[2004/01/08 15:13:25 | 000,005,068 | ---- | C] () -- C:\WINDOWS\DELETEFI.INI
[2004/01/08 15:13:25 | 000,004,766 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/01/08 15:13:25 | 000,003,598 | ---- | C] () -- C:\WINDOWS\HTMLHELP.INI
[2004/01/08 15:13:25 | 000,001,123 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/01/08 15:13:25 | 000,000,787 | ---- | C] () -- C:\WINDOWS\SCANREG.INI
[2004/01/08 15:13:25 | 000,000,260 | ---- | C] () -- C:\WINDOWS\7THLEVEL.INI
[2004/01/08 15:13:25 | 000,000,245 | ---- | C] () -- C:\WINDOWS\Msiosd.ini
[2004/01/08 15:13:25 | 000,000,231 | ---- | C] () -- C:\WINDOWS\Ac3api.ini
[2004/01/08 15:13:25 | 000,000,225 | ---- | C] () -- C:\WINDOWS\TELEPHON.INI
[2004/01/08 15:13:25 | 000,000,199 | ---- | C] () -- C:\WINDOWS\hpfsched.ini
[2004/01/08 15:13:25 | 000,000,177 | ---- | C] () -- C:\WINDOWS\WGrade.Ini
[2004/01/08 15:13:25 | 000,000,176 | ---- | C] () -- C:\WINDOWS\winmine.ini
[2004/01/08 15:13:25 | 000,000,127 | ---- | C] () -- C:\WINDOWS\CTSYNWDM.INI
[2004/01/08 15:13:25 | 000,000,122 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2004/01/08 15:13:25 | 000,000,109 | ---- | C] () -- C:\WINDOWS\einit.ini
[2004/01/08 15:13:25 | 000,000,060 | ---- | C] () -- C:\WINDOWS\POWERPNT.INI
[2004/01/08 15:13:25 | 000,000,054 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2004/01/08 15:13:25 | 000,000,044 | ---- | C] () -- C:\WINDOWS\UsrWiz.ini
[2004/01/08 15:13:25 | 000,000,044 | ---- | C] () -- C:\WINDOWS\BDHOME.INI
[2004/01/08 15:13:25 | 000,000,034 | ---- | C] () -- C:\WINDOWS\AUTHMGR.INI
[2004/01/08 15:13:25 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SOL.INI
[2004/01/08 15:13:25 | 000,000,023 | ---- | C] () -- C:\WINDOWS\TLCAPPS.INI
[2004/01/08 15:13:25 | 000,000,020 | ---- | C] () -- C:\WINDOWS\InfModM.ini
[2004/01/08 15:13:25 | 000,000,015 | ---- | C] () -- C:\WINDOWS\wgedit.ini
[2004/01/08 15:13:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\progman.ini
[2004/01/08 15:13:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\HPID.INI
[2004/01/08 15:13:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DELLSC.INI
[2004/01/08 15:13:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CTDiskID.INI
[2004/01/08 15:06:01 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/01/08 15:00:05 | 000,004,346 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/01/08 14:59:07 | 000,439,952 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/01/08 14:42:56 | 000,427,834 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/01/08 14:42:56 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/01/08 14:42:56 | 000,066,174 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/01/08 14:42:56 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/01/08 14:42:51 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/01/08 14:42:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/01/08 14:42:33 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/01/08 14:42:07 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/01/08 14:42:06 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/01/08 14:41:25 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/01/08 14:40:12 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/01/08 13:09:55 | 000,000,564 | ---- | C] () -- C:\Documents and Settings\jim\Application Data\FASTWiz.html
[2004/01/08 12:09:20 | 000,000,382 | ---- | C] () -- C:\Documents and Settings\jim\Application Data\FASTApp.html
[2004/01/01 21:13:53 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\GIF89.DLL
[2003/11/07 14:55:51 | 000,000,111 | ---- | C] () -- C:\Documents and Settings\jim\Application Data\fusioncache.dat
[2003/11/07 14:21:22 | 000,006,550 | ---- | C] () -- C:\WINDOWS\JAUTOEXP.DAT
[2003/10/06 14:16:00 | 000,027,136 | ---- | C] () -- C:\WINDOWS\System32\nvcod.dll
[2003/09/14 14:43:54 | 000,000,603 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2003/06/23 15:33:00 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2003/05/29 17:52:35 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\MASE32.DLL
[2003/05/29 17:52:34 | 000,196,096 | ---- | C] () -- C:\WINDOWS\System32\MACD32.DLL
[2003/05/29 17:52:34 | 000,136,192 | ---- | C] () -- C:\WINDOWS\System32\MAMC32.DLL
[2003/05/29 17:52:34 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\MASD32.DLL
[2003/05/29 17:52:34 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\MA32.DLL
[2003/02/15 13:47:31 | 000,000,963 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2002/12/25 04:35:34 | 000,044,032 | ---- | C] () -- C:\WINDOWS\System32\HPZCIN01.EXE
[2002/12/25 01:52:13 | 000,032,768 | R--- | C] () -- C:\WINDOWS\System32\hpfpnp.dll
[2002/11/01 22:14:35 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\nmocod.dll
[2002/11/01 17:21:46 | 000,352,288 | RH-- | C] () -- C:\WINDOWS\HWINFO.DAT
[2002/07/31 20:17:04 | 000,000,149 | ---- | C] () -- C:\WINDOWS\msrstr.dat
[2002/04/11 10:47:52 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\msmscoin.dll
[2002/03/05 20:45:27 | 002,688,104 | ---- | C] () -- C:\WINDOWS\aim95.exe
[2002/02/09 14:08:18 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2002/02/09 14:08:17 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\PDFWIN32.DLL
[2002/02/09 14:08:16 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll
[2002/02/09 14:08:16 | 000,065,864 | ---- | C] () -- C:\WINDOWS\System32\Digita.sys
[2002/02/09 14:08:16 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll
[2002/01/17 13:51:08 | 000,001,166 | ---- | C] () -- C:\WINDOWS\EReg515.dat
[2002/01/13 20:16:33 | 000,002,832 | ---- | C] () -- C:\WINDOWS\System32\rpcdce4.dll
[2001/09/17 23:28:29 | 000,000,012 | ---- | C] () -- C:\WINDOWS\iomqs3.dat
[2001/08/12 01:21:00 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2001/08/12 00:28:16 | 000,031,776 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2001/07/23 18:58:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\icmfilter.dll
[2001/07/14 07:34:53 | 000,000,818 | ---- | C] () -- C:\WINDOWS\EReg077.dat
[2001/06/15 10:28:49 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\saverrc.dll
[2001/06/15 10:12:52 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\msiosd32.dll
[2001/03/23 20:36:08 | 000,023,357 | -H-- | C] () -- C:\Program Files\folder.htt
[2000/04/20 15:49:49 | 000,036,864 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
[1999/04/22 05:31:50 | 002,679,222 | ---- | C] () -- C:\Program Files\BluesBirthdayDemo.(b)
[1998/06/10 11:08:40 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\Reputil.dll
[1997/09/23 00:00:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ODBCMON.DLL
[1997/09/23 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[1997/07/11 00:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1980/01/01 00:00:00 | 000,018,939 | ---- | C] () -- C:\WINDOWS\SETVER.EXE
[1980/01/01 00:00:00 | 000,001,646 | ---- | C] () -- C:\WINDOWS\MSDOS.SYS

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >
[2010/08/26 11:18:18 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\jim\Application Data\Microsoft\Wallpaper1.bmp

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2011/10/07 09:25:28 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jim\Desktop\OTL.exe
[2004/07/23 21:14:22 | 001,259,542 | ---- | M] (Belkin Components ) -- C:\Documents and Settings\jim\Desktop\F5U109_1.25.exe
[2011/10/07 13:29:46 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\jim\Desktop\aswMBR.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >
[2011/04/05 11:55:46 | 000,072,080 | ---- | M] () -- C:\Documents and Settings\jim\g2mdlhlpx.exe

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/10/02 09:25:42 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe
[2011/10/02 09:25:42 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/10/02 09:25:52 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/10/02 09:25:52 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2001/03/23 20:06:06 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2001/03/23 20:06:14 | 000,000,000 | R--D | M] -- C:\Program Files\NetMeeting
[2001/03/23 20:06:30 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2001/03/23 20:06:24 | 000,000,000 | R--D | M] -- C:\Program Files\Movie Maker
[2001/03/23 20:06:06 | 000,000,000 | R--D | M] -- C:\Program Files\Accessories
[2001/03/23 20:06:10 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2001/03/23 20:06:14 | 000,000,000 | R--D | M] -- C:\Program Files\Outlook Express
[2001/03/23 20:06:22 | 000,000,000 | R--D | M] -- C:\Program Files\old_Messenger
[2001/03/23 20:06:22 | 000,000,000 | R--D | M] -- C:\Program Files\Windows Media Player
[2001/03/23 20:01:50 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2001/03/23 20:06:14 | 000,000,000 | ---D | M] -- C:\Program Files\Plus!
[2001/03/23 20:40:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2001/03/23 20:41:10 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2004/01/05 16:25:02 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliPoint 4.12
[2001/03/23 20:43:28 | 000,000,000 | ---D | M] -- C:\Program Files\MSPress
[2001/06/15 10:11:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Hardware
[2001/06/15 10:11:56 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2001/06/15 10:12:24 | 000,000,000 | ---D | M] -- C:\Program Files\3Com Corporation
[2001/06/15 10:12:38 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2001/06/15 10:12:54 | 000,000,000 | ---D | M] -- C:\Program Files\Netropa
[2001/06/15 10:13:10 | 000,000,000 | ---D | M] -- C:\Program Files\Creative
[2006/06/15 02:49:22 | 000,000,000 | ---D | M] -- C:\Program Files\OLYMPUS
[2006/07/05 11:30:32 | 000,000,000 | ---D | M] -- C:\Program Files\BFG
[2002/11/19 14:43:22 | 000,000,000 | ---D | M] -- C:\Program Files\HP-MiniH
[2010/12/10 22:43:42 | 000,000,000 | ---D | M] -- C:\Program Files\Kepware
[2001/06/15 10:24:12 | 000,000,000 | ---D | M] -- C:\Program Files\Spire Inc
[2001/06/15 10:25:14 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Money
[2001/06/15 10:28:00 | 000,000,000 | ---D | M] -- C:\Program Files\MusicMatch
[2001/06/15 10:28:08 | 000,000,000 | -H-D | M] -- C:\Program Files\QMgr
[2001/06/15 10:28:50 | 000,000,000 | ---D | M] -- C:\Program Files\Sierra Imaging
[2001/06/15 10:30:48 | 000,000,000 | ---D | M] -- C:\Program Files\directx
[2002/12/25 04:36:10 | 000,000,000 | ---D | M] -- C:\Program Files\HP DeskJet 950C Series
[2001/07/03 22:51:26 | 000,000,000 | ---D | M] -- C:\Program Files\HP PhotoSmart
[2001/07/03 22:52:24 | 000,000,000 | ---D | M] -- C:\Program Files\Hewlett-Packard
[2001/07/04 20:47:16 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2006/02/10 21:26:34 | 000,000,000 | ---D | M] -- C:\Program Files\Broderbund Software
[2009/04/17 22:57:04 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2008/12/18 10:27:30 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2006/09/23 10:27:04 | 000,000,000 | ---D | M] -- C:\Program Files\Musicnotes
[2001/08/11 21:26:52 | 000,000,000 | ---D | M] -- C:\Program Files\3Com
[2006/06/12 14:03:58 | 000,000,000 | ---D | M] -- C:\Program Files\Belkin Bulldog Plus
[2001/08/11 21:39:58 | 000,000,000 | ---D | M] -- C:\Program Files\PhoneTools
[2001/08/11 21:44:54 | 000,000,000 | ---D | M] -- C:\Program Files\U.S. Robotics
[2001/08/11 21:45:00 | 000,000,000 | ---D | M] -- C:\Program Files\Ace
[2001/09/17 23:24:50 | 000,000,000 | ---D | M] -- C:\Program Files\Iomega QuikSync 3
[2009/03/31 17:18:38 | 000,000,000 | ---D | M] -- C:\Program Files\msn
[2009/03/31 17:19:40 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2006/10/05 17:58:50 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo! Games
[2003/01/08 22:01:08 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2002/01/17 13:48:20 | 000,000,000 | ---D | M] -- C:\Program Files\Disney Interactive
[2002/02/09 14:08:08 | 000,000,000 | ---D | M] -- C:\Program Files\PhotoDeluxe HE 3.1
[2002/02/09 14:08:24 | 000,000,000 | ---D | M] -- C:\Program Files\ImageServer
[2002/02/09 14:10:04 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe Type Manager
[2002/02/13 16:19:44 | 000,000,000 | ---D | M] -- C:\Program Files\The Learning Company
[2002/02/13 16:20:34 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2008/12/16 18:17:40 | 000,000,000 | ---D | M] -- C:\Program Files\CheckIt
[2009/01/20 16:26:40 | 000,000,000 | ---D | M] -- C:\Program Files\IObit
[2010/04/18 15:34:04 | 000,000,000 | ---D | M] -- C:\Program Files\GIMP-2.0
[2011/01/04 21:20:30 | 000,000,000 | ---D | M] -- C:\Program Files\ImagesBrowser
[2003/05/29 17:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\LEGO Media
[2003/04/27 16:10:28 | 000,000,000 | ---D | M] -- C:\Program Files\Imagine It!
[2003/04/27 21:54:56 | 000,000,000 | ---D | M] -- C:\Program Files\ICQLite
[2003/04/28 23:08:18 | 000,000,000 | ---D | M] -- C:\Program Files\ICQ
[2009/04/01 00:15:18 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live Safety Center
[2006/12/20 18:44:14 | 000,000,000 | ---D | M] -- C:\Program Files\3DGroove
[2002/12/07 11:12:12 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2002/12/11 22:21:48 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2002/12/11 22:22:00 | 000,000,000 | ---D | M] -- C:\Program Files\Norton AntiVirus
[2006/12/04 21:10:24 | 000,000,000 | ---D | M] -- C:\Program Files\Norton SystemWorks
[2007/05/24 20:12:14 | 000,000,000 | ---D | M] -- C:\Program Files\Ubi Soft
[2003/02/13 10:13:40 | 000,000,000 | ---D | M] -- C:\Program Files\Broderbund
[2003/02/13 10:10:12 | 000,000,000 | ---D | M] -- C:\Program Files\3D Home Design Suite
[2009/04/02 13:55:50 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2003/03/10 13:45:34 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2003/02/23 17:57:38 | 000,000,000 | ---D | M] -- C:\Program Files\Office97
[2003/05/03 09:07:14 | 000,000,000 | ---D | M] -- C:\Program Files\JavaSoft
[2003/09/14 14:37:28 | 000,000,000 | ---D | M] -- C:\Program Files\EPSON
[2003/09/14 14:42:26 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2003/10/05 21:46:32 | 000,000,000 | ---D | M] -- C:\Program Files\AOD
[2006/11/29 18:45:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mattel Interactive
[2003/10/15 15:03:08 | 000,000,000 | ---D | M] -- C:\Program Files\Disney
[2006/11/30 08:57:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2009/04/02 13:55:10 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2009/04/15 19:31:34 | 000,000,000 | ---D | M] -- C:\Program Files\2nd Story Software
[2003/11/24 17:09:42 | 000,000,000 | ---D | M] -- C:\Program Files\HASBRO Interactive
[2007/02/10 00:59:38 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2008/02/23 12:19:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2011/10/04 10:38:14 | 000,000,000 | ---D | M] -- C:\Program Files\Avira
[2004/01/04 08:57:16 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy
[2004/01/07 15:45:26 | 000,000,000 | ---D | M] -- C:\Program Files\EarthLink TotalAccess
[2004/01/08 15:04:14 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2004/01/08 15:05:48 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2004/01/08 15:21:06 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2004/01/08 15:21:06 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2010/09/04 21:16:54 | 000,000,000 | ---D | M] -- C:\Program Files\PhoTags Express
[2009/09/10 00:01:26 | 000,000,000 | ---D | M] -- C:\Program Files\InfraRecorder
[2007/06/22 13:26:46 | 000,000,000 | ---D | M] -- C:\Program Files\LogMeIn
[2007/07/23 10:06:46 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2004/01/09 15:49:00 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2004/01/09 15:49:32 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2008/01/31 19:07:14 | 000,000,000 | ---D | M] -- C:\Program Files\Sound Source Interactive
[2008/07/31 09:34:02 | 000,000,000 | ---D | M] -- C:\Program Files\Unity
[2009/09/10 00:10:46 | 000,000,000 | ---D | M] -- C:\Program Files\AutoStreamer
[2008/02/01 15:09:06 | 000,000,000 | ---D | M] -- C:\Program Files\FileZilla FTP Client
[2004/01/25 17:43:28 | 000,000,000 | ---D | M] -- C:\Program Files\Multimedia Card Reader
[2004/01/31 15:39:44 | 000,000,000 | ---D | M] -- C:\Program Files\HijackThis
[2009/02/16 18:42:10 | 000,000,000 | ---D | M] -- C:\Program Files\Make-A-List Shopper's Helper Trial
[2008/02/23 13:48:26 | 000,000,000 | ---D | M] -- C:\Program Files\ATTNaturalVoices
[2004/02/07 16:17:28 | 000,000,000 | ---D | M] -- C:\Program Files\HighMAT CD Writing Wizard
[2004/02/08 20:20:30 | 000,000,000 | ---D | M] -- C:\Program Files\The Free HTML Editor
[2008/02/23 14:09:20 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server
[2009/09/10 00:01:14 | 000,000,000 | ---D | M] -- C:\Program Files\Free Offers from Freeze.com
[2004/03/25 18:49:24 | 000,000,000 | ---D | M] -- C:\Program Files\TLI
[2009/09/25 13:21:42 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
[2010/09/04 21:20:28 | 000,000,000 | ---D | M] -- C:\Program Files\PC VGA Camer@ Plus
[2009/09/26 12:55:46 | 000,000,000 | ---D | M] -- C:\Program Files\Nick Arcade
[2009/11/09 22:14:34 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2010/04/18 15:32:28 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2004/05/16 16:01:40 | 000,000,000 | ---D | M] -- C:\Program Files\DK Interactive Learning
[2011/08/03 18:17:14 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2010/04/18 15:32:50 | 000,000,000 | ---D | M] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2010/04/18 15:36:18 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2010/05/16 21:33:00 | 000,000,000 | ---D | M] -- C:\Program Files\Free Extended Task Manager
[2010/06/16 13:37:08 | 000,000,000 | ---D | M] -- C:\Program Files\IOServer
[2010/06/19 21:42:42 | 000,000,000 | ---D | M] -- C:\Program Files\Sibelius Software
[2010/06/19 23:08:08 | 000,000,000 | ---D | M] -- C:\Program Files\Vuze
[2010/06/19 23:08:10 | 000,000,000 | ---D | M] -- C:\Program Files\Bing Bar Installer
[2010/06/19 23:09:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/06/19 23:10:46 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Toolbar
[2010/06/19 23:10:50 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2004/10/10 15:26:56 | 000,000,000 | ---D | M] -- C:\Program Files\Netscape
[2004/10/10 15:55:10 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2004/10/10 15:57:08 | 000,000,000 | ---D | M] -- C:\Program Files\Java Web Start
[2004/10/13 08:59:30 | 000,000,000 | ---D | M] -- C:\Program Files\Cisco Systems
[2011/09/14 00:18:08 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2004/11/29 14:56:08 | 000,000,000 | ---D | M] -- C:\Program Files\Visio
[2005/02/19 12:02:00 | 000,000,000 | ---D | M] -- C:\Program Files\MsnMusic
[2005/03/12 09:23:00 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2005/03/25 11:29:48 | 000,000,000 | ---D | M] -- C:\Program Files\STA-16 Test Program
[2005/04/21 13:01:18 | 000,000,000 | ---D | M] -- C:\Program Files\Tracker Software
[2005/06/18 10:33:50 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2005/06/26 13:59:54 | 000,000,000 | ---D | M] -- C:\Program Files\BigIdea
[2005/06/30 23:24:50 | 000,000,000 | ---D | M] -- C:\Program Files\Infogrames Interactive
[2005/07/01 10:20:00 | 000,000,000 | ---D | M] -- C:\Program Files\Activision Value
[2005/07/02 10:16:24 | 000,000,000 | ---D | M] -- C:\Program Files\Games
[2005/07/12 09:46:08 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2005/08/14 15:57:24 | 000,000,000 | ---D | M] -- C:\Program Files\Atari
[2005/09/01 14:28:14 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2005/10/10 16:57:52 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla.org
[2005/12/30 18:21:34 | 000,000,000 | ---D | M] -- C:\Program Files\THQ


< MD5 for: AGP440.SYS >
[2004/08/29 11:38:48 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009/03/31 16:45:46 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/29 11:38:48 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2009/03/31 16:45:46 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SYSTEM32\DRIVERS\agp440.sys
[2004/08/04 02:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2004/08/04 02:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\SYSTEM32\ReinstallBackups\0001\DriverFiles\i386\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2003/03/31 12:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004/08/29 11:38:48 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009/03/31 16:45:46 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/29 11:38:48 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2009/03/31 16:45:46 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SYSTEM32\DRIVERS\atapi.sys
[2004/08/04 01:59:42 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: DISK.SYS >
[2003/03/31 12:00:00 | 010,158,890 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:disk.sys
[2004/08/29 11:38:48 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2009/03/31 16:45:46 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2004/08/29 11:38:48 | 022,245,337 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:disk.sys
[2009/03/31 16:45:46 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/04 01:59:54 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 13:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 13:40:48 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SYSTEM32\DRIVERS\disk.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SYSTEM32\netlogon.dll
[2004/08/04 03:56:44 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-10-05 07:00:15

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/10/02 09:25:42 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/10/02 09:25:42 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/10/02 09:25:42 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/10/02 09:25:52 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/10/02 09:25:52 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/10/02 09:25:52 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/06/23 08:05:38 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/06/23 08:05:38 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/06/23 08:05:38 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Netscp.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Netscape\Netscape\uninstall\NSUninst.exe" /ua "7.2 (en)" /hs browser [2004/10/10 15:54:34 | 000,105,168 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Netscp.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Netscape\Netscape\Netscp.exe" -silent -nosplash -setDefaultBrowser [2004/08/04 16:41:00 | 000,526,224 | ---- | M] (Mozilla, Netscape)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Netscp.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Netscape\Netscape\uninstall\NSUninst.exe" /ua "7.2 (en)" /ss browser [2004/10/10 15:54:34 | 000,105,168 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Netscp.exe\shell\open\command\\: "C:\Program Files\Netscape\Netscape\Netscp.exe" [2004/08/04 16:41:00 | 000,526,224 | ---- | M] (Mozilla, Netscape)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/10/02 09:25:42 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/10/02 09:25:42 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/10/02 09:25:42 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/10/02 09:25:52 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/10/02 09:25:52 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/10/02 09:25:52 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/06/23 08:05:38 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/06/23 08:05:38 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/06/23 08:05:38 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Netscp.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Netscape\Netscape\uninstall\NSUninst.exe" /ua "7.2 (en)" /hs browser [2004/10/10 15:54:34 | 000,105,168 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Netscp.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Netscape\Netscape\Netscp.exe" -silent -nosplash -setDefaultBrowser [2004/08/04 16:41:00 | 000,526,224 | ---- | M] (Mozilla, Netscape)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Netscp.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Netscape\Netscape\uninstall\NSUninst.exe" /ua "7.2 (en)" /ss browser [2004/10/10 15:54:34 | 000,105,168 | ---- | M] ()
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Netscp.exe\shell\open\command\\: "C:\Program Files\Netscape\Netscape\Netscp.exe" [2004/08/04 16:41:00 | 000,526,224 | ---- | M] (Mozilla, Netscape)

< End of report >



Chic_Bowdrie

Newbie Surfer
Newbie Surfer

Posts : 18
Joined : 2009-09-26
Operating System : Windows XP Home

View user profile

Back to top Go down

Re: Avira finds virus or hidden virus or unwanted prog. Rescue CD?

Post by Chic_Bowdrie on Wed 12 Oct 2011, 11:18 pm

This is the OTL extras.txt, MBR, and SecurityCheck logs:

OTL Extras logfile created on: 10/11/2011 11:18:24 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Documents and Settings\jim\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: enu | Date Format: M/d/yyyy

767.02 Mb Total Physical Memory | 510.04 Mb Available Physical Memory | 66.50% Memory free
1.83 Gb Paging File | 1.30 Gb Available in Paging File | 71.14% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.26 Gb Total Space | 6.98 Gb Free Space | 18.72% Space Free | Partition Type: FAT32
Drive D: | 232.83 Gb Total Space | 192.03 Gb Free Space | 82.48% Space Free | Partition Type: FAT32
Drive E: | 178.20 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive G: | 232.88 Gb Total Space | 118.16 Gb Free Space | 50.74% Space Free | Partition Type: NTFS

Computer Name: JIMS8100 | User Name: jim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Disabled:TaskPanl -- (EarthLink, Inc.)
"C:\Program Files\Netscape\Netscape\Netscp.exe" = C:\Program Files\Netscape\Netscape\Netscp.exe:*:Disabled:Netscape -- (Mozilla, Netscape)
"C:\Program Files\LEGO Media\Constructive\LEGO LOCO\Exe\Loco.exe" = C:\Program Files\LEGO Media\Constructive\LEGO LOCO\Exe\Loco.exe:*:Disabled:LOCO Executable -- (LEGO Media International ltd.)
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze -- (Vuze Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00CD55D6-EE5A-4570-9875-8A306628C032}" = Cisco Systems VPN Client 4.7.00.0533
"{03E27B31-28C0-11D3-8F72-00C04F8DD7E3}" = Clip Art and Symbols
"{03E27B32-28C0-11D3-8F72-00C04F8DD7E3}" = Callouts and Connectors
"{03E27B33-28C0-11D3-8F72-00C04F8DD7E3}" = Borders and Backgrounds
"{06230E02-2B7E-11D2-92D0-0040051BD005}" = OLYMPUS CAMEDIA Master 2.5
"{06496B18-B97C-4370-AB74-E8A41027E78C}" = The Free HTML Editor
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08C5815C-2C6E-44f8-8748-0E61BC9AFB68}" = Symantec KB-DocID:2003093015493306
"{0959198E-9CB6-4BF2-905A-D275DDDED3DC}" = Petz 5
"{1248C09A-BD6B-47F5-BF3F-CD2B700D9FCB}" = ccCommon
"{12CB2DE0-55D8-11D5-8BA5-0050BAAA20E2}" = Indeo Codec
"{12E2B9E9-05B1-407d-B0FD-B5F350535125}" = Norton Internet Security
"{13B97BA0-1765-4EBA-8902-C6E30291F67B}" = Multimedia Card Reader
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F76ACFA-22FE-49F6-BC05-F4EC835F48CC}" = Norton GoBack 4.2
"{1FD0C5C1-B01B-4B4C-9607-E5D3B3D1318F}" = Microsoft IntelliPoint 4.1
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{26DC3A40-3ECC-11D3-A300-006008A88CA8}" = CAD Drawing Display
"{273E1BA0-0415-11D3-A2E3-006008A88CA8}" = Block Diagrams
"{279C4248-7769-45CA-A03F-E8339954C4F3}" = EarthLink Redistributed
"{2A011F38-2F3B-484F-9595-E8462430F0BF}" = ELNBonus
"{2B8697EA-453E-11D3-8CE1-00C04F72C04D}" = Help for Visio 2000 (HTML Help)
"{2DBB37E1-3B9A-11D3-A318-006008A88CA8}" = Project Schedules
"{2F72E05E-2371-4C05-9091-B643A9456267}" = EarthLink Setup
"{3146FF62-439A-11D3-B0BC-00C04FC2B1B9}" = Help_Technical
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B29A786-5803-4e9e-9B58-3014A5B4E519}" = Norton AntiSpam
"{3E01D0C8-D715-4F0D-9B89-8B98C2361674}" = i-LEARN My Dell PC
"{3FEC3A5B-60FF-4626-B425-08E09B121A15}" = LogMeIn
"{41275169-3008-11D3-A309-00C04FC2B1B9}" = Equipment Selector Help
"{4218F0E1-CBAF-4D68-B6FE-B3504770829F}" = AutoStreamer
"{449F3A9E-9903-4a0d-A209-08030D45A935}" = Norton Internet Security
"{48185814-A224-447a-81DA-71BD20580E1B}" = Norton Internet Security
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B0ED720-87D3-11D4-A188-0050DA2DDF19}" = Solution Center
"{51487A3E-7A7D-46D8-B7E5-7F85B57B8C2F}" = EarthLink Common
"{526AD5DC-CFC4-4f2a-8442-C84CC91D6C7F}" = Norton Internet Security
"{5430FF10-2B31-11D3-8F75-00C04F8DD7E3}" = Block Diagrams Help
"{5430FF11-2B31-11D3-8F75-00C04F8DD7E3}" = Flowcharts Help
"{5430FF12-2B31-11D3-8F75-00C04F8DD7E3}" = Forms and Charts Help
"{5430FF13-2B31-11D3-8F75-00C04F8DD7E3}" = Maps Help
"{5430FF14-2B31-11D3-8F75-00C04F8DD7E3}" = Network Diagrams Help
"{5430FF15-2B31-11D3-8F75-00C04F8DD7E3}" = Office Layout Help
"{5430FF16-2B31-11D3-8F75-00C04F8DD7E3}" = Organization Charts Help
"{5430FF17-2B31-11D3-8F75-00C04F8DD7E3}" = Project Schedules Help
"{5430FF21-2B31-11D3-8F75-00C04F8DD7E3}" = Program Files Help
"{5430FF22-2B31-11D3-8F75-00C04F8DD7E3}" = Shape Explorer Help
"{54DD126C-E5F5-404C-B4B7-66DF7FD4F2FF}" = MSSoap
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5677563D-0CB1-485f-9E18-C5025306BB3F}" = Norton AntiSpam
"{58F93AE6-2E4A-11D3-A309-00C04FC2B1B9}" = Annotations
"{5C474A83-A45F-470C-9AC8-2BD1C251BF9A}" = Skype™ 4.2
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{62329568-19B5-43CF-9524-3EE4DD709D01}" = EarthLink Toolbar
"{63EF6DD2-F1F1-11D2-9F29-006008A88EC8}" = Program Files
"{6A7867BA-B7CA-4CC9-ACAB-85BA46865EE5}" = Norton Utilities
"{6C11D561-620B-47DA-A693-4C597F3CDF40}" = EPSON Smart Panel
"{6C5D7191-140A-11D6-B5A0-0050DA208A93}" = ArcSoft PhotoImpression
"{706D5382-7381-4680-9DD0-161832578252}" = DellTouch
"{707D28BF-E145-4a9b-B97E-94FA586D05F3}" = Norton SystemWorks 2006 Basic Edition
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows Backup Utility
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77364F85-6219-4CB8-AAA0-6D53368D683D}" = Connection Keep Alive
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79500098-252F-47C3-B773-E6EFEBBD1D92}" = EarthLink Update Manager
"{79DFA170-1854-11D3-8F5D-00C04F8DD7E3}" = Custom Properties Editor
"{79DFA174-1854-11D3-8F5D-00C04F8DD7E3}" = Page Layout Wizard
"{79DFA176-1854-11D3-8F5D-00C04F8DD7E3}" = Property Reporting Wizard
"{79DFA177-1854-11D3-8F5D-00C04F8DD7E3}" = Save as HTML
"{79DFA179-1854-11D3-8F5D-00C04F8DD7E3}" = Database Wizard
"{79DFA17B-1854-11D3-8F5D-00C04F8DD7E3}" = Graphics Filters
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro Trial
"{7D3DB7D6-494B-11D3-9F62-006008A88EC8}" = Visio Core Files
"{7DD40F12-25DC-11D3-9F43-006008A88EC8}" = Visio
"{7F831576-6246-42C7-B523-55B3F96509CC}" = LogMeIn
"{82608142-51C2-11D3-B0C4-00C04FC2B1B9}" = CAD Drawing Converter Help
"{82A5BF38-8461-4A5C-B2C9-24F5256D92A6}" = Norton Protection Center
"{83d96ed0-98aa-4515-8ddc-816f3efdd104}" = ViviCam V35
"{868291A4-229E-4795-B0B0-E60E87AF53CD}" = Sibelius Scorch (ActiveX Only)
"{89C43B94-02D9-47CB-A338-8CEC0E70F638}" = EarthLink MailBox
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E6A7693-60C1-11d3-B386-0060089BB0A2}" = Visio Technical Core Files
"{900B1884-2D6F-4a70-A3C7-C3F4DA873FDB}" = NSW_DRM_COLLECTION
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91AA4B1F-B918-4e0b-A304-F8D4EC5D7726}" = Norton Internet Security
"{922859B1-4A9C-11D3-8662-00C04F8DBAD9}" = Release Notes Technical
"{933DA141-0EEB-11D3-A2EC-006008A88CA8}" = Organization Charts
"{933DA142-0EEB-11D3-A2EC-006008A88CA8}" = Forms and Charts
"{933DA144-0EEB-11D3-A2EC-006008A88CA8}" = Flowcharts
"{933DA145-0EEB-11D3-A2EC-006008A88CA8}" = Network Diagrams
"{933DA146-0EEB-11D3-A2EC-006008A88CA8}" = Maps
"{933DA147-0EEB-11D3-A2EC-006008A88CA8}" = Office Layout
"{97011082-5CC2-11D3-B0C6-00C04FC2B1B9}" = Equipment Selector Furniture Database
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3EABC0-CA06-11D4-BF77-00104B130C19}" = EPSON TWAIN 5
"{9A56D588-2F4A-11D3-A309-00C04FC2B1B9}" = Fluid Power Help
"{9A56D589-2F4A-11D3-A309-00C04FC2B1B9}" = Mechanical Engineering Help
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E23C48E-5483-4971-BA50-089F2FABCD66}" = Norton SystemWorks
"{9ED71778-0E56-4760-9FC6-2C29D75100C5}" = Radioshack USB-to-Serial Cable Driver Installer
"{A0ED0B30-54E3-11d3-9F6A-006008A88EC8}" = Microsoft Repository
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A398F2DC-D706-4bb2-AC38-5532CD229D08}" = CC_ccProxyMSI
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93C9E60-29B6-49da-BA21-F70AC6AADE20}" = Norton Internet Security
"{AA52B348-0683-49B3-BE24-8D042C7AC544}" = Deal Info
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{ACF2AD4B-9374-4B72-B79B-A743CD41F2A4}" = EarthLink TaskPanel
"{AD504087-2F2F-11D3-A309-00C04FC2B1B9}" = Facilities Management Help
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B2F6853E-33F9-11D3-A309-00C04FC2B1B9}" = Annotations Help
"{B406605B-45FE-4D8F-8250-1E77479583AE}" = Zoo Tycoon 2 - Marine Mania
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B69CC1A5-0404-11D6-ABCB-005004C21D30}" = EPSON Copy Utility
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{BAC869E2-3A0C-11D3-A315-006008A88CA8}" = Callouts and Connectors Help
"{BAC869E6-3A0C-11D3-A315-006008A88CA8}" = Clip Art and Symbols Help
"{BD5D417E-2E47-11D3-A309-00C04FC2B1B9}" = Custom Patterns
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2A5CE58-3A13-11D3-A315-006008A88CA8}" = Borders and Backgrounds Help
"{C463C109-F458-48FB-89CF-DDFC37F42D64}" = Attune 2.6.0
"{C5205EE1-2B3E-11D3-8F75-00C04F8DD7E3}" = Developing Visio Solutions Help
"{C5E69314-4354-11D3-B0BC-00C04FC2B1B9}" = Program Files Technical
"{C6F5B6CF-609C-428E-876F-CA83176C021B}" = Norton AntiVirus 2005
"{CA31120D-2101-484D-9FF1-195DE96FE346}" = Norton Cleanup
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE9FBB01-DF01-4E7B-8249-AA5890B0C882}" = PC VGA Camer@ Plus
"{CEC2A5B9-CE19-4F2E-9C8F-F310C0EAB993}" = ArcSoft Media Card Companion
"{D085A1B6-90A4-11D3-82B7-00C04FA309DE}" = Microsoft Money 2001
"{D1725BDB-BA2B-4503-A8CB-F5C835D743FA}" = MSRedist
"{D327AFC9-7BAA-473A-8319-6EB7A0D40138}" = Symantec Script Blocking Installer
"{D3AA6C82-2A7E-11D3-8F74-00C04F8DD7E3}" = Add-ons
"{D3AE96EE-2876-4B3F-847C-D3A4AD689E43}" = LogMeIn
"{D6414CC7-F215-467F-88B1-546ED863F35B}" = CC_ccStart
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{D9C3CDEB-BC7F-4CB3-BC92-719B365DF28E}" = EarthLink IM
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DBDB8C5A-E0B9-4C10-A649-59D962E3A07F}" = EarthLink Webspace
"{DBFA7530-0CBF-11D3-8CC0-00C04F72C04D}" = Microsoft Visio 2000
"{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}" = ccCommon
"{E21DA178-9FB0-4F91-B79C-5A6DDEEBFB8D}" = Bing Bar Platform
"{E44BD710-B71A-11d3-9F79-006008A88EC8}" = VBA
"{E47EE8FB-ACC0-4608-859C-4E2851B18A6A}" = Norton Internet Security
"{E5EE9939-259F-4DE2-8023-5C49E16A4F43}" = Norton Internet Security
"{E8814A8F-3B06-11D3-8CD7-00C04F72C04D}" = Microsoft Visual Studio Service Pack 3
"{EAB076E0-275E-11D3-A308-00C04FC2B1B9}" = Building Architecture
"{EAB076E1-275E-11D3-A308-00C04FC2B1B9}" = Building Services
"{EAB076E2-275E-11D3-A308-00C04FC2B1B9}" = Process Engineering
"{EAB076E3-275E-11D3-A308-00C04FC2B1B9}" = Facilities Management
"{EAB076E4-275E-11D3-A308-00C04FC2B1B9}" = Fluid Power
"{EAB076E5-275E-11D3-A308-00C04FC2B1B9}" = Electrical Engineering
"{EAB076E6-275E-11D3-A308-00C04FC2B1B9}" = Mechanical Engineering
"{EAB076E8-275E-11D3-A308-00C04FC2B1B9}" = CAD Drawing Converter
"{EAB076E9-275E-11D3-A308-00C04FC2B1B9}" = Foundation technical
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{EBD4A741-4CAA-4B65-BAAC-4962F4C3AF7B}" = KEPServerEX 5
"{EFCE5837-FC21-11D6-9D24-00010240CE95}" = Java 2 Runtime Environment, SE v1.4.1_02
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1591AE0-27F2-11D3-A308-00C04FC2B1B9}" = Equipment Selector
"{F20D354B-2FFB-11D3-A309-00C04FC2B1B9}" = Process Engineering Help
"{F20D354D-2FFB-11D3-A309-00C04FC2B1B9}" = Electrical Engineering Help
"{F20D354E-2FFB-11D3-A309-00C04FC2B1B9}" = Building Architecture Help
"{F20D354F-2FFB-11D3-A309-00C04FC2B1B9}" = Building Services Help
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4455372-251E-11D3-8F71-00C04F8DD7E3}" = Solutions
"{F91E1833-2D7C-4725-B98A-C779FEC41946}" = EarthLink MDAC
"{FC2C0536-583C-46c0-844A-62CECAE01F22}" = Norton Internet Security
"{FC37ABD0-2108-4beb-B010-1254E0662B5A}" = MSRedist
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"3DGroove" = 3D Groove Playback Engine
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Advanced SystemCare 4_is1" = Advanced SystemCare 4
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.11 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"Candy Land" =
"Cartogra Assistant" = Cartogra Assistant
"CCleaner" = CCleaner
"CheckIt Diagnostics" = CheckIt Diagnostics
"Dell Printer Software Uninstall" = Dell Printer Software Uninstall
"EarthLink TotalAccess 2004" = EarthLink Software
"EPSON Photo Print" = EPSON Photo Print
"Free Extended Task Manager" = Free Extended Task Manager
"Google Chrome Frame" = Google Chrome Frame
"HijackThis" = HijackThis 2.0.2
"HP DeskJet 950C Series" = HP DeskJet 950C Series (Remove only)
"HP Mini Home Office Kit" = HP Mini Home Office Kit
"HP PhotoSmart Photo Printing Software" = HP PhotoSmart Photo Printing Software
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Image Expert 3.2" = Image Expert 2000 v3.2
"ImagesBrowser" = ImagesBrowser
"InfraRecorder" = InfraRecorder
"InstallShield_{13B97BA0-1765-4EBA-8902-C6E30291F67B}" = Multimedia Card Reader
"InstallShield_{B406605B-45FE-4D8F-8250-1E77479583AE}" = Zoo Tycoon 2 - Marine Mania
"InstallShield_{CE9FBB01-DF01-4E7B-8249-AA5890B0C882}" = PC VGA Camer@ Plus
"IObit Malware Fighter_is1" = IObit Malware Fighter
"Java Web Start" = Java Web Start
"LEGO LOCO" = LEGO LOCO
"LiveReg" = LiveReg (Symantec Corporation)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32
"MiaMath" = MiaMath
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Office Live Meeting" = Microsoft Office Live Meeting
"Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Music Assistant" = MSN Music Assistant
"Musicnotes Player_is1" = Musicnotes Player V1.22.3
"Netscape (7.2)" = Netscape (7.2)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Display Driver" = NVIDIA Display Driver
"PDF-XChange 3 Pro_is1" = PDF-XChange 3.0 Pro
"PhoTagsExpress" = PhoTags Express
"QuickTime32" = QuickTime for Windows (32-bit)
"RSX2DeinstKey" = Intel RSX 3D
"Shockwave" = Shockwave
"Silent Package Run-Time Sample" = EPSON Scanner Reference Guide
"Sound Blaster Live! Value" = Sound Blaster Live! Value
"ST6UNST #1" = STA-16 Test Program
"SymSetup.{707D28BF-E145-4a9b-B97E-94FA586D05F3}" = Norton SystemWorks 2006 Basic Edition (Symantec Corporation)
"TaxACT 2007" = TaxACT 2007
"TaxACT 2008" = TaxACT 2008
"TaxACT 2008 Pennsylvania" = TaxACT 2008 Pennsylvania
"TaxACT Pennsylvania 2007" = TaxACT Pennsylvania 2007
"Tweak UI 2.10" = Tweak UI
"UnityWebPlayer" = Unity Web Player
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.8
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"YTdetect" = Yahoo! Detect
"Zoo Tycoon 1.0" = Zoo Tycoon: Complete Collection

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"FileZilla Client" = FileZilla Client 3.2.1
"GoToMeeting" = GoToMeeting 4.5.0.457

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/13/2011 11:52:47 PM | Computer Name = JIMS8100 | Source = Application Error | ID = 1000
Description = Faulting application netscp.exe, version 7.2.0.0, faulting module
npswf32.dll, version 10.3.183.7, fault address 0x00397371.

Error - 9/14/2011 12:02:35 AM | Computer Name = JIMS8100 | Source = Application Error | ID = 1000
Description = Faulting application netscp.exe, version 7.2.0.0, faulting module
npswf32.dll, version 10.3.183.7, fault address 0x00107f56.

Error - 9/14/2011 12:11:21 AM | Computer Name = JIMS8100 | Source = Application Error | ID = 1000
Description = Faulting application netscp.exe, version 7.2.0.0, faulting module
gklayout.dll, version 1.7.20040.14879, fault address 0x00019697.

Error - 9/25/2011 8:41:54 PM | Computer Name = JIMS8100 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 9/25/2011 8:41:54 PM | Computer Name = JIMS8100 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 9/25/2011 8:41:54 PM | Computer Name = JIMS8100 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 9/25/2011 8:42:00 PM | Computer Name = JIMS8100 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 9/25/2011 8:42:00 PM | Computer Name = JIMS8100 | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at:
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 10/2/2011 8:52:54 PM | Computer Name = JIMS8100 | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 10/6/2011 10:27:33 PM | Computer Name = JIMS8100 | Source = EvntAgnt | ID = 3005
Description = Error positioning to end of log file -- seek to end of log failed.
Handle
specified is 620496. Return code from ReadEventLog is 1500.

[ System Events ]
Error - 10/4/2011 10:26:58 AM | Computer Name = JIMS8100 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/4/2011 10:26:58 AM | Computer Name = JIMS8100 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/4/2011 10:26:59 AM | Computer Name = JIMS8100 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/4/2011 10:26:59 AM | Computer Name = JIMS8100 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/4/2011 10:26:59 AM | Computer Name = JIMS8100 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/4/2011 10:26:59 AM | Computer Name = JIMS8100 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/4/2011 10:26:59 AM | Computer Name = JIMS8100 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/4/2011 10:26:59 AM | Computer Name = JIMS8100 | Source = Service Control Manager | ID = 7023
Description = The Application Management service terminated with the following error:
%%126

Error - 10/4/2011 10:31:29 AM | Computer Name = JIMS8100 | Source = ParVdm | ID = 458754
Description = Unable to get device object pointer for port object.

Error - 10/4/2011 10:32:19 AM | Computer Name = JIMS8100 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd


< End of report >

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-12 07:45:38
-----------------------------
07:45:38.324 OS Version: Windows 5.1.2600 Service Pack 3
07:45:38.324 Number of processors: 1 586 0x7
07:45:38.324 ComputerName: JIMS8100 UserName: jim
07:45:39.456 Initialize success
07:48:27.838 AVAST engine defs: 11101200
07:51:08.890 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
07:51:08.900 Disk 0 Vendor: Size: 38166MB BusType: 0
07:51:08.900 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-17
07:51:08.900 Disk 1 Vendor: IOMEGA_ZIP_250 41.S Size: 38166MB BusType: 2
07:51:10.952 Disk 0 MBR read successfully
07:51:10.962 Disk 0 MBR scan
07:51:11.043 Disk 0 unknown MBR code
07:51:11.053 Disk 0 MBR hidden
07:51:11.093 Disk 0 scanning sectors +78156225
07:51:11.143 Disk 0 scanning C:\WINDOWS\system32\drivers
07:51:11.143 Service scanning
07:51:14.628 Modules scanning
07:51:15.169 Disk 0 trace - called modules:
07:51:15.209 ntoskrnl.exe GoBack2K.sys CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
07:51:15.219 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x83b59ab8]
07:51:15.219 3 CLASSPNP.SYS[f766ffd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x83ba9700]
07:51:15.749 AVAST engine scan C:\WINDOWS
07:51:15.789 AVAST engine scan C:\WINDOWS\system32
07:51:15.819 AVAST engine scan C:\WINDOWS\system32\drivers
07:51:15.850 AVAST engine scan C:\Documents and Settings\jim
07:51:15.890 AVAST engine scan C:\Documents and Settings\All Users
07:51:15.890 Scan finished successfully
07:52:10.658 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\jim\Desktop\MBR.dat"
07:52:10.688 The log file has been saved successfully to "C:\Documents and Settings\jim\Desktop\aswMBR.txt"

Results of screen317's Security Check version 0.99.24
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
Avira Free Antivirus
Norton AntiVirus 2005
Norton Internet Security
Avira successfully updated!
```````````````````````````````
Anti-malware/Other Utilities Check:

HijackThis 2.0.2
CCleaner
Java Web Start
Java(TM) 6 Update 20
Java(TM) 6 Update 2
Java 2 Runtime Environment, SE v1.4.1_02
Out of date Java installed!
Adobe Flash Player ( 10.3.183.10) Flash Player Out of Date!
Adobe Reader X (10.1.1)
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Avira Antivir avgnt.exe
Avira Antivir avguard.exe
IObit IObit Malware Fighter IMFsrv.exe
``````````End of Log````````````

Chic_Bowdrie

Newbie Surfer
Newbie Surfer

Posts : 18
Joined : 2009-09-26
Operating System : Windows XP Home

View user profile

Back to top Go down

Re: Avira finds virus or hidden virus or unwanted prog. Rescue CD?

Post by Gabethebabe on Thu 13 Oct 2011, 6:15 pm

Hi, this is another computer, right?

I don´t see anything wrong here. That redirect was only observed on the website you state or does it happen more frequently?

Maybe it is just some website script that redirected you and not an infection on your computer.

Gabethebabe

Tech Advisor
Tech Advisor

Posts : 1568
Joined : 2010-03-07
Operating System : WIN7 64bit, Ubuntu 12.04 LTS

View user profile

Back to top Go down

Re: Avira finds virus or hidden virus or unwanted prog. Rescue CD?

Post by Chic_Bowdrie on Thu 13 Oct 2011, 10:22 pm

Yes, this is my desktop which is older than me in dog years. The redirect was the first time it ever happened. It could have been a coincidence that Avira detected something because I did the scan immediately after the redirect. Whatever the scan thought if found, could have been there before the redirect.

My computer has always run slow no matter how I try to maintain it. Based on your analysis, I can at least rule out an infection.

Gabethebabe, you're the man and you can close this thread unless you have another suggestion.

Chic_Bowdrie

Newbie Surfer
Newbie Surfer

Posts : 18
Joined : 2009-09-26
Operating System : Windows XP Home

View user profile

Back to top Go down

Re: Avira finds virus or hidden virus or unwanted prog. Rescue CD?

Post by Sponsored content Today at 7:53 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum